General Retention Guideline
2.1 Policy and Procedures
5 years after superseded
Note: In the absence of specific retention guidance and unless specified otherwise, the five-year retention period for policy and procedures and the two-year period for routine records should be applied to similar records related to each sub-function listed in the tables below.
Retention periods should always be interpreted and applied "after all administrative actions are completed", i.e., 2 years after all administrative actions are completed.
Any activities or sub-functions that fall outside the General Retention Guideline for policy and procedures, and routine will be identified in the tables below.
Caution: For purposes of maintaining an audit trail of transactions in accordance with the Policy on Electronic Authorization and Authentication and the Policy on Internal Audit, it may be prudent to retain those records for a standard period of time; that is, 6 fiscal years for all financial transaction records. Each institution should carefully consider their practices and decide which records should be kept for the 6 year period.
TBS 1996 "Policy on Electronic Authorization and Authentication" www.tbs-sct.gc.ca/pol/doc-eng.aspx?id=12206
states that the "electronic authorization and authentication system and processes should be designed to ensure complete auditability. The audit trail should include data and files required to reconstruct the sequence of events and transactions processed"
TBS "Policy on Internal Audit" - July 1, 2009 http://publiservice.tbs-sct.gc.ca/pol/doc-eng.aspx?id=16484§ion=text#cha1
states that "Deputy heads of all departments are responsible for ensuring that the audit committee receives all of the information and documentation needed or requested to fulfil its responsibilities, subject to applicable legislation"