...
Create a Long-Term Retention and Access Policy
NMFS policy directive 32-110 specifies
Electronic audit trails must provide a chain of custody for the secure electronic transaction that can be used to ensure the integrity of the document. The audit trail information may be needed for audits, disputes, or court cases many years after the transaction itself took place and long-term retention of not only the signed document but the accompanying audit trail should be addressed (See Sub-section 6 below).... As a general rule when the risk associated with a transaction increases the number of components tracked as part of the audit trail should increase.... The original
document along with it audit trail should not be deleted from the agency's records.... Additional information on audit trails can be found in the NARA guidelines for records management with regard to implementing electronic signatures Records Management Guidance for Agencies Implementing Electronic Signature Technologies.
Retention and access policies already exist for this logbook data . under NOAA file series 1505-11, Catch Statistics Files. Electronic data submission does add audit trail data to the mix. The existing retention and access policies will be revised to accommodate electronic submission audit trail data and protect that data from delete or update access.
Periodic Review and Re-Evaluation of the Electronic Signature Process
...