The interactive hub of the information world

IRMS Third Sector Group


The Third Sector Group supports those working in the Charity, not-for-profit Third Sector who have responsibility for managing information – whatever their role, experience or specialism.

The Group was started by Gary Shipsey. Gary’s experience in local government taught him how important records management was…and how difficult it can be to deliver in practice.

Gary was being asked by charities, time and again, the age-old question: “How long should I keep this?” For a Third Sector increasingly looking to deliver public services; use their donor data for the maximum benefit and respond to growing scrutiny, this question has grown in significance…and the answers were not easily accessible.

The Group therefore aims to create and then maintain a “Third Sector Retention Toolkit” – providing guidance and practical solutions to common issues as well as a retention schedule for the common record types held by charities.

The Group’s ultimate aim is to:

Further improve governance and efficiency in the Third Sector using records management practice – so that information supports charities in delivering for the causes they champion and individuals they support.

The Group will seek to deliver this through the Toolkit; Group meetings; the building of relationships between charities and other opportunities to exchange issues and ideas.

The Group meets quarterly in various locations in the UK.

Third Sector Group Officers:


Gary Shipsey 







Gary Shipsey

Gary is co-founder and Managing Director of Protecture.

Gary is approaching 10 years of practical experience turning information law into practice through a variety of information management roles in local government and at the Audit Commission.

Starting in 2004 as a Scanning Officer, Gary rose through the ranks – starting with implementing policy, procedures and training to deliver compliance with the Freedom of Information Act, swiftly grappling with Data Protection, confidentiality and privacy, then picking up information security, breach management and finally information risk management along the way. Records Management has played a key role throughout. 

On leaving North Somerset Council Gary managed the Information Governance Team, responsible for all aspects of FoI, DPA, EIR, Records Management and information security. At the Audit Commission Gary led the introduction of Privacy Impact Assessments and the Commission’s implementation of the Government’s Minimum Mandatory Measures.

Gary holds the BCS Practitioner Certification in the Data Protection Act, Information Risk Management and Freedom of Information Act, and has passed the ISACA CRISC (Certified in Risk and Information System Control) exam.

Gary is also an experienced trainer, delivering everything from brief refresher sessions to the week-long BCS Practitioner Certification syllabus, to front line staff in local government, schools and charities through to senior management and Councillors.




If you have any comments about the site, please contact the eOfficer via the contact form or by email; This email address is being protected from spambots. You need JavaScript enabled to view it..