Template
Responsibility Record
The Responsibility Record is a template for documenting who owns, maintains, reviews, supports, or approves important organizational records, vendors, accounts, services, processes, and decisions.
Small organizations often rely on informal responsibility. One person may know who manages the website, another may know who handles billing, and another may know who can approve a vendor change. That knowledge can be useful, but it becomes fragile when roles change, people leave, someone is unavailable, or a disruption happens.
This template helps make responsibility clearer.
It is not designed to assign blame. It is designed to support clarity.
Purpose
The purpose of this template is to help an organization understand:
- who owns an important area of work
- who maintains a record, vendor, account, service, or process
- who can explain the current state
- who should review the record
- who can provide backup coverage
- who has decision authority
- what responsibilities are unclear, shared, or unassigned
The template helps turn informal knowledge into practical documentation.
Who this template is for
This template is designed for:
- small businesses
- nonprofits
- founder-led organizations
- community projects
- small teams
- independent maintainers
- early-stage organizations
- organizations without formal operations staff
Larger organizations may adapt it, but they may need more formal role descriptions, management processes, governance documents, compliance controls, or professional support.
Recommended use
Use this template to document responsibility for areas such as:
- domain name
- website hosting
- payment processor
- email provider
- vendor inventory
- access reference register
- continuity notes
- incident timeline notes
- documentation review routine
- support inbox
- accounting software
- insurance renewal
- public website
- shared storage
- contractor relationship
- board records
- publication process
Start with the areas that would create the most confusion if no one knew who owned them.
Template fields
The Responsibility Record may include the following fields.
Item or area
Record what the responsibility applies to.
Examples:
- Primary domain name
- Website hosting
- Payment processor
- Vendor inventory
- Access reference register
- Continuity notes
- Support inbox
- Insurance renewal
- Documentation review routine
The item should be specific enough to understand.
Responsibility category
Record the type of responsibility.
Examples:
- Account ownership
- Vendor relationship
- Record maintenance
- Billing awareness
- Review owner
- Continuity owner
- Incident follow-up
- Approval owner
- Backup owner
- External provider
Categories make the record easier to review.
Primary owner
Record the person, role, team, or provider primarily responsible.
Examples:
- Founder
- Operations lead
- Finance owner
- Website maintainer
- Board treasurer
- External accountant
- IT support provider
- Documentation maintainer
Where possible, include both a role and a current person.
Backup owner
Record who can help if the primary owner is unavailable.
Examples:
- Founder
- Operations backup
- Second administrator
- Board secretary
- Finance owner
- External provider
- Co-maintainer
Not every responsibility needs a backup owner, but critical responsibilities usually should.
Decision authority
Record who can approve major decisions about the item.
Examples:
- Founder approval required.
- Finance owner may approve renewals.
- Board approval required.
- Operations lead may update the record.
- External provider may recommend changes but cannot approve them.
- Unknown.
Decision authority is not always the same as maintenance responsibility.
Maintenance responsibility
Describe what the owner is expected to maintain or review.
Examples:
- Keep vendor record current.
- Confirm renewal status before annual billing.
- Review access reference quarterly.
- Update continuity notes after role changes.
- Save receipts in the approved folder.
- Open vendor support tickets if needed.
- Confirm backup owner remains current.
Keep this practical and short.
Related records
Record related documentation.
Examples:
- Vendor and Service Inventory
- Access Reference Register
- Continuity Notes
- Incident Timeline Notes
- Documentation Review Log
- Contract folder
- Billing folder
Use safe references only.
Review frequency
Record how often this responsibility should be reviewed.
Examples:
- Monthly
- Quarterly
- Twice per year
- Annually
- Before renewal
- After role changes
- After incidents
- As needed
Last reviewed
Record the date the responsibility record was last checked.
Status
Record the current status.
Suggested values:
- Active
- Needs review
- Unassigned
- Shared
- External provider managed
- Archived
- Unknown
“Unassigned” and “Unknown” are useful because they reveal gaps.
Notes
Use notes for neutral, non-sensitive context.
Examples:
- Backup owner should be added before renewal.
- Responsibility changed after website migration.
- External accountant receives notices but does not approve payments.
- Review after board election.
- Ownership currently depends heavily on the founder.
Do not use notes for passwords, API keys, recovery codes, private keys, payment details, confidential evidence, or sensitive personal information.
Minimum version
A small organization can begin with these fields:
| Field | Purpose |
|---|---|
| Item or area | What the responsibility applies to |
| Primary owner | Who is responsible |
| Backup owner | Who can help if unavailable |
| Responsibility | What should be maintained or reviewed |
| Related record | Where supporting documentation lives |
| Last reviewed | Date last checked |
| Status | Active, needs review, unassigned, shared, or unknown |
This minimum version can create useful clarity quickly.
Example entry
| Field | Example |
|---|---|
| Item or area | Primary domain name |
| Category | Account ownership |
| Primary owner | Website maintainer |
| Backup owner | Founder |
| Decision authority | Founder approval required for domain transfer |
| Maintenance responsibility | Confirm renewal status, registrar record, and access reference |
| Related records | Vendor inventory, access reference, continuity notes |
| Review frequency | Quarterly |
| Last reviewed | 2026-07-08 |
| Status | Active |
Responsibility levels
Organizations may choose to mark responsibilities by importance.
Critical
Critical responsibilities affect core operations, revenue, access, communications, legal administration, records, or continuity.
Examples:
- domain ownership
- email administration
- payment processor ownership
- banking or finance administration
- payroll
- legal notices
- primary documentation records
Critical responsibilities should usually have a primary owner, backup owner, access reference, and review routine.
Important
Important responsibilities support meaningful operations but may not immediately stop the organization if neglected.
Examples:
- accounting software
- analytics tools
- vendor review
- insurance renewal tracking
- customer support tools
- public website content
Important responsibilities should still be reviewed.
Routine
Routine responsibilities support normal operations and may be reviewed less frequently.
Examples:
- updating archived vendor records
- maintaining optional tool notes
- reviewing old template versions
- maintaining internal reference pages
Routine does not mean unnecessary. It means less urgent.
Unknown
Unknown means the organization is not sure who owns the responsibility or how important it is.
Unknown should be treated as a review signal.
When to update this template
Update the Responsibility Record when:
- a new vendor or service is added
- a person changes roles
- someone leaves the organization
- a backup owner changes
- decision authority changes
- a service becomes more important
- an incident reveals unclear ownership
- billing ownership changes
- a record is archived
- a scheduled review occurs
Role changes are especially important.
Shared responsibilities
Some responsibilities are shared. Shared responsibility can work, but it should be specific.
Instead of writing:
Everyone handles this.
Write something clearer:
Operations lead maintains the record. Finance owner reviews billing fields. Founder approves vendor changes.
Clear shared responsibility is better than vague shared responsibility.
Unassigned responsibilities
An unassigned responsibility is useful information. It identifies a gap.
Examples:
- No backup owner for domain registrar.
- No review owner for access references.
- No one knows who receives renewal notices.
- Incident follow-up has no assigned owner.
- Vendor inventory exists but no one maintains it.
The goal is to make the gap visible so it can be reviewed.
Ownership versus access
A person can own responsibility without directly holding every credential.
For example:
- The finance owner may own the payment processor relationship.
- The password manager may store credentials.
- The founder may approve major changes.
- The accountant may receive reports but not have full admin access.
Use access references to document where access is managed. Do not put credentials in the Responsibility Record.
Ownership versus authority
A person may maintain a record without having authority to make major decisions.
Examples:
- A website maintainer may update hosting records but may not transfer the domain.
- A bookkeeper may maintain accounting records but may not approve new bank accounts.
- A contractor may manage a tool but may not authorize billing changes.
- A board officer may approve decisions while another person maintains records.
If authority matters, document it clearly.
What not to include
Do not include:
- passwords
- API keys
- MFA recovery codes
- private keys
- seed phrases
- payment card numbers
- bank login details
- confidential contracts
- sensitive customer records
- regulated data
- sensitive incident evidence
- unnecessary personal information
Use safe references to approved storage locations instead.
Suggested first pass
A useful first pass may look like this:
- List the organization’s most important vendors, accounts, records, and processes.
- Add a primary owner for each one.
- Mark anything unknown or unassigned.
- Add backup owners for critical items.
- Add related records.
- Add a review date.
- Review again after role changes or incidents.
The goal is not perfection. The goal is to make ownership clearer.
Related standard
This template supports the Responsibility Records standard.
It also connects to:
- Vendor Inventory
- Access References
- Continuity Notes
- Incident Timeline
- Review Routines
License
This template is intended to be provided as a free public resource.
Unless otherwise stated on the project license page, the standards and templates are made available for use, adaptation, and sharing under the project’s open content license.
The project name, logo, and official identity are not included in the template license.
Download template
This template is provided as a free public resource. Review the guidance on this page before using it, especially the notes about sensitive information.
Download Responsibility Record