BIG DATA | BUSINESS INTELLIGENCE | DATA INTEGRATION | DATA MGMT | DATA MODELING | DATA QUALITY | FINANCIAL SERVICES | GOVERNANCE, RISK & COMPLIANCE | HEALTH CARE
By Michael Miller
FEB 15, 2012 8:17am ET

Related Links

Oracle to Buy Social SaaS Provider Vitrue
May 24, 2012
Obama: Better Federal Data Quality, Availability within Year
May 23, 2012
Bloomberg Launches Data Management Service with PolarLake Buy
May 23, 2012

Web Seminars

Treating Big Data Performance Woes with the Data Replication Cure
Available On Demand
The Role of Data Virtualization in a World of Big Data
June 6, 2012
Data Integration Styles: Choosing an Approach to Match Your Requirements
June 13, 2012
feature

Five Policy Considerations for Successful Records Management in SharePoint 2010

Print
Reprints
Email

The funny thing about the essential policy decisions to successfully implement a records management program is that none is directly dependent on the technologies supplied in SharePoint 2010 (such as the records repository or managed metadata). The essential policy decisions that underlie a solid records and information management (RIM) program are technology independent.  Before launching into the decisions themselves, here are five level-setting concepts for those of you who may not be familiar with records management.

First of all, what is records management? One SharePoint manual offers this definition:

Records management is the practice of organizing and maintaining documents within an organization based on a series of predetermined rules. These rules control things such as where files are stored, how long they should be retained, how they should be disposed of, and who is responsible for the files.

RIM professionals take a different, much broader perspective. The International Standards Organization defines records management as a “field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use and disposition of records, including processes for capturing and maintaining evidence of and information about business activities and transactions in the form of records.”

Upon reflection, it is easy to see the SharePoint perspective as a way to implement the ISO definition in an electronic environment. This article will focus on RIM policy decisions derived from the ISO definition.

Second, RIM professionals take a holistic, enterprise-wide approach to records and information management. They contend that to manage records well, all content maintained in all media and formats should be managed using records management principles. For RIM professionals, records and all other information assets should be:

  • Managed from a life cycle perspective. They are created or received, used to conduct business, stored for a time determined by internal and/or external business needs, and finally destroyed/deleted or offered to an archival institution for long-term preservation.
  • Retained as long as necessary to meet business requirements and no longer.
  • Available, discoverable, shareable, interoperable and exploitable across and beyond the enterprise consistent with access requirements.

Third, the ISO records management standard specifies that information assets should have four characteristics in order to serve as records:

Authenticity: A record can be demonstrated to be what it purports to be.
Reliability: A record can be trusted to be a full and accurate representation of the transaction it documents.
Integrity: A record is complete and unchanged.
Usability: A record can be located, retrieved, presented and interpreted over the entire life of the record.

A recordkeeping system must have the controls necessary to demonstrate that the records it manages have these characteristics.

Fourth, the management of records should be linked to strategic business outcomes. But what are they and what specific problems does the organization face that SP2010 and its RIM capabilities are supposed to solve? Is the organization worried about litigation costs, compliance vulnerabilities, inability to locate information, too much information but not the right information, or something entirely different? This is a context question that will frame answers to the RIM policy questions.

Finally, establishing a RIM program and implementing it within SP2010 involves significant effort – and not just for the organization’s records manager. Answers to the RIM policy questions will affect the entire organization – business areas, IT staff, legal counsel, risk managers, computer security and access professionals, knowledge managers and other information/digital curation specialists, and employees generally. They are all stakeholders in RIM decision-making. Now on to the five major decisions.

Decision 1: What needs to be filed as part of the organization’s corporate files?

This is different than asking what is a record, and it is easier for people to answer. The question is what needs to be preserved in the corporate file using SharePoint’s records management capabilities for classification, retention and storage. The question encompasses more than traditional documents – it includes blogs, wikis, personal sites and the other forms of social networking.

But what about the content that won’t be captured as corporate records? It needs to be managed as well. For example, if the content in an engineer’s blog is not needed to document how the engineering solution was developed, is it then deleted at the end of the project? Or should it be retained because the ideas found there may be useful in solving another engineering problem? If the blogs are used in ways that document business activity then they will need to be managed as records. In either case, it is a basic RIM tenet that all content be managed in a lifecycle fashion. The only difference is that the organization needs to be able to demonstrate the authenticity, reliability, integrity and usability of their corporate records. Because this will require extra effort and expense, the identification of what needs to be treated as a corporate record is an important decision.

Decision 2: When should a document be declared to be a record?

One school of thought, popular in the federal sector, is that a document becomes a record when a person hits print, send or save and should be declared to be a record at that point. Others hold that only certain documents need to be declared records because only certain ones are necessary to document business activity and those should be declared only when in their final form. Moreover, some would claim that whether a document should be declared a record is not evident at the time of creation.

SP2010 has the capability to structure sites to support any of these choices. To make that decision, organizations must decide what they fear more – having more documentation than is actually required, or not having documentation that would prove useful if it had been retained. Early declaration will likely result in more records, later declaration will likely result in fewer. The question is critical because once a document has been declared to be a record, it will need to be managed as one, metadata will need to be added, and additional controls imposed.

Decision 3: How will the records (and other content) on a site be managed?

Filed under:
Data Architecture
Enterprise Information Management
Data Management
Data Quality
Data Integration

Advertisement

Most Read
Most Emailed

Slide Shows

5 Causes of Information Management Immaturity

Today on DM Radio: Why High Performance Databases Matter

Twitter
Facebook
LinkedIn

Analytics

Business Intelligence

Customer Experience

Open Source

Predictive Analytics

Data Governance

Data Integration

Data Management

Login  |  My Account  |  White Papers  |  Web Seminars  |  Events |  Newsletters |  eBooks
FOLLOW US
Please note you must now log in with your email address and password.