Step Two: Identify the Types of Records that Must be Retained
This will vary by industry. If you are a regulated industry, like ABC Corp., regulations lay out for you that certain records must be kept for at least 10 years. In ABCs case, this included financial records, documents about how they acquire and respond to customers, and how they determine pricing. These documents were moved to the Safe Harbor folder. For ABC Corp.s nonregulated records, determining which records must be retained and for how long was more difficult, because it required an examination of how the company does business and what information is essential to running the business.
Step Three: Appoint Records Coordinators Throughout the Company
The actual implementation of the IM policy is carried out by records coordinators at the business unit and department level. ABC Corp. currently has about 150 records coordinators, which works out to one coordinator for every 22 employees. The CIO stressed that department heads, not he or his staff, are the final arbiters on what to keep and what to delete because department heads, not the IT department, know what information is important to keep in their area of expertise. However, to prevent department heads from being overly accommodating in deciding what to keep, the CIOs team conducts periodic audits.
Step Four: Institute a Strict Email Retention Policy
At ABC Corp., the email policy is that any email not moved to the Safe Harbor folder within 90 days of its creation or receipt will be automatically deleted. No exceptions. This policy is also subject to audit. The CIO believes this may have been the hardest part of implementing the companys IM policy, because many people are conditioned to treat their email as a to-do list. That is, they are being managed by their email instead of managing it. However, he found that it is quite possible for a large, national company to run very well under this policy. No essential information was lost, no projects were imperiled.