Introduction to Successful Records Management Implementation in Alfresco 3

Exclusive offer: get 50% off this eBook here
Alfresco 3 Records Management

Alfresco 3 Records Management — Save 50%

Comply with regulations and secure your organization’s records with Alfresco Records Management.

$38.99    $19.50
by Dick Weisinger | January 2011 | Open Source

A successful Records Management program depends on the right implementation, and to get it right often requires extensive planning and preparation. For Records Management, culture, people, and processes are just as important components to the mix as is the software.

This article, by Dick Weisinger, author of Alfresco 3 Records Management, lays the groundwork that is needed prior to getting started with the records system implementation. Before we can begin implementation, we need to have an excellent understanding of the records that currently exist in the organization. To get that understanding, we need to make an investigation of our organization to determine what records we are handling and what process and policies are in place for handling them.

 

Alfresco 3 Records Management

Alfresco 3 Records Management

Comply with regulations and secure your organization’s records with Alfresco Records Management.

  • Successfully implement your records program using Alfresco Records Management, fully certified for DoD-5015.2 compliance
  • The first and only book to focus exclusively on Alfresco Records Management
  • Step-by-step instructions describe how to identify records, organize records, and manage records to comply with regulatory requirements
  • Learn in detail about the software internals to get a jump-start on performing customizations
        Read more about this book      

(For more resources on this subject, see here.)

A preliminary investigation will also give us good information about the types of records we have and roughly how many records we're talking about. We'll also dig deeper into the area of Authority Documents and we'll determine exactly what our obligations are as an organization in complying with them.

The data that we collect in the preliminary investigation will provide the basis for us to make a Business Case that we can present to the executives in the organization. It will outline the benefits and advantages of implementing a records system. We also will need to put in place and communicate organization-wide a formal policy that explains concisely the goals of the records program and what it means to the organization.

The information covered in this article is important and easily overlooked when starting a Records Management program. We will discuss:

  • The Preliminary Investigation
  • Authority Documents
  • The Steering Committee and Roles in the Records Management Program
  • Making the Business Case for Records Management
  • Project Management

Best practices and standards

In this article, we will focus on discussing Records Management best practices. Best practices are the processes, methods, and activities that, when applied correctly, can achieve the most repeatable, effective, and efficient results. While an important function of standards is to ensure consistency and interoperability, standards also often provide a good source of information for how to achieve best practice.

Much of our discussion here draws heavily on the methodology described in the DIRKS and ISO-15489 standards that describe Records Management best practices. Before getting into a description of best practices though, let's look and see how these two particular standards have come into being and how they relate to other Records Management standards, like the DoD 5015.2 standard.

Origins of Records Management

Somewhat surprisingly, standards have only existed in Records Management for about the past fifteen years. But that's not to say that prior to today's standards, there wasn't a body of knowledge and written guidelines that existed as best practices for managing records.

Diplomatics

Actually, the concept of managing records can be traced back a long way. In the Middle Ages in Europe, important written documents from court transactions were recognized as records, and even then, there were issues around establishing authenticity of records to guard against forgery. From those early concerns around authenticity, the science of document analysis called diplomatics came into being in the late 1600s and became particularly important in Europe with the rise of government bureaucracies in the 1800s.

While diplomatics started out as something closer to forensic handwriting analysis than Records Management, it gradually established principles that are still important to Records Management today, such as reliability and authenticity. Diplomatics even emphasized the importance of aligning rules for managing records with business processes, and it treated all records the same, regardless of the media that they are stored on.

Records Management in the United States

Records Management is something that has come into being very slowly in the United States. In fact, Records Management in the United States is really a twentieth century development. It wasn't even until 1930 that 90 percent of all births and deaths in the United States were recorded.

The United States National Archives was first established in 1934 to manage only the federal government historical records, but the National Archives quickly became involved in the management of all federal current records.

In 1941, a records administration program was created for federal agencies to transfer their historical records to the National Archives. In 1943, the Records Disposal Act authorized the first use of record disposition schedules. In 1946, all agencies in the executive branch of government were ordered as part of Executive Order 9784 to implement Records Management programs.

It wasn't until 1949 with the publication of a pamphlet called Public Records Administration, written by an archivist at the National Archives, that the idea of Records Management was beginning to be seen as an activity that is separate and distinct from the long-term archival of records for preservation.

Prior to the 1950s in the United States, most businesses did not have a formalized program for records management. However, that slowly began to change as the federal government provided itself as an example for how records should be managed.

The 1950 Federal Records Act formalized Records Management in the United States. The Act included ideas about the creation, maintenance, and disposition of records. Perhaps somewhat similar to the dramatic growth in electronic documents that we are seeing today, the 1950s saw a huge increase in the number of paper records that needed to be managed. The growth in the volume of records and the requirements and the responsibilities imposed by the Federal Records Act led to the creation of regional records centers in the United States, and those centers slowly became models for records managers outside of government.

In 1955, the second Hoover Commission was tasked with developing recommendations for paperwork management and published a document entitled Guide to Record Retention Requirements in 1955. While not officially sanctioned as a standard, this document, in many ways, served the same purpose. The guide was popular and has been republished frequently since then and has served as an often-used reference by both government and non-government organizations. As late as 1994, a revised version of the guide was printed by the Office of the Federal Register.

That same year, in 1955, ARMA International, the international organization for records managers, was founded. ARMA continues through today to provide a forum for records and information managers, both inside and outside the government, to share information about best practices in the area of Records Management. From the 1950s, companies and non-government organizations were becoming more involved with record management policies, and the US federal government continued to drive much of the evolution of Records Management within the United States.

In 1976, the Federal Records Act was amended and sections were added that emphasized paperwork reduction and the importance of documenting the recordkeeping process. The concept of the record lifecycle was also described in the amendments to the Act.

In 1985, the National Archives was renamed as NARA, the National Archives and Records Administration, finally acknowledging in the name the role the agency plays in managing records as well as being involved in the long-term archival and preservation of documents.

However, it wasn't until the 1990s that standards around Records Management began to take shape. In 1993, a government task force in the United States that included NARA, the US Army, and the US Air Force, began to devise processes for managing records that would include both the management of paper and electronic documents. The recommendations of that task force ultimately led to the DoD-5015.2 standard that was first released in 1997.

Australia's AS-4390 and DIRKS

In parallel to what was happening in the United States, standards for Records Management were also advancing in Australia.

AS-4390

Standards Australia issued AS-4390 in 1996, a document that defined the scope of Records Management with recommendations for implementation in both public and private sectors in Australia. This was the first standard issued by any nation, but much of the language in the standard was very specific, making it usable really only within Australia.

AS-4390 approached the management of records as a "continuum model" and addressed the "whole extent of the records' existence".

DIRKS

In 2000, the National Archives of Australia published DIRKS (Design and Implementation of Recordkeeping System), a methodology for implementing AS-4390. The Australian National Archives developed, tested, and successfully implemented the approach, summarizing the methodology for managing records into an eight-step process.

The eight steps of the DIRKS methodology include:

  • Organization assessment:
  1. Preliminary Investigation
  2. Analysis of business activity
  3. Identification of records requirements
    • Assess areas for improvement:
  4. Assessment of the existing system
  5. Strategies for recordkeeping
    • Design, implement, and review the changes:
  6. Design the recordkeeping system
  7. Implement the recordkeeping system
  8. Post-implementation review

An international Records Management standard

These two standards, AS-4390 and DIRKS, have had a tremendous influence not only within Australia, but also internationally. In 2001, ISO-15489 was published as an international standard for best practices for Records Management. Part one of the standard was based on AS-4390, and part two was based on the guidelines, as laid out in DIRKS. The same eight-step methodology of DIRKS is used in the part two guidelines of ISO-15489.

The DIRKS manual can be freely downloaded from the National Archives of Australia: http://www.naa.gov.au/recordsmanagement/publications/dirks-manual.aspx

The ISO-15489 document can be purchased from ISO: http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=31908 and http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=35845

ISO-15489 has been a success in terms of international acceptance. 148 countries are members of ISO, and many of the participating countries have embraced the use of ISO-15489. Some countries where ISO-15489 is actively applied include Australia, China, UK, France, Germany, Netherlands, and Jamaica. Both ARMA International and AIIM now also promote the importance of the ISO-15489 standard.

Much of the appeal behind the ISO-15489 standard is the fact that it is fairly generic. Because it describes the recordkeeping process at a very high level, it avoids contentious details that may be specific to any particular Records Management implementation.

Consider, for example, the eight steps of the DIRKS process, as listed above, and replace the words "record" and "recordkeeping" with the name of some other type of enterprise software or project, like "ERP". The steps and associated recommendations from DIRKS are equally applicable. In fact, we recognize clear parallels between the steps presented in the DIRKS methodology and methodologies used for Project Management. Later in this article, we will look at similarities between Records Management and Project Management methodologies like PMBOK and Agile.

Does ISO-15489 overlap with standards like DoD-5015.2 and MoReq?

ISO-15489 differs considerably in approach from other Records Management standards, like the DoD-5015.2 standard and the MoReq standard which developed in Europe. While ISO-15489 outlines basic principles of Records Management and describes best practices, these latter two standards are very prescriptive in terms of detailing the specifics for how to implement a Records Management system. They are essentially functional requirement documents for computer systems.

MoReq (Model Requirements for the Management of Electronic Records) was initiated by the DLM Forum and funded by the European Commission. MoReq was first published in 2001 as MoReq1 and was then extensively updated and republished as MoReq2 in 2008. In 2010, an effort was undertaken to update the specification with the new name MoReq2010. The MoReq2 standard has been translated into 12 languages and is referenced frequently when building Records Management systems in Europe today.

Other international standards for Records Management

A number of other standards exist internationally. In Australia, for example, the Public Record Office has published a standard known as the Victorian Electronic Records Strategy (VERS) to address the problem of ensuring that electronic records can be preserved for long periods of time and still remain accessible and readable.

The preliminary investigation

Before we start getting our hands dirty with the sticky details of designing and implementing our records system, let's first get a big-picture idea of how Records Management currently fits into our organization and then define our vision for the future of Records Management in our organization. To do that, let's make a preliminary investigation of the records that our organization deals with. In the preliminary investigation, we'll make a survey of the records in our organization to find out how they are currently being handled. The results of the survey will provide important input into building the Business Case for moving forward with building a new Records Management system for our organization.

With the results of the preliminary investigation, we will be able to create an information map or diagram of where records currently are within our organization and which groups of the organization those records are relevant to. With that information, we will be able to create a very high-level charter for the records program, provide data to be used when building the Business Case for Records Management, and then have sufficient information to be able to calculate a rough estimate of the cost and effort needed for the program scope.

Before executing on the preliminary investigation, a detailed plan of attack for the investigation should be made. While the primary goal of the investigation is to gather information, a secondary goal should be to do it in a way that minimizes any disruptions to staff members.

To perform the investigation, we will need assistance from the various business units in the organization. Before starting, a 'heads up' should be sent out to the managers of the different business units involved so that they will understand the nature of the investigation, when it will be carried out, and they'll know roughly the amount of time that both they and their unit will need to make available to assist in the investigation. It would also be useful to hold a briefing meeting with staff members from business units, where we expect to find most of the records.

The records survey

Central to the preliminary investigation is the records survey, which is taken across the organization. A records survey attempts to identify the location and record types for both the electronic and non-electronic records used in the organization.

Physical surveys versus questionnaires

The records survey is usually either carried out as a physical one or as one managed remotely via questionnaires.

In a physical survey, members of the records management team visit each business unit, and working together with staff members from that unit, make a detailed inventory. During the survey, all physical storage locations, such as cabinets, closets, desks, and boxes are inspected. Staff members are asked where they store their files, which business applications they use, and which network drives they have access to.

The alternative to the physical survey is to send questionnaires to each of the business units and to ask them to complete the forms on their own. Inspections similar to that of the physical survey would be made, but the business unit is not supported by a records management team member.

Which of the two approaches we use will depend on the organization. Of course, a hybrid approach, where a combination of both physical surveys and questionnaires is used would work too.

Physical in-person surveys tend to provide more accurate and complete inventories, but they also are typically more expensive and time consuming to perform. Questionnaires, while cheaper, rely on each of the individual business units to complete the information on their own, which means that the reporting and investigation styles used by the different units might not be uniform. There is also the problem that some business units may not be sufficiently motivated to complete the questionnaires in a timely manner.

Preparing for the survey: Review existing documentation

Before we begin the survey, we should check to see if there already exists any background documentation that describes how records are currently being handled within the organization. Documentation has a habit of getting out of date quickly. Documentation can also be deceiving because sometimes it is written, but never implemented, or implemented in ways that deviate dramatically from the originally written description. So if we're actually lucky enough to find any documentation, we'll need to also validate how accurate that information really is.

These are some examples of documents which may already exist and which can provide clues about how some organizational records are being handled today:

  • The organization's disaster recovery plan
  • Previous records surveys or studies
  • The organization's record management policy statement
  • Internal and external audit reports that involve consideration of records
  • Organizational reports like risk assessment and cost-benefit analyses

Other types of documents may also exist, which can be good indicators for where records, particularly paper records, might be getting stored. These include:

  • Blueprints, maps, and building plans that show the location of furniture and equipment
  • Contracts with storage companies or organizations that provide records or backup services
  • Equipment and supply inventories that may indicate computer hardware
  • Lists of databases, enterprise application software, and shared drives

It may take some footwork and digging to find out exactly where and how records in the organization are currently being stored. Physical records could be getting stored in numerous places throughout office and storage areas. Electronic records might be currently saved on shared drives, local desktops, or other document repositories.

The main actions of the records survey can be summarized by the LEAD acronym:

  • Locate the places where records are being stored
  • Examine the records and their contents
  • Ask questions about the records to understand their significance
  • Document the information about the records
Alfresco 3 Records Management Comply with regulations and secure your organization’s records with Alfresco Records Management.
Published: January 2011
eBook Price: $38.99
Book Price: $64.99
See more
Select your format and quantity:
        Read more about this book      

(For more resources on this subject, see here.)

The records survey questions

Regardless of whether we opt to make a physical survey or to use a questionnaire, drafting a form that can be used to collect data from the survey is useful. The following table shows an example of a form that consists of the key questions to ask when carrying out the survey. Each copy of this form would correspond to one class or type of records:

Successful Records Management Implementation

Successful Records Management Implementation

Successful Records Management Implementation

Successful Records Management Implementation

Supplemental interviews

Questions are bound to come up while we undertake the records survey. To help clarify any issues that do arise, we'll probably also want to get more information by conducting interviews with knowledgeable staff members to determine current record processes and problems. Our interviews should focus on finding the types of records that are being created and on identifying which groups or departments in the organization are involved with creating and using those records.

We should also try to get a high-level perspective of the strengths and weaknesses of the current Records Management approach and be thinking about the possible benefits that an Electronic Records Management system could provide.

The interviews should also try to ascertain current organization policies about records handling:

  • Are there written records policies?
  • How frequently are records policies reviewed and updated?
  • Do the policies address records of all formats?
  • How are the records policies enforced?
  • Are there any metrics associated with the records policies?

Pulling it all together: Analyzing the results of the records survey

After completing the collection of information for the records survey, we are now able to group together related record collections into distinct record classes. For each class of record, we should write a brief description of that class, a summary of the basic contents, and also include location and access information. This information forms the information map of the records that are within the organization. This information also will be invaluable later on during the implementation phase when we create the content model for the records system.

But beyond the identification of classes of records, we're also able to make some very rough baseline measurements with the survey data as to the state of records currently within the organization. It's useful to make these same measurements at intervals during the life of the records program and note the changes.

The rough metrics that we are now able to calculate include:

  • The volume of both electronic and non-electronic records
  • The number of users who currently file either electronic or non-electronic records
  • The number of users who regularly find and retrieve records from the system
  • From a security perspective, the percentage of records that are open for anyone in the organization to access

Review of regulations and organizational rules

The results of the records survey revealed much about our task ahead. We now have clear ideas about what classes of records the organization handles and we also have a good idea about what the record volumes are for each of those record classes. For our records program to be successful, we also need to thoroughly understand our obligations for our records, as it relates to regulatory compliance, based on our type of organization.

Every organization is touched by requirements that need to be followed. These requirements could be laws, regulations, industry codes, or organizational rules. The organization may also be bound by the terms of contracts that it has entered into. Authority Documents are the written documents that contain the language describing the requirements with which we must comply.

Compiling the list of Authority Documents

We need to compile a list of Authority Documents and ultimately obtain a copy of the current versions of those documents. Now, let's discuss how we can go about coming up with that list.

Our first step in determining which Authority Documents are important for the organization is to check to see how compliance issues are currently handled. We'll try to find any prior documentation describing records handling processes currently followed in the organization, and if available, we'll review the contents of those documents.

We should try to interview knowledgeable members from groups within the organization such as Legal, Tax, Finance, HR, and IT to see what regulations or internal procedures these groups in the organization have been following, and under what authority. These group members may also be aware of regulations that may be applicable to the organization, but for whatever reason, are not currently being followed.

We should also perform research on the Internet and consult with relevant literature and trade publications to find references to Authority Documents that may be applicable to the organization. The Unified Compliance Framework (UCF), is one good source of information.

More information about the Unified Compliance Framework can be found at http://www.unifiedcompliance.com/.

Because of the importance of determining all the Authority Documents that affect the organization, it might also be a good idea to invest in some consulting hours with a good compliance lawyer or advisor who can validate the list of Authority Documents that we've arrived at or to potentially suggest other Authority Documents that should be on the list.

Creating the compliance metrics

Once we have the list of all Authority Documents, we should get copies of their most current versions. This task is one that is tedious, but very necessary. To complete it, we need to identify the compliance requirements from each of the Authority Documents that we've identified. This task involves reading the Authority Documents carefully and marking up the parts of those documents where the requirements are called out.

While reading these documents, it's important to determine exactly the actionable requirements. A trick for uncovering requirements is to look for action verbs like "create", "store", and "build" in the document. The reason for this is that requirements and rules are things that must be considered and acted upon.

Each requirement that we identify should be labeled as a metric and be assigned a unique ID control number. A list of the metric IDs, requirement descriptions, and originating Authority Documents should be compiled. We also need to gather some information about how these requirements will be addressed within the organization. We need to determine which group in the organization has responsibility for complying with the requirement. We need to know what set of records in the organization the requirement pertains to. We also need to note, if possible, which process in the organization the record and requirement is part of.

All of this information then should be collected and put into a spreadsheet or small database. Metrics that overlap in nature need to be mapped to show their relationships. This documentation for the compliance metrics is very important and needs to be accurate, detailed, and complete. Records Management's system configurations will be based on this information. The information will also be referenced when system audits are performed.

Making the Business Case

At this point, we have collected information about the current state of records in the organization and we have a good understanding of our compliance obligations. We are now ready to make a Business Case that can explain the benefits of a records program to senior management and explain, in detail, how we plan to go about implementing it.

Objective of the Business Case

The objective of the Business Case is to receive approval to move forward with the records project by being able to prove the merit of it. With approval for the system should come funding and a clear commitment of support for the project. To win that approval, the Business Case needs to be a strong one, one that is well researched, compelling, and very complete in describing the best plan of action. Without a clear and strong case, the risk is that the plan will simply not be approved, or that any decision on the plan will be postponed until the Business Case can be made stronger.

Elements of the Business Case

The following elements are key components of a good Business Case for implementing a Records Management system:

  • Include a description of the current method for handling records in the organization and an assessment of how well it is working. This will constitute a central part of the Needs Assessment:
    • Discuss the current role of Records Management in the organization and the current policies about records.
    • Describe the policies about managing and disposing of records currently.
    • Present the results of the records survey, highlighting the formats that records are currently stored in (paper, electronic, microfiche) and the volumes of these different types of formats.
    • Discuss what precautions are currently being taken to ensure that sensitive records are appropriately secured.
    • Describe how records are currently handled as part of the overall business continuity plan.
  • Include an assessment of the possible risks or penalties that the organization might face if it does not have an adequate records management program in place. For example, consider the following cases:
    • If the organization has a high probability of being involved in litigation, penalties might be incurred if the organization can't rapidly find and produce records related to e-discovery requests.
    • If the organization is highly regulated; again, penalties might be incurred if the organization can't produce records that can validate compliance with relevant federal, state, local, and international regulations.
    • If the organization is involved with mergers and acquisitions, there is a risk of potential opportunity loss should the organization not be able to present a clear picture of its potential liabilities and compliance status.
  • Include a summary of the key benefits of the plan. Depending on the organization, some of the benefits of a records system include:
    • Financial
      • Staff members will be more productive and save time in their search for and retrieval of records. Tasks like filing and managing records will be quicker and easier to perform.
      • If the Records Management system replaces older systems, there may be a savings in license fees from the discontinued software.
      • If paper documents are scanned and digitized, there may be reduced costs associated with storage companies. Storage space within the company will also be freed up from the elimination of filing cabinets and storage boxes.
    • Business
      • The Records Management system improves and makes processes more efficient.
      • The Records Management system improves the accuracy of the information that is retained.
      • The Records Management system improves access by all staff members to records.
      • A web-based system can more easily distribute and decentralize the use of the records system.
      • Collaboration on records between staff members becomes easier.
      • An electronic system provides better security for records.
      • The Records Management system enables a key component of a business continuity plan.
    • Regulatory
      • The Records Management system enables compliance with rules and regulations. Here, it specifically calls out known Authority Documents relative to the organization that will require compliance.
    • Include a comparison of the different action scenarios:
      • If no action is taken; that is, if the Business Case is declined, what is the risk-reward comparison of the consequences?
      • Consider any half-way options that may be possible. In these cases, the action might be to simply mitigate the worst-case scenarios, but still not fully adopt all capabilities of the proposed system. What would the advantages and disadvantages be of doing this?
      • Finally, consider the benefits of the complete system, as recommended by this Business Case.
    • Include a detailed description of the plan for implementing the Records Management system. The plan should include these elements:
      • Present a high-level system design.
      • Describe the need for gaining executive-level support for the project and outline the objectives of setting up a steering committee for high-level oversight of the records program.
      • Describe which records will be affected by the program and what formats those records are in.
      • Describe the associated data or metadata that will be captured and saved as part of each record.
      • Describe the security controls that will be enforced by the new system.
      • If there will continue to be paper or other non-electronic records, describe how the system will allow us to easily locate those records as well as electronic records.
      • Describe how the records program can be incorporated into the business continuity plan for the organization.
      • This is a good place to describe the Alfresco system and its capabilities. It might to be helpful to the Business Case to mention that Records Management is just one component of an Alfresco system; Alfresco also has Web Content Management, standard Document Management, and Collaboration capabilities. Once in place, an Alfresco system can serve as a great foundation for cost-effectively addressing other projects in the organization that require information management.
      • Describe why the new system would be better than the status quo.
      • Provide an estimate for the implementation timeline.
    • Discuss operational and organizational structure changes.
      • Describe how the records system will impact current processes in the organization and recommend possible changes to the organization's structure or operations.
    • Include a list of the resource roles that will be needed to staff the project. The roles and responsibilities section below covers this topic in more detail:
      • Consider whether the organization has the right skill sets to staff the project with internal team members, or if the team needs to be supplemented with assistance from a Systems Integrator or consultants.
      • Consider the possible need for a full-time qualified records manager to be on staff, if no such position currently exists.
    • Include a list of new equipment, capital expenditures, or any changes to the facilities that might be required to support the records system:
      • List server and hardware peripherals that may be needed to support the software.
      • Ideally, we should plan to have at least a production environment and also a staging environment that duplicates the production environment where testing can take place prior to rolling out changes to production.
      • Consider where the servers will be located and whether or not any additional space, power, or cooling for this equipment needs to be allocated.
      • Using the information we've collected about record volumes, make an estimate of the amount of storage required for the current records and for the volume of records that can be projected for the future.
      • List any networking changes or additional networking hardware that might be needed.
    • Include an estimated budget for the entire project:
      • Itemize the costs of software, hardware, consulting and services, technical support, administration, implementation, migration, training, and communications.
      • Consider any on-going costs and required staff that will be needed to maintain and support the system.
Alfresco 3 Records Management Comply with regulations and secure your organization’s records with Alfresco Records Management.
Published: January 2011
eBook Price: $38.99
Book Price: $64.99
See more
Select your format and quantity:
        Read more about this book      

(For more resources on this subject, see here.)

Creating a records policy

The Records Management Policy is a very important document for the records program. It is, in effect, the charter for the program's existence. The document describes at a high level what Records Management is and also describes the importance of records to the organization. The policy document gives authority for carrying out and enforcing the records policy.

The order of creating a records policy and getting approval for the Business Case doesn't matter. The two are often undertaken simultaneously or often there is already a records policy in place.

It's important to get the policy down on paper and the formalization of it as a written document is a very important step for the organization. The goal is to make sure that all groups within the organization are aware of the goals of Records Management and to understand the importance of records management for the organization and what they must do to abide by the policy.

The policy document need not be long. Just one or two pages is probably best, otherwise it risks the possibility of not being widely read. It should be concise and clear.

Records policy highlights

Highlights of the policy document include:

  • Definition of the objectives and purpose of the records program
  • Description of the scope
  • Description of the key roles and responsibilities within the program:
    • The Records Manager and the responsibilities for that role
    • The Records Management Steering Committee and the responsibilities for that group
  • Describes how good Records Management practices will help the organization
  • Identification of rules or regulations that oblige the organization to maintain proper records
  • Description of the process for how records are created, maintained, and ultimately disposed or transferred
  • Describes general policies for the organization about Records Management that will form the basis for implementation of the Records Management program.
  • Description of the mechanism for how compliance with the stated policies are to be monitored and enforced

To be something that will be well received and backed by executives within the organization, the policy document should be relevant. It needs to be relevant, both to the organization's executives and to the goals and objectives of the organization.

Put the policy into practice

The records policy needs to be practiced for it to be of any value. It is a formal document that needs to be written in such a way so as to be flexible with the passage of time. The document needs to be reviewed frequently to ensure that it stays relevant, and the policy may need to be amended as a result of legislative changes or changes driven by technology or culture. Key stakeholders in the organization should be given the opportunity to review and contribute to the policy document as it is drafted.

Once the policy document is written, it must be endorsed by organization executives and senior management. For the program to be sustainable over the long term, it is mandatory that the program receive total support from everyone in the organization.

After receiving endorsement, the policy should be distributed throughout the organization or made available in an easily accessible location such as the organization's intranet website.

Once the records policy is endorsed and the Business Case has been approved, there is true cause for celebration. But keep the party small and manageable, since there is still much work left to be done. At this point, it's not too early to consider some orientation sessions with business units in the organization to start discussing the records policy. The system isn't in place for them to start working on just yet, but it's good to get people starting to think about the new records management program and the benefits that they can expect from it.

Summary

In this article we have covered:

  • Origins of Records Management
  • The preliminary investigation
  • Making the Business Case
  • Creating a records policy

Further resources on this subject:


About the Author :


Dick Weisinger

Dick Weisinger is Vice President and Chief Technologist at Formtek, Inc. and has worked for more than 20 years in the areas of content, document, and image management. His career spans many projects and organizations and he has contributed to software solutions used for healthcare, finance, engineering, discrete manufacturing, and aerospace and defence applications. Dick is a regular contributor to the Formtek blog at http://www.formtek.com/blog on topics that include ECM, SaaS, Open Source, SOA, and new technologies.

Dick earned a Masters of Engineering Science in Operations Research from the University of California at Berkeley and a Masters of Engineering Science from Johns Hopkins University. Dick is an Alfresco Certified Engineer (ACE) and author of the Packt Publishing book Alfresco 3 Records Management.

Books From Packt


Alfresco 3 Business Solutions
Alfresco 3 Business Solutions

Alfresco 3 Web Content Management
Alfresco 3 Web Content Management

Alfresco 3 Web Services
Alfresco 3 Web Services

Alfresco 3 Business Solutions
Alfresco 3 Business Solutions

Liferay Portal 5.2 Systems Development
Liferay Portal 5.2 Systems Development

Liferay Portal 6 Enterprise Intranets
Liferay Portal 6 Enterprise Intranets

Alfresco Developer Guide
Alfresco Developer Guide

Alfresco 3 Enterprise Content Management Implementation
Alfresco 3 Enterprise Content Management Implementation


Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Resources
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software