Jan 31 2008

Records Management Rollouts

Know what's entailed to implement a system in your organization.
by

Bob Lorenz is a principal consulting manager and Cheryl Strait is an executive consultant at Robbins-Gioia, a management consulting firm serving government agencies and FORTUNE 500 firms.

Selecting and implementing electronic records management requires collaboration across your organization. Staff from each department must work together to identify requirements for a records-management system.

As you embark on the initiative, there are many factors to consider. What follows is a blueprint for shepherding the project from the nascent planning stages to fruition.

Once you’ve determined what your organization needs from a records-management system, carefully identify possible risks associated with some knowledge-management practices. The potential for mismanaged records and lack of record security could create problems for state or local governmental organizations in the future. Some records may be saved in a format that allows them to be altered, raising questions about their integrity. In fact, the unstructured nature of some records can impair an agency’s ability to comply with its own record-retention policy.

Looking to the future, leadership must also consider corporate knowledge retention by estimating the percentage of the organization’s staff that is new at any point in time because of turnover and/or growth. This information will help inform a reliable method of finding the records created today.

When an organization begins the search for off-the-shelf products, it is advisable to select one that is Department of Defense–compliant, meets ISO requirements for records management, and is flexible enough to provide additional functionality in the future. Once a product is selected, an organization may consider using a third-party installer to quickly complete the implementation, leaving the internal IT group free to concentrate on its mission.

The cornerstone of technology implementation is solid configuration beforehand. Preparations begin by defining what the system will include, what will be required as output, and what processes will be used to manage different types of records. These discussions will lead to the identification of business processes that will drive system functionality. One outcome of these discussions will be the identification of interrelationships between data, processes, and system-configuration requirements. At a more detailed level, it will be necessary to define which records are to be filed in which category and subcategory for each of the different record types.

Record and document properties must be well-defined for the entire organization. These properties are the foundation for all aspects of the system. Evaluate properties for their significance to the users and for how they will aid in the search for records. Properties will limit the search capabilities if they’re not specific. On the other hand, too many properties can be burdensome, so system designers must weigh the value of given properties. When it comes to system configuration, the more complete and thorough the planning, the more likely the system will meet expectations. Without the detail, the configuration process will get bogged down with a tremendous amount of reworking, requiring constant effort to continually update the system.

As a records-management application is configured for each department or service organization, functionality and record-access permissions must be tested and verified. In many instances, access to record content is limited to a select group of users or an individual user based on sensitivity and confidentiality.

The most common user interface is Web-based and intuitive. This interface will typically include access to records and contain templates for entering records into the system. Check and verify all user functions on the access page based on the role of a particular user, testing each role to validate access to functional actions, record property access, and document content access.

Access roles for typical users may include conducting record searches and adding records or documents to the system using templates, electronic ingestion applications, or Microsoft Office integration tools. These entry methods should be intuitive and provide for necessary, meaningful record metadata. Additional functionality — such as modifying record properties, moving records from one category to another, searching for and retrieving records based on description or property values, or downloading documents — must be validated to ensure the system is working in accordance with business requirements.

The role of record coordinators may include functions such as moving or reclassifying records; changing record property values; and initiating and executing scheduled destruction of records or retrieval of records based on litigation hold criteria.

For records administrators, access should include that for typical users plus the ability to reclassify records; change disposition requirements; and create new record categories, properties, and classes. Additionally, records administrators must be able to run system reports, such as usage, audit information, and disposition action summaries.

With the system-access roles verified, the next step is to test the record classification and ingestion function. As staff enter records into the system, ensure that those records are:

  • classified with the correct record and/or document class;
  • populated with correct data, such as the date the record was created, identity of he record owner/creator, the system entry date, and business unit–specific properties;
  • filed in the correct record category;
  • identified as to their disposition;
  • accessible only to authorized users;
  • secured in such a way that they cannot be altered or modified.

If the system has been configured to audit specific actions or functions, these must be validated. Organizations may wish to monitor actions, such as record entry, record destruction, or content access; and configure auditing to measure and ensure compliance with records policies and retention requirements.

Testing of the various system elements can be extensive, based on the complexity of the application and business requirements for an organization. Each element must be tested to ensure not only its functionality but its adherence to the business practices and needs of the government organization. Overly complex processes will diminish use of the system — but overly simple ones may not meet record metadata and retention requirements.

Complex technology implementations are not easy to undertake, and there are no short cuts. Staying objective, focused, realistic, and structured will help an organization successfully deploy new technology and realize efficiencies associated with effectively managing its electronically stored records and information.

Related Articles

Close

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT

Subscribe Now