Records management…winning!
Last post I was the records management bad cop, calling out the fact that RM at most organizations is failing, i.e., we’re not able to retain and dispose (especially dispose) of records according to the retention schedule across paper and electronically stored information (ESI) in all our repositories (especially shared drives, hard drives, and personal shares).
And while I enjoy dishing out fire and brimstone from my virtual bully pulpit as much as the next pundit, I’d rather be providing some constructive advice on how to avoid hellfire and, if not to reach the promised land, at least to make it to RM purgatory.
With that in mind, I wanted to walk through a framework that does double duty: on the one hand it allows organizations to gauge their RM maturity, and on the other it helps them structure the work they need to do to raise their overall RM maturity level.
Step by step
The figure below lays out this framework, which breaks out the continuum from immature to mature into four levels.
Figure 1 – Records Management Maturity Continuum
The framework measures maturity against three criteria:
- The nature of the repository records reside in
- The nature of the RM metadata on the records
- The ability to enforce RM retention and disposition on the records
So ,in level one, for example, you might have records in a shared drive, which is an unmanaged repository, with no metadata indicating what their retention is and no way to systematically enforce retention and disposition. This is the lowest level of maturity for obvious reasons.
In level two, the records have been moved to a managed repository, for example SharePoint, IBM P8, Documentum, Open Text, or OnBase, but RM metadata hasn’t been applied and therefore systematic retention and disposition isn’t possible.
In level three, the records in a managed repository have been enriched to include RM metadata, but despite that, retention and disposition are not yet being systematically enforced.
In level four, aka Nirvana, the records in a managed repository not only have RM metadata, but retention and disposition are being systematically enforced.
I might also add that you’ve likely got as good a chance of reaching level four given current conditions as achieving world peace, getting pigs to fly, and or freezing over hell, because level four, at least given current enterprise content management (ECM) and RM technology as well as the event-based bias of most RM regulation, is a bit of a stretch for the vast majority of organizations out there. I’d say that with any luck and all other things being equal, you’re at least five to seven years away from the attainment of level four—and it may be more like seven to ten years given how slowly we’ve seen RM technology and process evolve over the last decade.
Do what you can
But despite that gloomy prognosis for reaching level four, there is good news: every step you move to the left of the continuum is a huge gain for your organization, and the value you gain in the move from levels one and two to level three is at least equal to (if not greater) than what you gain in the move from three to four.
So the most important thing to take away from all this is that incremental improvements to how you manage records in your document repositories will have a bigger impact than you might think. Right behind that is the fact that this framework can be used both to help you keep an eye on the end game while you’re making incremental gains across the organization as well as to communicate to stakeholders both your vision and the steps you’re taking to get there.
The final word
So much for the RM good cop overview of the framework. Next post, I’ll dig in a bit more and explain how you can use the framework in the trenches to help make your RM program more effective. But in the meantime, I’d love to hear from you all out there—call me crazy, share your own efforts to frame up RM maturity,…whatever. Just jump in and get the conversation started.
agile ramblings 
Very good. The only thing missing is risk/cost assessment which helps to keep us from looking like über, mandatory, line in the sand, “letter of the law” (where did I hear that before?), inflexible people. OK so not every hard drive or shared drive is reviewed each year. So? Oh and don’t try the scare word LITIGATION on me. Won’t work as I’ve been dealing with them for over 25 years of every type and level. Don’t even try litigation cost as internally we have the tools to scan stuff and we’d be doing it regardless so we are really talking pennies.
For the riskier systems, you need to put the mechanisms in place for folks to follow when the tech ability for using retention times, etc. stink. Which is most of the time especially where joined data tables make a record. Does your company have controlled self assessments and internal audits? If yes, get your RIM stuff in there. Does your IT operational groups have standard operating procedures they use throughout the year? Get review and disposal in them and your heading down the right path.
Most companies are not going to have the majority of their records in beautiful systems that handle retention times, disposal, litigation holds (yes 3-4 on some records), etc. You will have to find the avenues that create the right connection to the record from search to disposal to compensate for the lack of system pre-built tools/abilities.
Randy,
Totally agree with the risk/cost assessment and not being letter of the law compliance wonks who think compliance is a “no matter the cost” game. Bringing a level of practicality and TCO to RM compliance is the goal of the framework, so I appreciate the feedback.
And sorry for the delay in responding–not sure why WordPress didn’t ping me when you posted this…
Thanks for taking the time to jump in and share your thoughts.
Cheers,
Joe