James McGovern and Jesse Wilkins have recently been exchanging a few thoughts regarding Records Management. It has been an interesting discussion and it can be an educational read for those that are trying to learn more about Records Management. I thought I would look at what they had written and add my two cents.
Why Records Management Matters
James starts by posting a clarification to an earlier post he had made. He defined RM with the 20 year old definition focused around paper. There is nothing strange about this. Many people involved in the RM process today do the same thing. They look at a piece of paper and think permanence. They don’t think about the fact that paper, if not adequately protected and preserved, turns into dust.
James places the priority of RM down around 996 on his list. I’m sure that his legal department places it a little higher. To be fair, in a proper environment, RM shouldn’t necessarily be the concern of an Enterprise Architect. Every piece of content should be captured and preserved by the RM functionality of the ECM system. James should care that the ECM systems that his business users need to meet their requirements, which should include RM, fit into the overall architecture.
Jesse replied and tried to explain how RM is important and is beyond paper. He does a good job of hitting all of the high points. Unfortunately, James is starting from way back on the learning curve on this one. A lot of the foundational knowledge that Jesse and I take for granted isn’t part of his baseline. Of course, James usually works to cure ignorance, so it isn’t a problem.
Records Management and Retention
James states that there is no common definition for Records Management. He is right and wrong. There are several definitions, but they all have the same goals.
- You have a definitive record when you need it.
- You know who has touched the record.
- You can find the record when you need it.
- If you destroy the record, it stays destroyed.
- Prove all of this in court if needed.
Now, there are many more requirements, and I’ll leave the details to folks like Jesse and Andrew. However, that is the 10,000 foot view. If you go higher, it is all about CYA. As any RM expert will tell you, RM is more about defining your rules and policies, and how to enforce them, than about the technology. Many vendors provide RM features. Jesse mentioned only some big boys. There are legitimate smaller players, but not any mentioned by James. Why? DoD 5015.2.
This standard for Electronic Records Management was first just defined for use in the U.S. Department of Defense. It then became the standard for the whole U.S. government. Many commercial entities require their Records Management products to be compliant. Why? CYA. It is a simple way of showing that you picked a product that could meet the corporate RM requirements without having to just take the vendor’s word for it. (There is a certification process)
Enter the ECM Platform
As mentioned above, RM capabilities should be built into any ECM platform. While not every organization needs full-blown RM capabilities, retention policies, the automatic assignment of them, and final disposition needs to be a built-in part of the platform. I believe all, and I am open to correction here, ECM vendors charge separately for retention and RM functionality, if they even have it split into two products. EMC has two products, Retention Policies Services being a subset of RM, and charges for them separately.
I can see the need to charge extra for RM functionality as it incurs certification costs and a lot of overhead. It also isn’t required by every organization. RPS should be a core piece of functionality. Most companies need it in their stack. they just may not have realized it yet.
Many people will still go with RM as tracks those paper records that James mentions and people still need CYA. However, it can lead an organization down a rabbit hole if they look at two products, RPS and RM, and pick the term Gartner uses to define the problem.