Records & Information Management (RIM) Risk: Is Your Company Exposed? March 19, 2013
Agenda Today’s Business Environment Risks of Today’s Business Environment What is Records/Information Management Approaches for Implementation Factors for Success Why Companies Fail Questions
Business Environment Staff are drowning in information – 90% of information is “born digital” with few controls to manage More use of technology – keep making records Information growth trends are continuing e.g. , drives, tweets, blogs, wikis, mobile devices etc., etc. More legislative requirements
Business Environment More litigation/discovery – ESI (electronically stored information) Limited resources – need to be more efficient Information creation is decentralized at the desktop – everyone’s a records manager today with little or no training
Risks Regulatory Compliance Litigation Data security and privacy Operational Inefficiencies Hardware and software obsolescence Reputational
What is Records Management
It’s all about IG Records/Information Management + Risk Management = Information Governance (IG)
? ? Required Components Audit Training Policies/Procedures Technology ECM Retention Schedule - Inactive records management Classification Scheme - Active records management Accountability
What You Need To Do Who’s in charge - accountability Need strong senior management support so staff know the initiative is important Need to “walk the talk” This is not a project but a lifestyle
What You Need To Do Know Your Records - Conduct an inventory What records exist? Where they are located? Format? How old are they? Official vs. transitory? How often used? Who is accountable?
What You Need To Do Develop Common Naming Conventions Provides an address for the records – where to store them Records are linked to the retention schedule by the classification scheme Ensures staff are using the correct terminology to name their documents so documents inherit the correct retention period
What You Need To Do Develop the retention schedule Appraise Records Operational Administrative Financial Legal Archival Vital Most records are NOT covered by legislation – so the business “owners” with legal and tax advice must make the decision as to how long to keep them
What You Need To Do Destroy Annually Outline records disposition policies and procedures as an established pattern of systematic document retention and destruction Annual systematic destruction process NOT when you get around to it Ensure no audits, government investigation or litigation pending Certificate of Destruction
What You Need To Do Training and Education Initial and ongoing training for all employees Don’t forget about new hires – develop a process with HR Training should include at a minimum Records Classification – in which “bucket” do they fit Purpose and importance of a retention schedule Risks to the organization for not following it Official v.s. transitory records Transfer to offsite storage Destruction practices Legal hold practices
What You Need To Do Auditing & Monitoring for Compliance Staff need to know this is as important as a financial audit – consequences for non compliance Internal audit to include records management practices Provide to departments an ‘audit findings’ report on records/information management compliance
Critical Factors for Success Senior Management Support Change Management Strategy Commitment to Continuous Improvement Responsibility and Accountability Pace of Implementation: Phased Approach Maintains Momentum Success Measurement and Demonstrated Success Training / Auditing / Reporting
It’s more than purchasing technology No leadership support Lack of communication WIIFM Theory No accountability/ownership Why Companies Fail
No support – help desk needed to answer rim questions No consequences for non-compliance Technology too complicated integration - automatic delete policy Why Companies Fail
What information is retained? Where it is stored? How long to retain it? How that data is protected? How polices, standards & regulations are enforced? RISK & RIM – Do you know?
Success = Accountability/Ownership
Thank You! RIM Inc. Caroline Werle (416)