Are Your Information Governance Policies Still Based On This? |
Since 2007, in spite of my best efforts, I have watched as
organizations lost control of their electronic data and struggled to implement
classification systems and other good information governance protocols. And yet, it might not be entirely their fault. I routinely see advertisements from
"expert" consulting groups that offer a “solution” for records and information management
based on the ancient approach of retention policies and schedules. This is like having a modern steel and glass
building and hiring a carpenter with wood and nails to help you
expand. The usual advice starts with
“the foundation” that includes a records plan or policy and then attempts to expand it to cover
electronically stored information (ESI). Why? Is it because existing records programs have
been performing so well? I doubt it. Ask employees at most organizations about the adequacy of their current records policy and you will receive the same response, “what
records policy?” So, if it really was not
working for paper, why would consultants suggest that you just update it to handle ESI? Classification and retention programs that achieved barely adequate to horrendous results historically with paper, are not going to work with your
expanding email, instant messaging, social media, and new media applications. How about an approach that will work?
A Radical Solution
Instead of “updating,” switch to a proactive
model. Fixing your existing data/record mess is very costly and time-consuming, if it can be done at all. I have seen many attempts at "remediation" come to a halt after those involved recognize the actual work involved. However, setting up a sound program for new applications and technology,
is easier. Notice I said “easier” and not
“easy.” But, if you take the time to do
this at the outset, as new applications are deployed, it will give you two huge benefits. First,
you will stop making your problem worse while waiting for the all-encompassing
enterprise solution for your new and legacy data (hint, the all-encompassing solution is as rare as seeing Santa Claus). Instead, your new applications will have
retention and deletion policies that make sense and are more likely to work because they are
implemented at the outset. You avoid
having to change the procedures and peoples' habits later (we know how challenging that is) and now,
your organization will not be adding new "unmanaged" on top of your existing
"unmanaged" data. Second, you will be on
the path towards good information governance.
As each of your applications is upgraded or added to your network, and existing applications are
retired, the percentage of your important information that is properly governed
will increase. New email application in
the cloud? Migrating some workflows to
SharePoint? Adding a new database
application? Great! A simple taxonomy and retention plan can help your organization
separate the data into those items that need to be deleted quickly, slowly,
and those that will be retained as business records. Will it remediate the mess on your existing servers, overloaded with unstructured data and emails?
No. But who cares. If you had an easy and cost-effective solution
for your existing data, you would have already deployed it.
To
be fair, if your organization has been successful with a RIM program in the
past, and you have the technology in place to do so, then by all means, update
it to include new data sources and procedures.
If however, yours is like 95% of organizations, you will be better
served to begin addressing your information governance concerns one
application, one work-flow, one policy, and one procedure, at a time
1 comment:
Wrong title. Correct title would read "Skip Records Mis-Management and Start Mis-Governing Your Information" :)
Post a Comment