Agenda. You are not in the business to manage records



Similar documents
Real World Strategies for Migrating and Decommissioning Legacy Applications

Functions & Importance of a Strategic Business Plan

Breaking Down the Silos: A 21st Century Approach to Information Governance. May 2015

Information Governance Manage in Place Use Cases Workshop

Successful Implementation of Enterprise-Wide Information Governance

TERRITORY RECORDS OFFICE BUSINESS SYSTEMS AND DIGITAL RECORDKEEPING FUNCTIONALITY ASSESSMENT TOOL

Fundamentals of Information Governance:

R Scott Murchison CRM

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Implementing Information Governance: A Best Practice Approach to Enable Compliance and Reduce Costs & Risks

Implementing Enterprise Information Governance: A Practical Approach

What We ll Cover. Defensible Disposal of Records and Information Litigation Holds Information Governance the future of records management programs

Information Governance 2.0 A DOCULABS WHITE PAPER

ECM: Key Market Trends and the Impact of Business Intelligence

SAME PRINCIPLES APPLY, BUT NEW MANDATES FOR CHANGE

Information Governance Challenges and Solutions

Director, Value Engineering

Breaking down the barriers to cloud-based records management

Special Report: ROI of Records Management for Legal Discovery

How To Improve Your Business

Governance from the Cloud. threat protection compliance archiving & governance secure communication

Reduce Cost, Time, and Risk ediscovery and Records Management in SharePoint

Whitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff

How the Information Governance Reference Model (IGRM) Complements ARMA International s Generally Accepted Recordkeeping Principles (GARP )

Records Management and SharePoint 2013

How to Manage Your SharePoint Cloud Based Business

ARMA CENTRAL IOWA APRIL 25, 2013 MAKING THE BUSINESS CASE FOR INFORMATION GOVERNANCE: MORE CARROT, LESS STICK

Cohasset Associates, Inc. NOTES Managing Electronic Records Conference 1.1. The discipline of analyzing the. Value Costs and Risks

Approved by: Vice President, Human Resources & Corporate Resources and Vice President, Treasury & Compliance Date: October 14, 2009

Information Governance: How to Assess Your Status

Containing Future E-Discovery Risk and Cost: The Impact of Electronic Records Management Systems

RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES. Cost-Effective, Legally Defensible Records Management

Gain control over all enterprise content

Defensible Disposition Strategies for Disposing of Structured Data - etrash

Compliance Requirements and Social Media Usage: FINRA and SEC

Brochure. ECM without borders. HP Enterprise Content Management (ECM)

A Practical Guide for Creating an Information Management Strategy and Strategic Information Management Roadmap

ILM et Archivage Les solutions IBM

From Information Management to Information Governance: The New Paradigm

RECORDS MANAGEMENT SERVICES. Cost-Effective, Legally Defensible Records Management

Managing Electronic Records. Methods, Best Practices, and Technologies. Wiley CIO

a Legal Project Management Consultancy Plan. Resource. Realize.

Certified Information Professional 2016 Update Outline

Information Governance, Risk, Compliance

Applying Technology to Information Governance. Bennett Borden, Drinker Biddle Cathleen Peterson, Kroll Ontrack March 26, 2015

Information Lifecycle Governance. Surabhi Kapoor & Jan Lambrechts

Tactics v. Strategy: From Records & Information Management to Information Governance

State of Florida ELECTRONIC RECORDKEEPING STRATEGIC PLAN. January 2010 December 2012 DECEMBER 31, 2009

Solving Key Management Problems in Lotus Notes/Domino Environments

Information Governance

Realizing the ROI of Information Governance. Gregory P. Kosinski Director, Product Marketing EMC

Preparing for. Helen Streck Records Management Consultant

Electronic Records Storage Options and Overview

Gain Efficiency, Cost Savings and Compliance with Iron Mountain s Portfolio of Services

Management and Litigation Risk Management

Document Management and Records Management in SharePoint Scott Jamison

Information Governance Workshop. David Zanotta, Ph.D. Vice President, Global Data Management & Governance - PMO

White Paper: Enterprise Compliance Management

Proposal No. P16/9921 Records Management Platform

Information Governance: A new way of doing business? Or just a whole lot of hype?

BETTER RECORDS MANAGEMENT

Developing a Records Retention Program

Only 1% of that data has preservation requirements Only 5% has regulatory requirements Only 34% is active and useful

Meaning Based Computing: Managing the Avalanche of Unstructured Data

Record Retention and Digital Asset Management Tim Shinkle Perpetual Logic, LLC

Technology Implementation for Law Firms and General Counsel Offices

Using Enterprise Content Management Principles to Manage Research Assets. Kelly Mannix, Manager Deloitte Consulting Perth, WA.

INTRODUCTION. Ryan White, Vice President of Business Development, DTI Integrated Business Solutions

EMC SourceOne Management and ediscovery Overview

Metrics-Based Information Governance

First Annual URIM Conference January 28, 2015

Save money and stay in. compliance. Know. what you have, keep. what you must, eliminate. what you should.

State of Michigan Records Management Services. Guide to E mail Storage Options

RECORDS MANAGEMENT POLICY

Terrence Coan, CRM - Baker Robbins & Company 1

How To Manage Cloud Data Safely

The Next Frontier. for Records Managers. Retention and Disposition of Structured Data:

DOCUMENT RETENTION STRATEGIES FOR HEALTHCARE ORGANIZATIONS

Considerations for Outsourcing Records Storage to the Cloud

Information Retention and ediscovery Survey GLOBAL FINDINGS

IBM Unstructured Data Identification & Management An on ramp to reducing information costs and risk

A 15-Minute Guide to 15-MINUTE GUIDE

COMPLIANCE BENEFITS OF SAP ARCHIVING

10 Steps to Establishing an Effective Retention Policy

98% 22% RM-Speedy [03] Sven Hapke IBM Deutschland GmbH. From Records Management to Information Lifecycle Governance

CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline)

XBRL & GRC Future opportunities?

WHITE PAPER. Deficiencies in Traditional Information Management

The Legal Advantages of Retaining Information

RECORDS AND INFORMATION MANAGEMENT AND RETENTION

CA Message Manager. Benefits. Overview. CA Advantage

Donna G. Rose, CRM Global Records Manager Apache Corp May 6, 2010

Information Governance

Guide to Information Governance: A Holistic Approach

How To Transform It Risk Management

IRMAC SAS INFORMATION MANAGEMENT, TRANSFORMING AN ANALYTICS CULTURE. Copyright 2012, SAS Institute Inc. All rights reserved.

Transforming Information Silos into Shareable Assets through Automated Content Conversion

Business Resiliency Business Continuity Management - January 14, 2014

How To Manage Records In A Cloud

White Paper. Enterprise Information Governance. Date Released: September Author/s: Astral Consulting.

Transcription:

Global Records and Information Management Risk: Proactive and Practical Approaches to Effective Records Management September 16, 2014 Maura Dunn, MLS, CRM Lee Karas, MBA Agenda Drivers for your Records and Information Management (RIM) program Developing Key Performance Indicators (KPI) and metrics KPI monitoring Identifying and evaluating risks RIM program implementation planning and approach 2 You are not in the business to manage records Records must support the business you are in Proactive records and information management (RIM) increases competitive advantage and optimizes costs 3 1

Let your business drive your program priorities Technology advances Web 2.0 technologies Data breaches Mergers, acquisitions and divestitures Information systems integration Liability Risk Transition Global operations and expectations Litigation Economic instability Shareholder demands Budget constraints Regulation Privacy Litigation Technology 4 Link your RIM program goals to your organization s drivers Decrease litigation response costs Manage information proactively from creation through preservation and disposal Optimize costs through increased storage efficiency and timely destruction of unneeded information Increase competitive advantage by capitalizing on information assets Increase organizational efficiency through timely access to information Minimize impact on staff, automated capture and deletion of information wherever possible Increase efficiency and consistency, decrease cost in your business processes Create a culturally aware program for a global organization Allow flexibility within standards Comply with global regulatory and legal requirements Increase capacity for storage through Cloud computing 5 Determine how the RIM program supports the business Review the processes within your RIM program Declaring records, archiving records, managing legal holds, etc. Identify the primary goal of each RIM process Comply with legal requirements Manual, inconsistent processes for storing and dispositioning records Minimize cost Time and cost associated with storing duplicate and out-of-date information Time and cost associated with searching for or recreating needed information Increase productivity Multiple copies and versions of the same document Difficulty in locating the correct document when needed Incorporate aspects of the Generally Accepted Recordkeeping Principles to further define the goal of each process 6 2

Now you have the goals, it s time to implement 7 What are key performance indicators? Key Performance Indicator (KPI) A measure of progress toward an organization goal Metric An individual data point measuring one aspect of an organization s performance A single KPI may comprise one or more metrics 8 How do I know what KPIs are right for me? 1. KPIs must be concrete and clear KPI: Increased program awareness/understanding Metric: Number of employees taking RIM program training 2. Choose KPIs that measure the positive impact of RIM on the business KPI: Decreased hardcopy storage costs Metric: Number of boxes destroyed in accordance with records retention schedule (RRS) Metric: Number of boxes shipped to offsite storage KPI: Increased control of electronic documents Metric: Number of electronic documents stored in ECM Metric: Number of electronic documents tagged for retention Metric: Number of electronic documents destroyed IAW with RRS 3. Choose KPIs that measure how RIM mitigates risk KPI: Decreased cost/time to respond to ediscovery / other requests Metric: Cost of information collection, production Metric: Response time 9 3

Monitor KPIs by gathering operational metrics Metrics should be easy to gather Automate data gathering through electronic systems Utilize sampling to capture user-driven metrics KPIs should be directly mapped to the metrics Develop a system (spreadsheet, database) to capture, analyze and present KPIs / metrics Develop a dashboard to communicate meaningful status to senior leaders 10 Effective compliance monitoring includes active, ongoing risk assessment Risks change over time For example Y2K SOX Compliance Federal Rules of Civil Procedure Dodd Frank Cloud Computing Global Privacy / Security 11 Effective compliance monitoring includes active, ongoing risk assessment Group organizational risks by dimension Risk Dimension Privacy Regulation Litigation Technology Risk Item(s) Security surrounding consumer, customer and employee data Concerns about protecting employee data in order not to precipitate any harm to them Requirements for records creation and retention Potential fines, operational impact due to an inability to demonstrate compliance with relevant regulations Increased vigilance over email and storage processes Potential fines, sanctions for spoliation, failure to produce Potentially damaging information that could have been destroyed Availability of cloud storage 3 rd party hosted applications Proliferation of mobile devices 12 4

Effective compliance monitoring includes active, ongoing risk assessment Prioritize risks based on impact, probability and tolerance Risk Aspect Assessment Impact What is the cost / damage that would result were the risk to occur? Probability How likely is it that the risk will occur? Tolerance How tolerant are you to the potential cost / damage represented by the risk? 13 Develop a RIM action plan to address risks Tolerance + Probability determine risk mitigation priority Probability High Low Do Something Further Analysis Further Analysis Do Nothing Impact of Risk Policy Process Reaction Technology Low High Tolerance Level Impact drives reaction 14 Actively manage, improve your RIM program through KPIs and metrics Monitor the day-to-day performance of your program through the use of detailed metrics Issue: The rising cost of office space across the firm has made storage of inactive material in office space unacceptable KPI: Percentage of office space used for records storage must be reduced Result: Hold quarterly office clean-up days instead of annual Utilize KPIs to report to management or request funding to address chronic / emergent issues Issue: The firm s new acquisition has dramatically increased the potential for litigation and you still do not have an effective litigation hold policy KPI: The total cost of the records program is a much smaller percentage of the potential cost of damaging litigation / sanctions Result: Leverage the increased risk to fund the litigation hold policy project to reduce the potential cost of damaging litigation / sanctions 15 5

Risk mitigation priorities and impact define the implementation approach Software selection PHASE 1: Business Unit Preparation Assess current content repositories Validate function / processes / record categories for business unit Validate records owners according to processes Determine business units with single processes and workflows Collect requirements for workflow, records management and retention management PHASE 2: Design Assess infrastructure needs Design system, including workflow and RM functionality (retention and disposition properties) Support email management, ediscovery and Legal Hold processes Support ERP, BI, HRIS, other applications archiving / disposition initiatives RISK EXPOSURE Year One Year Two PHASE 3: Implementation Conduct regular meetings Update Policy, Standard Operating Procedures, Guidance Documents Assess backfile (hardcopy, electronic) Train, train, train Out Years 16 Your RIM program should address people, process and technology Policy Process Data Content Applications Sample RIM Framework 17 17 Implementation may take several years; break it into manageable chunks PLAN BUILD IMPLEMENT REFINE Visioning Strategy Change Management Roadmap Framework Organization Policy Taxonomy Retention Schedule Enterprise Information Map Processes Technology Requirements Technology Selection/Decision Organizational Support Embedded Recordkeeping Technology Configuration Training Rollout Program Management Compliance Monitoring Refresh Additional Projects Backfile Migration Information Systems Update Employee Support Keep Everything Policy Process Data Apps Policy Process Data Apps Policy Process Data Apps Mature, adaptable RM program 18 6

Develop a detailed roadmap to guide implementation activities Year 1 Year 2 Year 3 Develop RM governance structure Develop change management plan Develop roadmap Conduct RM working group meetings Refine and implement training plan Refine and implement communications plan Update roadmap Refresh governance and records management organizational structure Refresh training Support ongoing communication Develop and implement ongoing Policy Develop / update RM policy Generate taxonomy, file plan and records retention schedule Develop policy framework Develop additional RM policies Identify vital records compliance monitoring Develop or modify and implement policies, as needed Develop vital records protection program Process Review existing process documentation Embed recordkeeping into business processes Refresh recordkeeping processes, as needed Data/Content Define unstructured data migration planning, including content inventory Execute unstructured data migration plan Refresh content inventory Applications Define structured data migration planning, including content inventory Execute structured data migration plan Embed recordkeeping requirements into IT change management process Develop records management functional requirements Develop software requirements to support records management Develop hardware requirements to support records management Evaluate and select software Size and set up hardware Implement software Refine RM functionality 19 Your RIM program needs to grow with you over time 20 Global Records and Information Management Risk: Proactive and Practical Approaches to Effective Records Management Maura Dunn, MLS, CRM President, TrailBlazer Consulting, LLC Maura.Dunn@trailblazer.us.com 610-659-6678 Lee Karas, MBA Executive Vice President, TrailBlazer Consulting, LLC Lee.Karas@trailblazer.us.com 312-246-2745 21 7

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information