Integrating ERM, RIRM, ECM, and Email Management Practices

Articles

Integrating ERM, RIRM, ECM, and Email Management Practices

By Joseph Andrew Settanni
Feb. 17, 2007

For trying to achieve an understanding of proper Electronic Document Management (EDM), Electronic Records Management (ERM), Records and Information Resources Management (RIRM) and Email Management Practices (EMP), one can profitably begin with the interesting consideration of the fact that, for instance, SAP and other enterprise-wide systems usually do not integrate well with most existing RIRM products. This is worth contemplating for reasons that ought to be obvious to those in charge of the IT and records related work going on in all corporations and agencies, various organizations, public and private, throughout the entire world.

Organizations, however, can save both time and money by sagaciously adopting proper methods involving: workflow, scalability, document management, content management, audit trail, compliance, advanced imaging capabilities, data warehousing, risk management, global information strategy, knowledge management, and digital document archiving and storage in appropriately secure data repositories.

Moreover, an email archiving or enterprise content management system is needed today by all major companies, especially in light of the amendments to the Federal Rules of Civil Procedure (FRCP) (effective December 1, 2006). But, RIRM is yet the significant foundation stone of any solidified achievement in terms of progressive and intelligent modern business realities concerning efforts, for instance, toward attempting true enterprise content management (ECM).

Methods and Procedures for ERM, ECM and RIRM

In general, unless a lucky situation occurs, there would be the requirement to deal with a bunch of tools that appropriately archive information/records within these systems and then, after that, seek to appropriate a sustainable ERM system that functionally integrates soundly with these aforementioned archive and other kinds of electronic records solutions.

This attempt typically will be dependent upon a variety of strategies that will be here dealt with, at length,in this discussion. In the beginning, it is fairly imperative to first decide on a clear strategy for correctly, effectively, and efficiently fulfilling the known demands of implementing electronic RIRM, besides ECM, which is known as a modular technology in that each part can be purchased without other components.

This can be done by using a comprehensive single source suite of products by working intelligently with a comprehensive kind of informed implementation plan with the needed assistance of an organizations¹s IT department or group.

Then, one also ought to develop and settle upon a solid framework of systems and to creatively integrate them, meaning, of course, with insightful ERM being a piece of the entire solution; this consideration, most likely, will tend to take in the broader scope and depth needs of more useful integration; but, the situation overall could end up creating a much better individual fit of the parts involved in the general solution itself, meaning such matters as proper collaboration, search, email tactics, RIRM, etc. And, RIRM must be always made definitely central to the proper implementation and management of any ECM solutions attempted; this helps toward achieving much tighter coordination for all ERM problems or, rather, challenges, as, among other highly skilled and trained professionals, Certified Records Managers understand.

Of course, needless to say, one ought also to work out a successful kind of corporate and enterprise-wide strategy to, thus, better help to further achieve the then hoped for degree of advanced and progressive success for that attempted deployment of an intelligent business-oriented strategy. Once the foregoing has been determined, then work can purposely begin on identifying the following matters that are inclusive of what concerns the entire context of the things that are needed to be done for any mission-critical, core business applications.

A careful kind of survey will have to be well conducted of all the electronic systems existing within the corporation or company. It will be the difficult task required of such an analysis to both critically analyze and keenly prioritize all the systems involved. As examples, various considerations must think through if they are really record systems or a flowthrough; also, it could be asked if whether or not they are vital records systems or business critical in nature.

Surely, company information can be anywhere: archives, IM, email, PDAs, databases, enterprise systems, desk tops, laptops, backup tapes, thumb drives, etc. About 20% of corporate executives, according to surveys, admit that they have used IM in business dealings, while, e.g., Blackberry use continues to rise; it is projected by the electronics industry, interestingly, that cell phones will come to eventually replace most use of PDAs.

Business professionals must, in addition, contemplate the matters of: data privacy, disaster recovery, information security, litigation readiness, records classification schemes as taxonomies, regulatory compliance, risk management, etc.

Further thoughts would, moreover, logically encompass many pertinent thoughts pertaining to who really are the records owners. The operating system itself and its exact nature must be considered, inclusive of the things involved with current purge or archive activities, besides trying to determine just how much data is actually contained in and throughout the system and its manifold workings; and, furthermore, if information is not properly added or integrated, what are the basic or fundamental risk impacts of the then utilized system? These are certainly critical issues that must be intelligently resolved for correctly using the best features of RIRM, ERM, and even for sustainable and credible EMP.

This type of full-featured analysis will assist, therefore, in deciding upon the particular type of practical and functional architecture needed for, among other objectives, prudently integrating the totality of data, records or information contained and maintained in various or, perhaps, multiple storage repositories in contradistinction to just a common one alone.

One can, therefore, utilize any data gained toward developing, when needed, the technical requirements of either a RFI or RFP and further decisions will relate better to what types of operating systems, formats, repositories, etc. that may be requiring much practical integration. Any tool (s) can then be appropriately purchased depending on the final ERM strategy determined and the cognate decisions decisions settled upon through the entire process, inclusive of ECM considerations, of course. A corporation will be better prepared, meaning especially its legal department, to face, for instance, the many new and challenging realities of the FRCP involving electronic records discovery to help create a ³litigation safe² environment if possible.

Email and Its Manifold ERM and RIRM Implications

One major subcategory of all the above is email that for many corporations has increasingly become, without a rational doubt, a mission-critical, core business application. Legal thought must be given to how and what is involved with email as actual business records having or possessing legal consequences; basically speaking, for every email, there are at least three evidentiary components of them taken as documents that informed lawyers and others are aware of increasingly.

These include the email on the sender's system with its logically associated content, fielded data and metadata that remains in that particular system; next, the email that crossed the concerned network , which could be, e.g., either a company intranet, extranet or internet itself; and, finally, the email as it was received by the recipient. A matter pertaining to what is called email threads can, moreover, raise difficulties involved from an arithmetic to a geometric kevel of complications.

While changing the situs of the email concerned in either the sender's or recipient's system will transform the fielded data and metadata relating to those versions of the email, however, it usually should not affect the content, fielded data, and metadata of the email that had, thus, crossed the network. The content and context of a document are both considered by lawyers and courts regarding its nature as to whether or not it is evidence.

This is especially the particular case with civil litigation where only the content and certain contextual information will be thought of as "material." Part of the situation to be confronted is that materiality is, thus, defined by the involved issues in the matter at hand. Therefore, the exercise of some foresight is critically needed concerning all of the potential legal threats to which a particular class of documents may be utilized or, for instance, into which an email will be archived, to further provide a determination of the material fielded as well as the metadata concerned.

Only any manifestly, clearly, immaterial changes to the fielded data or metadata that can be systemically explained will be logically held as properly legitimate to a defensible archive. The possible modifications or changes, in some cases, may be rationally necessary; these can include, e.g., such matters as possibly introducing hash-value metadata or, alternately, some other electronic signature to better insure authenticity and veracity; this may be an important internal procedure instituted by a corporation or company to more logically protect and defend its content as a matter of firmly established RIRM policy and ECM consideration as well..

Unfortunately, with the failure to correctly perceive the need for RIRM, too many companies still perceive and treat email as simply a class of general documents based on the narrow and narrowing IT perspective, often skewed budgets, and a false perception of business needs; thus, although content is highly important, the particular context of documents, meaning as records, is also not to be ever absurdly or unprofessionally neglected.

Once a mere ³document² (e.g., a draft memo or draft report ) enters the business stream at any point, then it becomes forever transformed into a record and passes well beyond mere document management and enters into the more solid realm of RIRM. The function of a record and not its mere media/format needs to rationally control, to logically govern, its retention period; thus, e.g., all email cannot be ever simply given a single retention period regardless of the different subjects contained, which would violate proper ECM principles and practices.

This is why the importance of email cannot be exaggerated enough because today about 95% of all information is now created electronically; this is while 75% or more of all business, according to industry estimates, is done through use of email. It is, certainly, not very surprising considering that 80% of corporate information is today retained on end user¹s PCs, with email now exceeding an often estimated 23 billion daily messages and growing rapidly year by year.

Need for Standards for Effective Work Efforts

Fortunately, many useful standards exist to help deal with electronic records issues such as: ANSI/AIIM/ARMA TR48-2004 Framework for Integration of Electronic Document Management Systems and Electronic Records Management Systems, ANSI/ARMA 10-1999 Glossary of Records and Information Management, ANSI/ARMA 9-2004 Requirements for Managing Electronic Messages as Records, ISO/TR 15489-2 Information and Documentation - Records Management - Part 2: Guidelines - Technical Report, ANSI/ARMA 5-2003 Vital Records Programs: Identifying, Managing, and Recovering Business-Critical Records.

DOD (Department of Defense) 5015.2-STD, the Design Criteria Standard for Electronic Records Management Software Applications, ISO (International Standards Organization) 15489, the new international standard for records management, ISO 23081-1:2006 Information and Documentation - Records Management Processes - Metadata for Records - Part 1: Principles, ISO 177799 Cyber-Security Best Practice Standard, The Sedona Principles: Best Practices Recommendations & Principles for Addressing Electronic Document Production, etc..

Employees and Access to Web-based Email

While it is necessary for business owners to have an informed awareness of all the various means of communication that corporate/company employees have, Records Managers, especially Certified Records Managers, must have an even more informed knowledge of what means exist. If so, a corporation¹s CEO, CFO, CIO, and other corporate officers ought to be working with their Records Manager to help think through requisite business decisions to permit or disallow various means of business communication that constitute actual business records, which means keeping in mind the aforementioned difference between mere documents versus actual records produced by an organization, private or public.

In general, some selective desktop access to the internet can be usually permitted by most small to midsize organizations/companies. Most larger organizations would be wise, however, to carefully want to filter which websites are allowed, and whether or not downloads or streaming media are to be permitted; and, even sometimes the degree of searches may need to be carefully questioned. Most people, of course, do utilize the internet for both various business purposes and much incidental personal use that is often permitted within some reasonable bounds.

Those corporations/companies that filter web access will, however, normally also make a decision about web-based mail. Additionally, many organizations allow external web-based access back into the institution's email system; this is so that many employees who are working at home or traveling can fairly get convenient access to their organizational email, besides the consideration of the widening proliferation of mobile devices that will , increasingly, present newer challenges.

Thoughts about the Blackberry

A Blackberry can, for instance, communicate in text in many ways, as through the company¹s desktop email system; this is by which one can receive and also send all work email through the firm's email system; through the Blackberry's own email address, if allowed by one¹s corporation or agency, such a device will have its own email address connected to the telecom provider.

Such things as PIN to PIN can exist: Blackberries have a unique identifier called a PIN. In addition, there is a messaging system that permits PIN to PIN text messages as well as allowing for PIN to PIN instant messages. Another feature is known as SMS messaging. This is the cell phone to cell phone text messaging possible that most people generally know about these days. Gmail gives people a downloadable email application used for the Blackberry. If one can install the application successfully, it is possible to get to one¹s Gmail account.

It is known that providers allow their users to have POP and SMTP access through use of the carrier's email system. The interesting implication is that if there is existing web access to one¹s various email accounts, it is possible to then set up the Blackberry to periodically poll email servers and deliver one¹s email to the Blackberry. It is also an important feature when email can be sent by effectively using external email addresses.

In those cases where an organization has not yet filtered internet access on the Blackberry, it is the case that one can usually access any of the various popular web-based email systems. For internet access, there are two main paths utilized; one is directly by use of the services of the cellular carrier and the other is through one¹s corporate system; these are set up at the system administration level, especially if a Blackberry Enterprise Server organizationally exists.

IM (Instant Messaging) has already been mentioned in connection to the PIN to PIN, meaning the IM Blackberry Messenger; of course, as other examples, Yahoo! Messenger and Google Talk also have such useful Blackberry applications, among others; there can, also, be internal IM systems that an organization may have, which can, therefore, be accessed by the Blackberry.

Thus, for instance, on a single handheld device, one can have the aforementioned access to at least 8 independent means of easily communicating in text. Every business should intelligently become aware of how many means of communicating are being utilized for business purposes by their employees and ought to possess an organizational written policy on how employees can use these messaging systems; the company¹s Records Manager, of course, ought to be always intimately involved in all such matters concerning ECM, ERM, and RIRM.

There is the consideration, moreover, that the corporation or firm should be properly monitoring when the communication of confidential information or personally identifiable information to business partners, customers, or even clients is to be permitted. Critical questions can be raised. Are there secure messaging capabilities? Are employees rationally prohibited from sending any truly confidential, proprietary, or, perhaps, privacy-sensitive information to possibly non-secure email addresses? Risk management is, therefore, involved here.

These are, certainly, among the many issues and challenges that help keep ECM, ERM, EDM, and, especially, RIRM exciting and intriguing topics for all information and records professionals now and into the future. Keeping up with the possibilities of the technologies existing and those to come will aid in achieving the rational business results wanted for effectively and efficiently achieving Enterprise Content Management; this is done, of course, by more fully applying Records and Information Resources Management in a holistic and rational manner for tighter integration of all corporate resources for the ECM needs. And, it is hoped, therefore, that this brief article may help a little toward such a requisite business goal.

------------

About the author: Joseph Andrew Settanni, CRM, CPC is a Certified Records Manager and Certified Professional Consultant with 30 years of professional experiencein data, archives, records and information management.

Email: mkeegan311@earthlink.net

Comment on this article here!

------------

All articles are EXCLUSIVE to Useless-Knowledge.com. Please link to this article rather than copying and pasting it onto your site (which would be unauthorized and illegal).