Monthly Archives: December 2011

SharePoint 2010 and Department of Defense

As you might know, SharePoint 2010 does not have their records management solution certified with DoD 5015.2 standard. MOSS 2007 was certified, but with 2010 Microsoft decided not to go through the pains of getting their product tested and approved. There are multiple reasons behind this decision, but probably the most important is that certification requires substantial effort and time. Microsoft wants to focus on developing collaboration platform, leaving the more detailed compliance requirements to software partners.

But how important is this decision? In conversations with records management professionals I often hear the opinion- “who cares, DoD standard is military oriented with strict set of rules that most of organizations will never need”. They are right; probably most of organizations will never need that level of compliance. However, the point is somewhere else. The certification guarantees that the software product delivers all that the organization will ever need, and most probably delivers more – at least when it comes to the records management. The organization does not need to use all the features; however having such capabilities removes at least one of the concerns when selecting software product related to compliance.

For example – how executives in your organization would feel if they find out that SharePoint records management solution that you just implemented, does not guarantee irrecoverable destruction of records that passed their retention period? SharePoint out-of-the-box does not provide solution for expunging of records, after they are deleted. As you might know, there were several criminal cases where courts requested recovery of deleted files and specialized agencies were often successful in this task.  I am sure that some of the executives in government and large corporations would become quite nervous knowing that.

The bottom line is that SharePoint is a great solution for implementation of records management; however, the organizations need to take into account all the requirements across the organization. I mean all the requirements – not only those explicitly stated by records managers but also the implicit business needs. Some of these requirements will need to be fulfilled by adding additional, third party web parts or application services. This on the other hand, increases the total cost of ownership, so finding proper balance between requirements, planning and design is quite critical.

Lost cause in records management – convenience copies

I found some interesting facts in recent poll by AIIM “Records Management Strategies – plotting the changes”. As many as 48% of respondents said that although they were concerned of leaving convenience copies of disposed records at the end of their retention period, they did not have a solution in place to address it. It sounds like a paradox, from one side organizations spend millions to implement enterprise content management systems, and on the other hand they leave on the table the key benefits from implementation of such systems and processes. In another, related question, respondents said that their strongest business drivers for ECM, were related to compliance with legislation and industry regulations (45% and 35%), reduction of storage costs (42%), sharing of knowledge (36%) and improvement of litigation performance and reduction of associated costs (35%).  By leaving the convenience copies unattended, all the above drivers are not being addressed, often deluding organisation that they achieved their key objectives. Even if the ‘official records’ are disposed, the organizations are still not compliant with laws and regulations, the storage costs are not reduced, eDiscovery costs will be high as all information will have to be searched, and often the business decisions will be based on outdated information. The missing last step in information management strategy implementation undermines the organizational efforts. This might not be surprising as over 35% of respondents cited lack of board/C level commitment and lack of cross-departmental agreement on how to manage electronic records, as the key obstacle to implement information management strategies.

The lesson learned from this is that groups responsible for implementation of information management within organizations need to work continuously on marketing of ECM and building strong business cases based on hard, measurable benefits. Even if this is done, after the implementation, there must be ongoing effort to accurately monitor the key performance indicators and success criteria. The outputs of these measurements should reinforce the marketing messages, helping in getting required support.