As you might know, SharePoint 2010 does not have their records management solution certified with DoD 5015.2 standard. MOSS 2007 was certified, but with 2010 Microsoft decided not to go through the pains of getting their product tested and approved. There are multiple reasons behind this decision, but probably the most important is that certification requires substantial effort and time. Microsoft wants to focus on developing collaboration platform, leaving the more detailed compliance requirements to software partners.
But how important is this decision? In conversations with records management professionals I often hear the opinion- “who cares, DoD standard is military oriented with strict set of rules that most of organizations will never need”. They are right; probably most of organizations will never need that level of compliance. However, the point is somewhere else. The certification guarantees that the software product delivers all that the organization will ever need, and most probably delivers more – at least when it comes to the records management. The organization does not need to use all the features; however having such capabilities removes at least one of the concerns when selecting software product related to compliance.
For example – how executives in your organization would feel if they find out that SharePoint records management solution that you just implemented, does not guarantee irrecoverable destruction of records that passed their retention period? SharePoint out-of-the-box does not provide solution for expunging of records, after they are deleted. As you might know, there were several criminal cases where courts requested recovery of deleted files and specialized agencies were often successful in this task. I am sure that some of the executives in government and large corporations would become quite nervous knowing that.
The bottom line is that SharePoint is a great solution for implementation of records management; however, the organizations need to take into account all the requirements across the organization. I mean all the requirements – not only those explicitly stated by records managers but also the implicit business needs. Some of these requirements will need to be fulfilled by adding additional, third party web parts or application services. This on the other hand, increases the total cost of ownership, so finding proper balance between requirements, planning and design is quite critical.
Recent Comments