Monthly Archives: February 2012

SharePoint – Records Center or In-Place Records Management?

Folder - records managementSharePoint 2010 brought some new capabilities but at the same time challenged the implementation teams with making some tough decisions. One of them is – how to implement records management. In MOSS 2007 – it was simple; the only possibility to achieve the functionality was through setting up Records Center site. In this case, for the content to be declared as a record, it had to be moved to separate storage area. SharePoint 2010 now offers In-Place Records Management – content that was declared as the record stays where it was originally, but the additional information management policies need to be applied to make sure it is immutable. Which solution is better? Which one should be chosen?

As expected there is no simple answer to this question – it depends. But once the decision is made, the organization needs to live with its consequences. The way back is costly and time consuming, it makes reversing the course usually unfeasible. So what are the pros and cons of either solution? The list below captures some of the key differences and their potential impact. Please note that some of the functionality was split to reflect the fact that business users and records managers are often driven by conflicting requirements – ease of filing, access, finding information and ability to collaborate for business users and ability to restrict access, protection and enforcing retention rules for records managers.

Feature In-place Records Center Comment
Retention Implemented through information management policies by content type. It might provide more flexibility in getting the rules more granular but at the cost of maintenance complexity. Simple – once record is placed in its bucket, it inherits its retention rules. Most of business users are not concerned by the retention; this is of primary interest to records managers. However what needs to be taken into account, if implementing in-place records management, the records lifespan might be longer than the hosting site. This creates potential problems with records preservation when the site needs to be disposed. This could lead to tendency to keep obsolete sites live, exposing the organization to legal and regulatory risks, and increased storage costs.
Security/Accessibility No ability to restrict access to records, the record maintains the same visibility across its lifecycle The content visibility and the ability to see its existence in search results can be restricted This could be a concern for records of sensitive nature especially in areas of HR, and Legal departments, or in case of mergers and acquisitions.
Findability of information – business user perspective Excellent, since records reside within their context in their corresponding libraries and folders Might be poor, since same content types reside in the same buckets. This category addresses primarily needs of business users – to locate quickly and easily the information. Since in case of in-place implementation, records are preserved at their source, it is easy to locate the information through its context. In case of the Records Center implementation, the key success factors are related to good governance policies, their implementation, as well as rich and good quality metadata.
Findability of records / eDiscovery – records manager perspective Usually good, though the search needs to span multiple sites Good since all records are located in Records Center, but eDiscovery will require search in both sites and in Records Center In case of Records Center good quality of metadata is important. eDiscovery of records in Records Center is fairly straightforward and quick, however since eDiscovery covers any content – declared as records or non-declared, it will not eliminate need of searching across all locations.
Ease of records management Complex since records are spread across various sites, libraries and folders Easy since records reside in central location with common sets of rules Managing records declared in-place might become messy. Strict governance and control of granularity of information management policies is required. The governance must include cases how to handle records if their survivability exceeds the site lifespan, as well as defining of who can un-declare or supersede records per site. Auditing of the records management and records reporting becomes more complex.
Ease of site management Complex – since sites contain both mutable and immutable content Simple – sites contain only documents that are not yet declared as records, or stubs to Records Center content Sites with in-place records management become more difficult to manage due to differences in how records and transitory documents are handled. Strict governance is required.
Ability to audit records More complex Simple Ability to audit records in in-place implementation depends on each sites audit policies implementation. There are no out of the box compliance reports available. Strict governance is required.
Administrative security By site administrators By records managers In in-place implementation, site administrators have ability to manage both transitory documents and records. This might not be desirable in case of organization in heavily regulated industries, where single responsibility for preservation of records resides with records managers.
Storage Transitory documents and records reside on the same storage medium Scalability could be easily ensured by placing records on separate storage medium In-place implementation might lead to increased storage requirements for both documents that are being actively collaborated and records that might be rarely accessed. Performance issues, security and organizational disaster recovery requirements must be taken into account (this is not the same as simple backups).
Declaring of Document Sets as records Yes No Current version of SharePoint does not allow for declaring Document Sets as records in Records Center

 

So how to determine which one is more suitable for given organization? There are several factors that will ultimately influence the decision, like:

–          Company culture – strict or more relaxed

–          How heavily regulated is the industry

–          What are the legal, regulatory and statutory requirements

–          Existing processes for handling records – is there already dedicated staff to manage records?

–          Business continuity planning requirements

–          Existing business processes – are document sets best suitable in the organization (this is weak point however, as I am sure that Microsoft is going to come with solution for Document Sets handling soon)

–          Information growth rate and proliferation of sites and sites collections

Decision on the method of records management implementation should not be taken lightly as it will have long term impacts on costs, change management, user adoption, governance, sites and records management, compliance and others. There is no easy way back.

Where is that tap?

Fortis records managementHere is the latest example of poor records keeping, and associated costs, as it happened last week in the area where I live – Ruptured Line not on maps: Fortis. In short – an excavator ruptured natural gas line, which resulted in evacuation of whole neighborhood, organizing and transporting residents to temporary locations, closed businesses, rerouting traffic, full presence of police, fire and rescue services. It took a while for Fortis – natural gas provider, to locate the leak and cut off the supply. Contractor was not at fault here – before digging, they checked with Fortis if there were any pipes in the area. After the fact, Fortis stated that the pipe was more than 40 years old and was not indicated on the map. I am afraid that in reality the pipe was on a map, as it was supplying gas to a building that does not exist anymore. Rather the problem was that Fortis was not able to locate the latest version of the map, and they based their excavations approval on outdated records.

The positive side of this event is that it should be fairly easy for Fortis to develop and approve business case for an improved records management system. One of the biggest problems facing implementation of information management projects is that they are always low priority, due to the intangibility of most of the benefits and risks. There is always something more important generating revenues. Documents and records management are mostly perceived as cost centers – until accidents like this happen. Fortunately in this case there was no further damage and nobody was injured. But definitely this is an opportunity to quantify the costs and risks in the business case and get the problem fixed. In this case – these will be the costs of the emergency services, evacuation, investigation, and problem rectifying and so on. Safety, Health and Environment risks will come on the top of priorities and let’s not forget about reputational risks – protecting the public trust, and the organization in litigation, would one follow. One door closes, another opens….

Is Email on its way out?

Recently I read some predictions that the email is an idea of the past and eventually is going to vanish. Although I do not agree with this statement in its entirety, there is some merit in this way of thinking. Email might soon share the same fate as the phone (not to mention epistolography – does anybody still remembers the art of writing letters?). On a forefront of this new development is Atos – I think the first organization that officially banned the use of emails replacing them with more collaborative tools. They must know what they are doing after all this organization is pretty large with 42 offices around the world and 74,000 of employees. As a matter of fact, couple of years ago I worked for a company with over 25 offices across the world and the instant messenger was our primary contact tool. With rapid eruption of social networking technologies, the near real-time collaboration and the cloud platforms, the importance of emails is going to diminish. As Atos CEO said, on average their employees were getting 200 emails per day, from that only 10% was useful, and middle managers were spending 25% of their time searching for information. From my personal experience, this sounds right.

On the other hand the social technologies bring new challenges from point of view of information management – like for example – how to treat them as records, how to deal with their retention, how to retain the knowledge. The bigger challenge however is personal productivity, if everyone is chatting with everyone; then they have no time to do any work. This type of collaboration cannot be replacement for ability to store, search, find and use the information. So information management is becoming now even more important, before the big wave hits destroying the efficiency instead of enabling it, the workers must know where to find the information, and have easy access to it, rather than trying to find it by chatting. This is the point where the email has advantage, with tools like Outlook – the search is quite simple and it is easy to associate the content with its business context. The governance has a key role to play here, on one of our recent programs we implemented a policy to block 50% of time to focus on the work that was planned, including collaborating ‘within’ the teams, and devoting the rest of the time to coordination with other teams, planning, meetings, answering emails, administrative work and so on.

Overall, no doubt – while our world is changing dramatically when it comes to communication and collaboration, our information management strategy and governance needs to adjust accordingly.