Links

Gentle readers:
Despite the fact that months have passed since my last post, my quill and inkwell have been busy.
Watch for upcoming publications:
1) My review of the ARMA International conference to appear in KM World
2) "GARP in the Real World" to appear in the Jan/Feb issue of Information Management
3) An exploration of "Retention" at InformationManagementCompare.com

Most of my other work cannot be reprinted here for copyright reasons, but here are some links.

• Long-term storage of digital records is discussed at http://www.kmworld.com/Articles/Editorial/Feature/What-should-you-do-to-preserve-records-with-a-long-life-cycle3f-70065.aspx
• Lessons learned from a hospital's lost records is at http://www.informationmanagementcompare.com/453-Articles/449-Lessons-Learned-the-Hard-Way-What-you-can-glean-from-the-misadventures-of-an-East-Coast-hospital/
• Problems arising from the new federal requirements for digital health records are at: http://www.informationmanagementcompare.com/453-Articles/232-Explosive-Healthcare-Informatics-Challenged/

If these long URL's are a problem (personally, I don't mind copying and pasting) please leave a comment to that effect below, and I will supply Tiny URLs in the future.

Thanks for your interest, and as always, stay in touch,

Gordy
ghoke@mindspring.com

Last Limerick of GARP -- Disposition

Chimerical search for stability
By keeping all docs is futility.
The records we keep
Can bury us deep.
Not assets? Then they're liability.

Managing Records with Technology

In 1989, companies called their computer departments MIS – Management Information Systems. According to Wikipedia, the term arose when computers first analyzed vast amounts of business information and reported it to corporate leadership in a meaningful, revealing way. It was common parlance, at least through the mid-1990s.

Today, one rarely hears of MIS. The accepted jargon is “IT”, or Information Technology. When Keane Inc. advertises “We get IT done”, no further explanation is required.

This evolution from MIS to IT may be merely a matter of nomenclature, but I suspect there is significant substance. When computers first proliferated throughout American businesses, starting in the 1960s, they were enabling tools. The first word processors were extensions of the electric typewriter. Spreadsheet software automated accountants’ paper work sheets. Computers and their programs formed workbenches to get traditional jobs done better and faster.

In the same way, Management Information Systems were tools. They helped business leaders make intelligent decisions by manipulating data in ways previously unattainable. Under MIS, data warehouses and data mining extracted useful, perceptive reports. Managers still guided their businesses at a very granular, tactical level. The new tools helped them do that better, quicker and more reliably.

Somewhere on our way to the Millennium, this situation evolved. Computers got better, faster, and cheaper, and software designers addressed a growing number of business processes. They wrote programs that automated more and more tactical decisions.

Businesses’ nature changed. Whenever there was severe economic pressure, such as the recession of 1992, the middle managers responsible for tactical decisions got pink slips. They weren’t needed any more, their responsibilities taken over by computers. Organizational hierarchies flattened. Computers made tactical calls, leaving the big cheeses (sans secretaries) to make the strategic decisions.

Concurrently, MIS became IT with the emphasis on technology more than management.

How does this apply to Records & Information Management?

We are a bit late to the party. From the 1960s to the 1990s, when general business went digital and document workers pursued the “paperless office”, records managers persistently plied their paper-based profession. RIM prophets sounded the clarion, but for a variety of reasons, few practitioners responded until the middle of the last decade.

In 2010, RIM automation may be analogous to the state of general business computing in the 1980s. Software automates the tasks, but not the management of records. RIM administration remains labor intensive.

In the future, software may analyze content, compare it to laws/regulations, evaluate usage patterns, and create reliable retention schedules, all automatically. Recent releases of contextual analytics point in that direction.

But for now, management is still a major part of RIM, and our tools are MIS. We’re not ready to abandon that to IT, just yet.

The Limericks of GARP -- Retention

Did you know that GARP's point of Retention
Deserves a lot more than mere mention
Retention brings plaudits
Right after the audits
Avoiding both guilt and detention

The Limericks of GARP -- Availability

The lack of files' availability
Can lead to a loss of civility:
"I wait such a while
For every damn file,
I want to shout, 'It's all futility!'"

The Limericks of GARP -- Protection

Because of GARP's call for Protection
We gave CD-ROMs a rejection
Their quick degradation
Before regulations
Expire, brought film's resurrection

GARP Integrity

The third part of GARP is Integrity
It's much needed in Washington D.C.
Where bills' metadata
Reveals the stat-a
The Records and pols authenticity

Philology from Philadelphia

In Philadelphia, Info360 (neé AIIM expo) opened and closed last week with minimal impact. Often a launching pad for emerging technologies and a listening post for industry trends, this version was most notable for what wasn’t there, especially from a RIM perspective.

First, the asset side of the ledger:
Microsoft SharePoint 2010 dominated the show floor with a generous partner pavilion and a large, accessible bank of laptops for group “immersions” and individual exploration. The mock case study showed at least some of Redmond’s expanded RIM functionality
Cloud computing vendors provided second-level saturation, proclaiming the advantages of their tools while trying to assuage buyers’ fears
The show’s small footprint allowed a thorough viewing with minimal loss of shoe leather
EMC, HP and Oracle presented credible displays. In terms of RIM, their common theme was, “We speak SharePoint, too.”
The concurrent, adjacent OnDemand trade show gave AIIM attendees the chance to explore the hardware side of RIM
OmniRim proffered their paper-based solution’s integration with SharePoint

On the other side, some major vendors seemed scared off by Microsoft. For example:
IBM limited itself to a kiosk in the SharePoint pavilion -- barely mentioning Contextual Analytics, its potentially game-changing technology announced at ARMA last October
Open Text claimed only a 10’ x 10’ booth near a corner of the show floor, and the booth person who addressed me did not speak RIM

As Gimmal Group’s Mike Alsup commented, it felt like a throwback to 1995. Capture was a major theme, and many of the new, small vendors who populated the 10 x 10s on the periphery showed document management technologies. Plasmon even showed a jukebox full of double-sided WORM disks.

Cloudy, with a chance of meatballs

As noted, the secondary theme -- not mutually exclusive with SharePoint -- was cloud computing. Priscilla Emery, owner of ECM Scope (and a former Sr. VP at AIIM) observed:

“Cloud approaches to support document management are re-emerging but I was struck by the lack of e-mail management approaches being fully integrated into many of them. From a records management point of view these "solutions" won't hold water and only demonstrate a serious lack of understanding how to support e-discovery and audit applications. “Of course, SharePoint has been the basis for many of these applications and more. And, yet as I look at what CIOs seek as the basis for their enterprises' infrastructure and communication applications, I do see more of them taking a very serious look at Google as the provider of choice in the cloud. I see a serious disconnect in the ECM [Enterprise Content Management] market here and, maybe an opportunity for those ECM vendors adventurous enough to explore it.”

While Google had no booth, it interpreted its view of information management at a well-attended keynote address. Among exhibitors, vendors Alfresco and SpringCM offered cloud-based ECM suites with records management tools.

AIIM – The Organization versus The Show

In the last six months, AIIM has promoted and emphasized its focus on RIM, prominently featuring records issues in its publications and heavily promoting its certificate program for electronic records. Exhibitors at the trade show did not replicate this focus, showing minor interest, at best, in records and information management.

In addressing RIM, AIIM still faces a basic contradiction: AIIM is primarily a vendors’ organization, and vendors make products and tools. RIM is essentially a discipline to be practiced. It uses tools, but it is not defined by them. Further, RIM practitioners are not buyers of software tools, at least not outside a partnership with their IT stakeholders.

If AIIM wants to offer significant value to RIM practitioners, it will have to teach its vendor-members to be problem solvers more than software merchants. Records practitioners need ECM tools and expertise, but that need is likely to go unfulfilled until ECM vendors gain perspective on how their products can be applied to RIM.

Transparency

The state of a program's transparency
Can measure the ease those who care can see
A RIM program's ways
That emerge through the haze
And that challenge all skeptics to dare and see.

Ten Years After: RIM Standards Evolve Slowly

Ten years ago, the tech world was still exhaling in relief and self-congratulations on dodging the Y2K bullet. Leading-edge records managers joined the techies, smiling that their fledgling stock of electronic records were largely intact; disaster recovery tactics went unused.

In this heady environment, a group of RIM luminaries adapted Australia’s DIRKS (Design and Implementation of Recordkeeping System) to worldwide applicability. In 2001, ISO published a records management standard, 15489, that remains an important reference and guide for measuring RIM success today.

Eight years later, ARMA International published its Generally Accepted Recordkeeping Principles (GARP), which owes much to ISO 15489. To call it derivative is not quite accurate. Think of it more as a re-interpretation that reflects the changes, the evolution of RIM over a ten-year period.

That GARP and 15489 have much in common is not surprising. The discipline of Records Management, dating back, at least, to the 4th Century BCE, evolves slowly, befitting its heritage and longevity. Unlike practices based on ephemeral developments, RIM wears technology like a runway model at a fashion show: She shows dress after dress, but the walk never changes. Records’ value is in the content, not the visible format or medium. The best practices of records management evolve with the needs of the records users, and those morph slowly over the years. Records managers rarely say, “Gee whiz!” to mercurial novelty.

(It is possible that the current buzz words -- Cloud Computing, Web 2.0, and others that rapidly multiply the entry-points and touch-points for records -- may accelerate the evolution of RIM, but that is conjecture at this point.)

Ten years offer only a narrow perspective of changes in RIM practices. Nonetheless, there is value in noting the differences between ISO 15489 and GARP. The Delta helps us see how the role of the records management professional has changed.

There is considerable, basic congruence between ARMA’s GARP and ISO’s 15489. Both encourage improvement, not perfection. Every records program, not matter how good or bad, can get better

Six basic areas overlap: Availability, Retention, Disposition, Protection, Compliance, and Integrity. While the wording varies a bit, ARMA and ISO agree on these, basically.

However, the ISO standard lacks GARP’s first two principles. Accountability and Transparency describe RIM’s governance and explicitly stated organization; policies; and strategies. This is analogous to metadata. It is not about the mechanics of keeping records, but, rather, the structure, politics, budget, and administration of organizing and sustaining records’ usefulness within an organization

GARP’s addition of Accountability and Transparency to the canon reflects the different roles records management filled in organizations in 2000 (when 15489 coalesced) and GARP’s natal year, 2009. At the millennium, records management was a disciplined service. It was largely paper-based, and its roots in library science were apparent. By 2009, it was Records & Information Management, a tech hybrid, striving for recognition as a full-fledged profession, parallel to legal and finance.

On the other hand, ISO 15489 offers guidance in two areas that GARP largely ignores.

First, ISO 15489 articulates the use of records management to measure and reduce organization’s risk. GARP, and its derivative Maturity Model, imply that as recordkeeping practices improve, that is, become more mature, the organization will inherently lower its records risk. But it offers no guidance for the kinds of decisions that records managers make regularly, balancing needs and costs to find an acceptable level of risk.

Similarly, ISO 15489 gives considerable attention to the role of records management in organizations’ operations. It requires records management to continually contribute to the improvement of business processes. This tends to cost-justify a records program based on improved efficiency. GARP alludes to improved operations in its Availability principle, but the Maturity Model mentions return-on-investment only at the highest, or Transformational, level. Making the case that implementing GARP makes good economic sense requires inserting a couple of extra steps that borrow from 15489.

In a decade, the discipline of records management “rose from the basement to boardroom”, to quote ARMA workshops. While still a business service, today’s records leaders carry consultative and strategic responsibilities as well. Part of GARP’s raison d’être is to give new “Chief Records Officers” a tool, language, and model easily understood by other management professionals. Intentionally, GARP derives from the financial world’s Generally Accepted Accounting Principles. It is both content and packaging. In 2000, such a need was only a glimmer.

ISO 15489 are complementary – different but without contradiction. Both serve records managers well. In 2010, records programs need to meet internationally-accepted standards more than ever. Simultaneously, records managers can try to make their programs, as GARP puts it, transformational.

The RIM program that subscribes to both GARP and ISO 15489 will 1) be full-featured and 2) function effectively. Aspiring and progressing toward both appears to be a path toward a successful program.

The Limericks of GARP

In honor of today's ARMA Webinar on the first Generally Accepted Recordkeeping Principle (GARP), I offer what may become the first of a series of related limericks:

The principle, accountability
Can bring a RIM program stability
There's no need to carp,
That according to GARP,
It also brings profitability

Feel free to counter with your own verse in the comment section.

"Permanent" Records Storage?

Last night, an esteemed colleague in data security used the phrase "persistent storage". This struck me as a useful description for retention that has otherwise been described as "permanent". The word "persistent" connotes an ongoing nature without definite termination. It seems more appropriate since nothing is truly permanent.

The earliest writings we have are 5,000 year old cuneiforms. That's about half the lifecycle necessary for inventory records of spent fuel rods at our nuclear power plants (and 10,000 years is just the half-life, after which the rods still emit dangerous radiation.)

Call a 10,000 year lifecycle "permanent" storage if you like. For anything shorter, I prefer the word "persistent".

Your thoughts?

An MM that is not candy-coated chocolate, Mickey Mouse, a Detroit Rapper, Maris and Mantle, nor Mauer and Morneau (if you’re a Minnesota Twins Fan)

As noted in these pages, last fall in Orlando, ARMA International announced GARP, its Generally Accepted Recordkeeping Principles. In my October 21 post, “The Disney World According to GARP”, I called it, “a significant contribution to the burgeoning field of information governance.” Further, I noted, “GARP is not a novelty as much as a codification of long-evolving recordkeeping ideals.”

Last week, ARMA released GARP’s companion, a Maturity Model that was still in beta last fall. The MM – although the content is anything but Mickey Mouse -- evaluates RIM programs on a five-point scale:

• Sub-standard
• In development
• Essential
• Proactive
• Transformational
  

Within the Maturity Model’s 40 cells (eight principles x five levels), an organization can objectively evaluate its RIM program, identifying areas that need strengthening and/or risk reduction. No longer need a records manager’s boss describe their program as “pretty good” or worse, “good enough”. With the new MM, a program can be designated, for example, as “60 percent of ideal” or “deficient in two key areas”. And those statements lead to telling questions: “Is that good enough”, “Are we OK with that?” and “Can we live with that level of risk?”

The Maturity Model is a tool, no more/no less. It doesn’t do the evaluation by itself, but it does make a serious evaluation simpler and more accurate.

There are ambiguities to be resolved. Cells contain between two and five statements, and in my first use, I found that a RIM program could stretch over three levels for a single principle. Using the Compliance principle, for example, an organization, simultaneously, could have a Level Two destruction-hold process, a Level Three recognition of “relevant laws and regulations”, and a Level Four training regimen for employees.

Further, RIM programs seldom are monolithic and internally consistent. An organization could have a sophisticated program for managing paper and microforms while its digital records are wildly unmanaged.

These are observations, not criticisms. A creative RIMmer will assign a point value to a particular situation to answer the questions, “Are we good enough? Is our records risk acceptable?”

The GARP MM is a long stride ahead of other evaluators currently available, such as AIIM’s 13-question Records Management Competency Self Assessment Tool and OpenText’s Records Management Scorecard. The MM helps perform a current-state assessment, a prerequisite to a plan for improvement.

To plan an itinerary, one needs to know the starting coordinates. The GARP MM meets that need and points to where a RIM program wants to go.

GARP repackaged best RIM practices in a format that speaks volumes to top management. Similarly, the Maturity Model articulates what every good RIMmer already knows intuitively. Its value lies in quantifying quality and setting benchmarks for top management to accept, reject or authorize improvement.

It would be a mistake to minimize any tool that speaks truth to power. Gaining support from top management is always a critical strategy. When moving a RIM program forward, GARP’s MM offers significant help.

On the Sunny Side of the Street

In the January 19, 2010 issue of Infonomics Weekly, Editory Bryant Duhon asks: "Are We Too Negative?Avoid litigation. Stay out of jail. Avoid costs. OK, these are good goals, but do we focus too much on the negative benefits that the tools in the ECM industry provide at the expense of pointing out how valuable and effective those tools can be at providing real ROI and positive value?"

To which I responded:

"Sure there is plenty of negativity out there…there always is. But the glass is half-full, too. That's why my blog is called 'Positively RIM'. On the plus side, we can say that Records/Content Management allows the defendants to prove their innocence in a court of law. It allows law-abiders to prove their compliance with regulations. It contributes to a greener planet.

"Beyond that, however, records management is an underpinning of our whole society. It delivers laws and case laws. It verifies honest elections. It enables customer service. And it preserves our history. Each year, more than a million Americans file their first claims for Social Security benefits and, behold, their work records from 40 year before are there to verify their labors and just desserts. That's just one of many positive examples.

"So there are plenty of positives to see. Sometimes it means looking at the bottom half of the proverbial glass. And sometimes it means taking a step back to appreciate what we (especially in America) often take for granted."