20 October 2011

The Lost Limerick of GARP

Followers of this Blog may have noticed that, while there are eight Generally Accepted Recordkeeping Principles (GARP), there were only seven Limericks of GARP. The limerick on Compliance was lost to the sands of time (or at least to 2010). However, inspired by this week's ARMA International conference, I humbly submit a middling effort to complete the series:

The two principles of compliance
Are easier than rocket science
Regs are observed
And policies served
Without compromise or defiance

Note: I claim copyright to my Limericks of GARP and hope to collect them for your pleasure of frustration in the future.

As always, thanks for reading. Writing loses much of its value without readers!

06 October 2011

RIM in the Cloud -- segmented

Gentle Readers:

Some of you have seen my article in the current Baseline Magazine called Challenges to Governing Remote Information. If not, I hope you will go to the above link if this subject interests you.

Baseline holds the copyright on this article, so even as author, I cannot reproduce it here. However, while Baseline printed the kernel of the article, the editors omitted significant introductory and concluding material. This is posted, below. I hope you enjoy and benefit from it, and I invite your comments and responses.

Thank you. Writing can be an exercise in futility without readers.

Gordy

The Riddle of Cloud Records Management
or
Nine Challenges to Governing Remote Information

By Gordon E.J. Hoke, Certified Records Manager

The discipline of Records Management is an answer to the riddle: “What is always changing but ever the same?” Pottery shards of tax records go back to 2,500 BCE, yet tax law is still evolving. Ancient Samaria’s need to manage tax records confronts us today.

In 2011, remote storage of digital information, part of the Cloud, grows in volume and frequency. The Cloud is more than evolutionary; it is qualitatively different from the media of 10 years ago. Compared to tapes, disks, chips and other data storage options, the Cloud offers users both enhanced benefits and greater risks. It is not a panacea, but it is a powerful tool for information governance.

The media, style, and methods of capturing, using, preserving, and disposing of records is always changing. The Cloud is the latest iteration. The principles of Records and Information Management (RIM), however, are always the same. That essence has not changed in at least 4,500 years. The way we meet those exigencies is as new as tomorrow.

Records Management offers reduced risk to organizations sending valuable data to the Cloud. In recent years, some organizations sent data first, and then asked records analysts to manage the information. This inverted sequence produced problems. Even when well planned, records management in The Cloud is a serious challenge.

Nonetheless, there are compelling economic reasons for using the Cloud:

1. It is scalable in size and elastic in its capacity. For organizations with varying (perhaps seasonal) needs, this eliminates periodically unused bandwidth.
2. Hosts may serve multiple users, providing economies of scale that are, at least in theory, passed on to the users
3. The resources are delivered as a service. There are no hardware, software, or development costs. Charges are operational expenses, not capital outlay
4. Information travels via the Internet or other wide-area network, so accessibility should be possible from almost anywhere.
5. Costs are keyed to usage, so the user never pays for excess capacity


New Wine in Old Vessels


The precepts of records management evolve at a glacial pace. The latest attempt to define these age-old concepts comes from ARMA International’s Generally Accepted Recordkeeping Principles, or GARP®. GARP applies millennia of learning through a universal system, appropriate for the Cloud as well as ancient scrolls. The principles are not new, but this particular codification is. These principles, which are described in depth at www.arma.org/garp, are:

1. Retention
2. Disposition
3. Accountability
4. Transparency
5. Integrity, including metadata
6. Protection
7. Compliance/participation
8. Availability, including e-discovery

These principles apply to records management, regardless of time, place, or medium. For example, consider Integrity. This principle assures users that records are what they say they are: authentic, original documents that have not been altered. With digital documents, we rely on metadata to show, among other identifiers, the date of a document’s creation and use, or that only approved people have looked at the document. Hundreds of years ago, records managers added physical metadata to documents, such as a wax seal, to ensure a record’s integrity. Despite the differences, the principle is the same.

GARP addresses the ancient Library at Alexandra (4th Century BCE), the Magna Carta (1215 CE), and the Cloud.

[Insert Baseline article -- http://www.baselinemag.com/c/a/IT-Management/Challenges-to-Governing-Remote-Information-709978/]

Moving Forward While Staying the Same


Dilemmas about how to manage records in new media, including the Cloud, are real, and they must be addressed and resolved. The issues need policies and procedures in service of the records’ value which, as always, remains in the content: the data and metadata.

Practicing GARP becomes a framework for risk reduction. It allows organizations to ask the question, “How can we use best practices while taking advantage of the Cloud? How can we enjoy the benefits while minimizing the risks?”

In the not-too-distant future, the obstacles to RIM in the Cloud will diminish. The concept will mature and improve. Cloud providers will incorporate GARP in their offerings. As that happens, new technologies will appear, and records managers will apply GARP there as well. It is ever the same and ever new.

 30