Intelligent Enterprise featuring Transform
START NEWS & ANALYSIS OPINION CHANNELS PRODUCT GUIDES REVIEWS TECHWEBCASTS
CONTACTS ARCHIVES ADVANCED SEARCH
Rate & Review
Letter to the Editor
E-mail Article
Print Article
May 2003

Your CEO Wants to Know ... Will Your Records Strategy Pass the Test?

by Russell Letson

Continued from [ page 1 ]

As for organizations that already have a records management system, Cogar believes some process engineering and workflow study will point the way to full compliance with the latest regulations. "Once organizations do that analysis," she says, "[they may discover that they need] to do some upgrades or changes to their systems."

Bruce Miller, who works on electronic records strategy and development at IBM, cites Sarbanes-Oxley, SEC record-retention regulations and NASD surveillance rules as the three "sources of pressure" on financial-services organizations. While Sarbanes-Oxley by itself does not, he says, "translate into technology, the other two do, and we're getting pressure from our customers to turn those requirements into technology solutions."

Miller boils down the requirements to six for the SEC rules and five for the NASD (see sidebar, "SEC and NASD Requirements in a Nutshell"). Electronic records management, says Miller, is the common element in all these rule sets. "You must keep what you're obliged to keep, and you must not throw it out until and unless you have permission to do so according to the official rules," he explains. "That's what e-records are all about."

Miller says the mix of off-the-shelf records management technologies includes content or document management and centralized storage; high-speed hierarchical storage management; formal, structured records management; high-capacity, network-attached Write Once Read Many storage; and message capture and email management.

"Be careful not to confuse capture with record keeping," warns Miller. "The Merrill Lynches of the world are [capturing] terabytes per day, [but they tell us] their problem was drinking from a firehose." In other words, they could save all the information specified, but they couldn't find particular pieces of information with the management and search mechanisms they had in place.

Since many organizations don't know what records they have, a natural starting point is taking an inventory to determine what you have, where you have it and what format it's in.

"You need to know what records you have... so you can say specifically what you have been destroying," says Lynette Downing, records and information manager at accounting firm HLB Tautges Redpath of White Bear Lake, MN. "You might have records sitting out on a file server and no one's really controlling it other than IT, who don't always know how to deal with records. They might be deleting something from a hard drive just because the space is filled up. That's selective destruction, and that's very frowned upon. That's what got Arthur Anderson in trouble."

Downing's advice is fundamental: get organized and stay organized. "The best way to defend oneself is to have a structured program — to know what you have and have written policies and procedures," she says. "And I tell our clients that just having written policies and procedures doesn't do diddley either if you don't follow them consistently. Audit your own program... It doesn't matter what size company you have, you should be doing that."

It's Not Just the Law, It's a Good Idea

One of the reasons that the new wave of regulation and oversight isn't an entirely new frontier is that there have been good business reasons for some of these records management practices all along. For example, it just makes sense to know what you have or don't have and to be able to use all your internal documents and records efficiently to solve your business problems. Today's tighter legal requirements simply reinforce sound records management practices.

Accounting firms point to the convergence of regulatory and business-process reasons for implementing records management technology. Practicing what it preaches, HLB Tautges Redpath decided two years ago to implement a Hummingbird document management/records management (DM/RM) solution.

"We made the move that everything that used to be officially paper now is officially electronic," explains Downing. "We don't open paper files for our clients any more. Everything is in the document management system, and we have a very strict review process. There was no mandate that said we needed to do it at that point. We did it because it's a good business practice to have your records organized."

[ BACK | NEXT ]



Channels
Business Process Management
Content Storage
Content Management
Compliance
Enterprise Solutions
Document Scanning & Capture
Content Delivery & Publishing
Collaboration & Knowledge Management
Search and Classification
Locate an article from our print magazine. Just enter your Locator ID Number below.
ID#


NEWS FROM THE PIPELINE

OpenOffice.org 2.0 Closes On Final

New Study Finds Steep Growth For Smartphones

PalmSource Sale Cleared By Federal Agency

CTIA Panel Examines Enterprise Security Risks

[more]





HOME | ARCHIVE | REALWARE AWARDS

A Publication of the Network Computing Enterprise Architecture Group
Brought to you by CMP Media LLC, Copyright © 2005
Privacy Statement | Your California Privacy Rights | Terms Of Service