Weblogs

January 27, 2012

Information Governance and ROI

How do you calculate the Return On Investment (ROI) as it pertains to information governance? On the one hand, this may not even be the right question. As our CTO Bassam Zarkout recently asked members of the Detroit ARMA Chapter, “Would you ask what the ROI is for your fire safety systems? How is risk mitigation associated with your records management program any different?”

Nevertheless, executives often require demonstrable ROI before they sign off on the organizational commitment information governance requires. Many of the key benefits of deploying an information governance platform are intangible:

  • Operational efficiencies from secure, rapid information access, and from automating record lifecycle actions
  • Assured compliance with applicable laws and regulations
  • Improved e-discovery processes

The problem is that applying hard dollar values to these benefits requires that customers clearly understand costs underlying their current state of affairs. Do you have that kind of visibility into your records management processes and the costs associated with those? How much does an e-discovery request cost? What are the administrative costs incurred by manual tasks related to record disposition, migration, or enforcing security and privacy controls?

Some costs are relatively well understood. Let’s take a look at two of them today, and how they might comprise part of the information governance business case.

Storage

I am not a storage expert. If I were to pretend otherwise, this would become immediately evident to those of you who are. But I know enough to marvel at the amazing calisthenics IT Executives and Administrators must perform in order to meet demands imposed upon them by business and legal entities. First, IT must overcome the assumption that storage is cheap. This is partially true, insofar as storage devices are concerned: the cost of this hardware is indeed falling. The cost of administering those devices, however, is not. At the most basic level, consider the environmental costs… machines need space and consume power to operate without melting. On top of those costs, IT executives must hire people to perform periodic backups, transfer archives between storage media, and respond to requests to produce archived information as required by litigation and normal business activities. Business owners and legal teams (who, let’s face it, should know better) demand that IT retain information indefinitely… “Yes, I know we have a retention schedule, but ignore it for now, and keep these records, just in case!” The volume of information is increasing exponentially, and with it, the costs associated with all this stuff (technical term) that must be stored. These demands could be easily met if IT budgets were increasing in lockstep with these demands. This isn't 1997... they aren’t.

And so I marvel at the creativity of the IT Executives I meet. To keep systems healthy and functional, within the constraints imposed by budgets, Service Level Agreements, and regulatory obligations, IT leaders must reshuffle projects and priorities, as they and their teams are asked to do more with less. As economists are wont to say, this is not sustainable. At some point, those deferred projects must begin. That SAP upgrade, CRM Rollout, or mainframe migration isn’t going to wait forever. And at that point, companies who haven't will have to take a second look at storage.

Every IT Executive I have met knows exactly what their storage costs are, mainly because they are constantly having to make the case to increase their annual storage spend. They can easily match those costs with the potential savings incurred simply by adhering to the retention schedule that is already in place. “X Petabytes of information could be disposed today, multiplied by $ dollars per petabyte per year.” Add the rolling future savings of planned disposition activities (dashboards are a wonderful source of this kind of information), and you’ve got yourself a compelling ROI right off the bat. Policy-based storage tier transfers can bring additional savings, as content is migrated from fast, expensive Tier 1 storage to cheaper tiers.

To be sure, most of this is not new. What IS revolutionary, however, is the notion that the storage lifecycle of records (just like privacy and security lifecycles, in addition to the disposition period of the record) should be part of an overall information governance policy, and enforced as such. It won’t be long before IT Executives are going to be very, very interested in Information Governance, as the key means for reducing storage costs. In fact, many already are.

Policy Updates

How long has it been since your retention schedule was refreshed? How did that go?

A significant majority of the customers I talk to tell me that the process of updating the retention schedule is so painful, they put it off for as long as they can. Once every two years is common... I have heard up to 5 years between updates. When they explain to me what they do, I understand why they procrastinate. A typical process could include some or all of the following:

  • Field surveys completed by business owners, legal, and records managers, providing feedback on policy and allowing them to formally register change requests
  • A review of relevant statutes, industry guidelines, and internal standards for records management
  • Redesigned business processes, to account for the manual enforcement activities required by the retention schedule
  • Accounting for acquired entities, who perhaps brought their own retention schedule that must now be incorporated
  • Approvals from legal, risk, compliance, privacy, security, records management, IT, and / or business executives (a group that we would call an Information Governance Steering committee... but hold that thought)

That’s a full time job by itself! Which is exactly the problem… all the people involved in this conversation have “Day Jobs”, as it were… they have higher priorities, and are often (usually? always?) reticent to set those aside and get involved in this process. For this reason, outside consultants are often hired to review and update the retention schedule, usually for significant sums of money.

What if, instead of bringing in consultants to review and update the retention schedule, companies had a collaboration platform used by their Information Governance Steering Committee? (Still holding that thought? We’ve got a webinar coming up that walks through the role of a IG Steering Committee, and how to charter one if you haven’t already.) There are a number of significant and compelling benefits to this approach… but since we’re talking ROI today, let’s focus on the dollar savings. Instead of making wholesale changes to the entire policy every 2 or 3 years, a policy collaboration environment like RSD GLASS Mosaic allows members of the steering committee to continuously and incrementally refine policy as needed. Since Mosaic policies are both human- and machine-readable, socialization and automatic enforcement of the policy changes can begin immediately, regardless of where the information resides.

Policy change need not be the painful, expensive process most companies undertake today. The savings derived from migrating from a monolithic change management process to an incremental one should absolutely be included in an ROI calculation.

Posted by James Amsler at 12:57 PM in English language, Information Governance, Management and Administration, Records Management, ROI, Weblogs | | Comments (1) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , , , , , , , , , ,

December 21, 2011

2011 in Review – Pop Culture Meets Information Governance

Wow, it’s already the end of December. It’s been an exciting, busy, and fun year at RSD as we continue to work with our customers on addressing their information governance challenges. I know there are going to be dozens of articles on reviewing 2011 and predicting the next big trends, I thought it would be fun to combine 2011 pop culture with trends we will most likely see information governance in 2012. Also included at no charge are ten recommendations for 2012.

Album of the Year: 21 from Adele

“Here's a fire starting in my heart, reaching a fever pitch, it's bringing me out the dark”

Historically, records management was a corporate function buried in the basement or locked away in the dark somewhere in some offsite storage facility. Records mangers were focused on paper records, ensuring records were retained in a reliable and authentic manner and are ultimately disposed of in accordance with a retention schedule. Today, things are much different. Management of corporate information is becoming a topic of discussion at the executive level because of the consequences of information mismanagement  – brand damage, stock price, fines, and revenue. This is precisely why the records management function is beginning to report to general counsel and getting a seat at the table where strategic decisions are being made.

2012 Prediction: I don’t want to be the hundredth person to tell you to get executive buy-in for your records management program. This is going to be a slow process. I suggest starting to create awareness in your organization, starting with your peers (in other functions) and making this part of the department/corporate objectives.

Book of the Year: Unbroken from Laura Hillenbrand

“Though all three men faced the same hardship, their differing perceptions of it appeared to be shaping their fates”

Information management applies to everyone in the organization – regardless role, level, or jurisdiction. One of the top challenges facing companies is determining who owns this problem. Some say it’s legal, others claim IT, and a few maintain the business owns it. This is just one of the reasons why the current process is broken. Organizations must develop an overall governance strategy that includes a closed-loop records management program – from policy creation time through policy enforcement over the decades-long lifecycle of corporate records. These strategies must be also aligned with IT reality and cost constraints with a well-defined set of stakeholders, policies and procedures. The program’s objectives are to advance the corporate compliance agenda, mitigate risks and improve value of information. The tactics of the program consist of applying “legally defensible” governance controls over corporate information throughout its entire lifecycle.

2012 Prediction: IT is going be driving more and more projects to support the information governance program. According to a December Gartner report (G00227336), by 2016, 20% of CIOs in regulated industries will lose their jobs for failing to implement the discipline of information governance successfully.

Movie of the Year: Transformers 3

“You simply fail to understand, that the needs of the many outweigh the needs of the few...”

Information governance policies and objectives cannot and should not be developed in a vacuum. You must get consensus throughout company on policy, then add local stipulations. Policies should also incorporate attributes associated with the business, IT, legal, and compliance:

  • Retention/disposition (i.e. when can we safely delete information)
  • E-discovery (i.e. legal hold, data map)
  • Data privacy (i.e. Personally Identifiable Information)
  • Storage lifecycle (i.e. automatic tier migration)
  • Metadata lifecycle management (i.e. keeping full text index for the life of the record)
  • Laws and regulations (i.e. justification around the policy)

2012 Prediction: Expanding existing policies to include all of these elements will take time; certainly beyond 2012. However, in the near-term (that’s 2012), many more multinational organizations will consider jurisdiction-specific rules and include the business owners in the policy development process. According to a recent Forrester Report; 53% are not satisfied with their records management solution’s support for international requirements.

App of the Year: Words with Friends

“Word building, triple score seeking, chat bubble sending goodness with simple and familiar gameplay you know and love”

SharePoint 2010. Enough said, right? Well, sort of. Take it from me, SharePoint has certainly dominated the market this last couple of years. One of the reasons is because it’s simple to use and integrates well into the Office environment. The big question on the table is the impact SharePoint has on an information governance program. As usual, some companies have addressed this pretty well. If you haven’t, here’s a hint: start with your policies.

2012 Prediction: SharePoint 2010 came along way in terms of records management functionality and you will hear more and more case studies on how (and why) organizations are standardizing on SharePoint.

Final Words

Based on what I am reading and hearing from our customers, 2012 will be an exciting year for information management professionals. Top ten 2011 takeaways and suggestions for 2012:

  1. Why not, boil the ocean at once.
  2. Don’t forget about “Small Data”.
  3. Understand the impact of records management on social media (this blog is a record, so there!)
  4. I personally prefer “reactive” e-Discovery, don’t you?
  5. Use the cloud for everything…and yes, I mean everything.
  6. Job security: everything you do should not be repeatable or defensible.
  7. eDiscovery, records management, information governance are not the same sides of the same coin. I am sorry, that’s just not possible.
  8. Information governance means what you want it to mean.
  9. Explain SharePoint 2010 governance to users. They will appreciate it.
  10. Have fun and to quote the late Steve Jobs, “Think Different”.

Happy Holidays and New Year.

Posted by Tamir Sigal at 07:18 AM in Current Affairs, English language, Information Governance, Records Management, Web/Tech, Weblogs | | Comments (2) | TrackBack (0)

Technorati Tags: , , , , , , , ,

October 26, 2011

Observations from the ACC Annual Meeting

Hello from Denver! We are wrapping up our presence at this year's annual meeting of the Association of Corporate Counsel (ACC). Early season snowflakes are flying, and conference attendees may end up spending a day or so more in Denver than originally planned. No time better than now to post some thoughts on the last three days.

We’ve not sponsored a booth, reception, or water cooler at ACC before. And while I’ve had numerous conversations with inside counsel (Chief Legal Officers, General Counsel, Assistant General Counsel, etc.) over the last year or so, I’ve never had the opportunity to talk to so many of these individuals at one time. I had dozens of interesting conversations with conference attendees, and learned quite a bit in the process.

Lesson 1: e-Discovery is not the issue I thought it was

One of the significant benefits of adopting an information governance solution like RSD GLASS is a significant, even measurable improvement in e-Discovery efficiency. And this makes sense. RSD GLASS provides a single source of search and access to governed records. These records are those most likely to be requested in the event of litigation, and / or those most likely to be scrutinized as a result of a compliance audit. By placing these records under governance ensures that records are managed in accordance with policy and relevant statutes, which likely results in a dramatic decrease inthe sheer volume of content to be searched and evaluated for potential relevancy. Counsel have a single solution for searching, accessing, and placing litigation holds on this content, across all governed repositories. The efficiency comes from not having to repeat the same search and hold process across countless file plans, repositories, and jurisdictions.

I thought this was going to be a compelling message for this audience. By and large, I was mistaken. Most of the attendees I spoke with already had an e-Discovery solution in place, in parallel with existing records management solutions and technologies. Some had spent significant sums of money purchasing and implementing these solutions, and most were still in the process of doing so. But the majority of conversations I had suggested that these folks were pleased with their e-Discovery solution, or, if not, had the expectation that they eventually would be happy with it.

The logical next step in this discussion is how information governance changes the way companies approach e-Discovery.

Lesson 2: "Information Governance" is a relatively empty label for this crowd

I am fond of describing RSD GLASS as an information governance platform. This allows me to expound on our unique approach to information governance, and also calls out the fact that RSD GLASS is more than a simple application or solution. As well it should be, given the complexities of the business and technical challenges it addresses.

Therefore, in answer to the question, “So what does RSD do?” I began by explaining how RSD GLASS solves information governance challenges, including multi-jurisdictional policy development, cross-repository enforcement, and secure information access. I was surprised at how poorly the topic of information governance resonated with inside counsel. In deepening the conversation, I learned that corporate counsel tends not to get inolved in solving information governance challenges. It's not so much that any of these individuals felt that these benefits were unimportant; no attorney is going to say that policy enforcement is unimportant (although many admit that, nevertheless, their company does not abide by its retention schedule). Rather, it is simply a matter of priorities. They told me their primary interest is in securing the tools, assets, resources and information they need to respond to litigation. This focus is singular and narrow, in sharp contrast to the global perspective addressed by information governance.

The good news is that, well, when it comes to helping handle litigation, we have good news for them as well. And this benefit opened a few eyes this week.

Lesson 3: Defensible Disposition is really, really difficult

RSD GLASS is a significant factor in establishing a legally defensible disposition program. Consider the position of corporate counsel who has implemented RSD GLASS. The conversation with the court can go something like this:

Court: “Give us all records related to this litigation.”

Corporate Counsel of an RSD GLASS Customer: “We have some records related to the matter, but not all of them.”

Court: “Why don’t you have everything that has been requested?”

RSDGCC: “Because we have a corporate information governance policy in place. We have enforced this policy on our records, regardless of their potential relevance to this matter. In fact, here are the full audit trails that show what policy was in place at the time these records were declared, and how the policy was enforced not just on these records you requested, but all records. Disposition is not haphazard; we consistently enforce our policy.”

Court: “Well then. Let’s proceed with what we’ve got.”

100% of the corporate counsel I spoke with these first two days of ACC were unable to have this conversation, because their corporate records management policy is either sporadically enforced, or not enforced at all.

100% of the corporate counsel I spoke with these first days of ACC wished they could have this conversation with the court. These people will greatly benefit from an information governance solution like RSD GLASS.

Lesson 4: Corporate Counsel are resourceful people

As we did last week with ARMA, we sponsored a hybrid scavenger hunt / marketing campaign around RSD GLASS. Conference attendees had the opportunity to come by the booth and grab buttons. Each button had a letter on it: G, L, A, or S. The first group of five who could spell GLASS all won iPads. We had no winners on the first day. In fact, given the audience, this was somewhat problematic, as we were accused of rigging the game, and not distributing a required letter. “We are litigators… a class action suit may result here, if you don’t have any winners.”

Yesterday morning, around 11:00 AM, we finally had our winning group. It started with a single individual who had not previously heard of RSD or our iPad giveway promotion, but quickly understood that the point of the exercise was an interactive one. Find others, whether you know them or not, and get them invested in the promotion. She recruited a handful of others, who then traded business cards and contact information. Within an hour or so, this group of strangers spelled out GLASS. iPads for five! They celebrated with much enthusiasm. It was fascinating to watch this group network.

IMG_1463

Congrats to our winners, and thanks everyone for stopping by the booth.

Posted by James Amsler at 10:59 AM in Archiving solution, Buisiness Information Delivery, Enterprise Archiving and Retrieval, Information Governance, Records Management, Weblogs | | Comments (6) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , , , , , , , , , ,

October 19, 2011

Thoughts from ARMA 2011 Conference – My Three Takeaways

I just returned from the ARMA 2011 conference, held at the Gaylord Resort at the National Harbor in Maryland. I have been to ARMA several times in the past (more times that I would like to admit) and happy to see Gaylord_national_harborARMA is pushing the envelope with the program and content. This is certainly required to keep the records management function relevant in today’s organization.

Going up, 17th floor please

The first time I attended ARMA, most of the attendees were either in the basement or locked away somewhere in some offsite storage facility. Records mangers were focused on paper records, ensuring records were retained in reliable and authentic manner and are ultimately disposed of in accordance with a retention schedule. Today, things are much different:

  • Explosion in electronic content (formats, storage)
  • Defined and stringent eDiscovery requirements
  • Laws and regulations across multiple jurisdictions
  • IT systems (often times with cryptic names)
  • Privacy and security concerns

I am not going to bore you (again) on the consequences of information mismanagement – brand damage, stock price, fines, and revenue. This is precisely why the management of corporate information is becoming a topic of discussion at the executive level. Records management is beginning to report into legal and getting a seat at the table where strategic decisions are being made. I do warn you this trend is a little slow according to the latest Forrester survey, but it is changing. Galina Datskovsky, the president of ARMA suggested inserting yourself into these conversations about better ways of managing information.

Oh no, this blog is a record

It just occurred to me, “managing information” is just so broad and I hate when vendors use this term (oh wait, sorry). The term “information” means different things to different people. For some, this means paper records stored in some warehouse off the NJ Turnpike. For others in marketing, it may be the twitter feed on their products. Very different – for obvious reasons. I recall six years ago at ARMA, the big thing people were talking about was email. This year, ARMA decided to make the Tuesday morning general session around social media and records management. Wow, talking about pushing the envelope. This is from the same organization that not long ago was touting "electronic records were the future of records management."

The session (in the format of a vendor panel), talked about the many steps a company needs to integrate records management program with their social media strategy. The best takeaways from this session include:

  • It all starts with policies – I have been saying this for years. Regardless of the source, format, location of the information, you need to define and validate the policies.
  • Policies include more than retention – Everyone on the panel agreed policies should include data privacy, address metadata concerns, and address security concerns.
  • All jurisdictions are not treated equal – This is a no brainer but should be mentioned. Each geographic region has its own set of laws, regulations, and requirements. This is especially around data privacy.

My favorite part of the session was when one of the panelists claimed their technology can determine if my tweets and blogs are sarcastic. Now, that’s awesome!

So, the second take away from ARMA is more practical advice on how to best govern all corporate records, which is currently outside the records management function. According to statistics, records management only deals with 10%-15% of the information within the organization – file shares, C drives, ERP systems, and social media content (blogs, tweets, etc). No surprise, SharePoint was a big discussion point. But that’s a different topic for another day.

Finally, information governance means something

Information governance is being used more and more –and not only by the vendors. At several customer meetings in our beautiful private suite, I asked the question. Does your company use the term information governance? The resounding answer was “yes”. We have customers leveraging the GARP maturity model to assess their information governance needs across departments and jurisdictions. Barclay Blair was walking around the expo floor asking people how they defined information governance. Can’t wait to see the results.

RSD defines information governance as the means of enforcing the desirable behavior in creating, using, managing, and deleting of all corporate information. Information governance is not search. Information governance is not a mechanism to justify increasing storage costs. Information governance does not mean you need to roll out hundreds of crawlers on your users desktops. Finally, information governance does not mean auto classification (which by the way does require some discussion).

At this year’s ARMA, RSD decided to declare itself as “the official sponsor of information governance”. This is for a reason. In addition to delivering a proven and patent-pending solution to market, RSD’s Bassam Zarkout was the only person at ARMA 2008 talking about information governance before information governance even was discussed by anyone. Now that’s cool.

Final words

Even though I think the show was a little slower this year, the event was excellent. I would like to personally thank ARMA for a great event and for all the attendees who took part in our contest. Who knew, the letter “A” was the most valuable button. RSD gave away five iPads - go Apple stock price. I would also like to thank Bob Williams from the Cohasset Group for organizing the MER Experience. The feedback from this track was extremely positive and I am proud RSD was part of this program.

Comments, questions, concerns?  I would love to hear from you. See you in Chicago.

Posted by Tamir Sigal at 12:18 PM in Current Affairs, English language, Enterprise Archiving and Retrieval, Information Governance, Records Management, Weblogs | | Comments (5) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , , ,

May 27, 2011

The MER Rookie

The MER Conference was held in my backyard this past week. Hordes (well, hundreds) of industry experts descended upon Michigan Avenue and generally behaved themselves, much as you’d expect of a group of people with graduate degrees in Library Sciences.

We did not host a booth this year. Rather, we sponsored the MER Podcast Series. A number of my RSD colleagues had previously attended a dozen or MER Conferences, and recommended it enthusiastically. I’m glad they did. I attended a Pre-Conference Tutorial, and as many Case Studies and Panel Discussions as I could manage. Here are a couple of observations from a MER Rookie.

Orthodox Records Management 101

My Pre-Conference Tutorial was the AIIM Electronic Records Management Practitioner Certificate Program, facilitated by former Marine Drill Sergeant and Professional Chocolate Connoisseur Jessie Wilkins. For me, this was a useful and thoroughly welcomed introduction into traditional Records Management principles. It provided a nice foundation for the rest of the week’s sessions, as well as important context for my conversations with customers and prospects steeped in these concepts. This is exactly what I expected from this tutorial, and I was glad to get it.

What I was unprepared for was the extent to which the rest of the conference continued to beat on the same themes. In fact, a template for speaker abstracts might go something like this: “Tried and true RM practices will likely suffice, so long as you account for (insert session topic here).” More specifically, I heard the following specific tenets of orthodox RM in multiple sessions:

  • Define a small number of very general and highly inclusive buckets of records. It’s just too hard to expect people to adhere to complex retention schedules.
  • Manual retention enforcement means RM’s must be diligent about reminding people of the policy, and why they should be adhering to it.
  • Event-driven retention, though useful, is very difficult. Instead, apply a broad time-based retention period that will likely meet your intent, even if that means over-retaining some content.
  • Auto-classification doesn’t work well for unstructured content, regardless of what the vendors say. RM’s will spend more time reclassifying improperly classified content than they would have spent manually classifying it (or asking users to do so) in the first place.

To this MER Rookie, the irony was obvious: on the one hand, stay with the tried-and-true RM approaches. On the other, these approaches don’t address:

  • Accounting for applicable laws, regulations, industry best practices, and internal standards and guidelines.
  • Enforcing jurisdictional variances on these mechanisms.
  • Making content readily and securely available for business users.
  • Applying those policies across a heterogeneous landscape of repositories.

At the risk of channeling Solomon on you, is there nothing new under the sun? In fact, in the few instances where any of these items were mentioned, the speaker or panel did so in the context of how difficult it is to solve these problems. For example, I did hear Julie Gable mention that the future of RM is automatic enforcement of policy… but even here, she left me with the sense that she wistfully regarded this as an ideal future state we may reach some day, shortly after we solve cold fusion and everybody has flying cars.

Records Managers as Salespeople

This theme cut across multiple sessions; there was no single session (that I am aware of) dedicated to this topic. In a nutshell, the takeaway for me was that RM’s need to constantly sell their organization and colleagues on the value of adherence to good RM principles. The difficulty here is that people, including executives, legal, and accounting professionals who should know better, are predisposed to over-retain their records. “Abide by the retention schedule” is not something people want to hear.

In the past, the sales message has been focused on the doom and gloom side. “If we don’t behave ourselves here and consistently apply our retention schedule, bad things will happen.” I sensed widespread agreement that there needs to be a positive side to this message, focusing on improved competitiveness or operational efficiency. I found no information on how to build a business case around this, except for the usual mention of reducing storage costs. In Teresa Drabenstadt’s outstanding session on a RIM Program she helped institute at CUNA Mutual, she cited some impressive storage cost savings as a key benefit. Otherwise, the storage argument seemed unpersuasive to me.

The best friend RM’s have in this process is an enlightened, supportive, and empowered executive sponsor. Indeed, every successful case study mentioned executive support as a key factor. NOBODY, however, had any insight into how to get your executive team on board with an RM / IG program, if the idea wasn’t spawned at the executive level in the first place. Failing this, the best an RM can hope for is incremental improvement in adherence to the retention schedule.

Next Year

I’m absolutely looking forward to returning to MER next year. However, knowing what I know from this year’s conference, I think it may also be beneficial for me as an individual and RSD as a company to assume the role of friendly agitator. MER, and the field of Records Management, needs this. In my informal conversations with fellow attendees, I sensed frustration in the lack of new messages and themes.

As a MER Rookie and RSD employee, I am not disappointed by this. If anything, it is further confirmation of our strategy and positioning of RSD GLASS. After this week, I’m more convinced than ever that our approach is unique and revolutionary. I believe an RSD GLASS customer success story will make for a useful and informative Case Study session.

We are well positioned to lead the conversation away from the shortcomings and pitfalls of traditional Records Management approaches. We’d rather focus on the benefits of a repository agnostic Information Governance platform on which you can define fine-grained, multijurisdictional policies that account for laws and regulations, and automatically enforces these in your file plans.

Posted by James Amsler at 09:39 AM in Archiving solution, Buisiness Information Delivery, English language, Enterprise Archiving and Retrieval, Information Governance, Management and Administration, Records Management, ROI, Weblogs | | Comments (4) | TrackBack (0)

Technorati Tags: , , , , , , , , ,

March 28, 2011

It's Alive! It's Alive!!

(This is the second in a three part discussion on Information Governance. For the first part, see What's So Special About Lebanon, Kansas.)

Sorry for the delay in posting the continuation of our series here. It’s been a crazy time for us at RSD. Since last time, we’ve visited customers in Illinois, Wisconsin, Michigan, Washington DC, and Texas, sharing our vision for Information Governance. Our message is getting a lot of traction among our existing customer base, and also with potential new customers. Oh, and did you read our Peugeot Press Release? You did, right? We promise there will be more to come.

Last time, we hypothesized a retail enterprise, and imagined how they might create and validate one or more standard store templates. The science behind developing these models is well-established and sophisticated, and frankly beyond the ken of regular folks like me. Our retailer accounted for laws, regulations, union rules, architectural demands, and a number of other constraints, and defined a corporate template for how their store should be organized. Their next step, and the topic of this entry, is how they'd begin building stores in accordance with their template(s).


As it turns out, this process closely parallels that which Information Governance Steering committees take in building out a corporate Information Governance model. They:

  • Define a standard policy, including the hierarchy of corporate information, metadata, and fine-grained retention schedules on all the above.
  • Define required jurisdictional variances on the policy, as required by law, internal standards and guideliness, industry best practices, or all the above.
  • Engage required constituencies to validate the policy.

This is fun and wonderful, and may even impress friends and neighbors at cocktail parties. However, it’s also absolutely worthless unless you translate the abstract corporate vision into something tangible and useful.

Making the Model Come Alive

From this point, our hypothetical retailer would take those models and templates, and build stores according to the standards they describe. There may be several such models… perhaps different layouts for small, medium, and large stores… urban settings versus suburban or rural… maybe even variations that account for regional variances in distribution patterns or partners. Living, breathing people would take an empty warehouse, and, in accordance with centrally defined standards, add lighting, shelves, coolers, counters, registers, and other services required by customers as they shop.

At RSD, we are proud of IG policy engine. It’s very intuitive, and provides a means for defining, validating and publishing multi-jurisdictional policies. An important competitive differentiator for us is the ability to take these policies and create jurisdiction-specific (and / or business unit specific) File Plans from them. Imagine…

  • … handing over to Records Managers and business users the information they specifically need, and only the information they specifically need. All content is relevant and actionable.
  • … their reaction to having fine-grained validated retention schedules pre-built into those File Plans, rather than defined and implemented in a separate technology or medium. (And yes, metadata, I am looking at you, too.)
  • … being able to automatically enforce the lifecycle actions that have been defined in those policies.
  • … being able to define and enforce lifecycle actions on record metadata independently from record content.
  • ... enforcing those lifecycle actions automatically. If you are into that sort of thing.

Our RSD GLASS customers are doing all of this today.

In many ways, those responsible for managing File Plans with our Information Governance platform are doing the same work as the workers building stores. They take a corporate vision and make it a reality. In short, they are taking the centrally defined standard, and making it come to life.

Frankenstein

All that’s necessary for our imaginary retailer to start making money is to deliver desired goods and services to consumers. For that, they…

Ah, but I get ahead of myself.

Posted by James Amsler at 09:17 AM in Buisiness Information Delivery, English language, Enterprise Archiving and Retrieval, Information Governance, Records Management, Weblogs | | Comments (6) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , , , , ,

February 22, 2011

What's So Special About Lebanon, Kansas?

If you are from Lebanon, Kansas (I'm not), you already know the answer to my question. Don't spoil it for everyone else. The rest of you will have to read through this entry to find out. No scrolling please.

I mentioned a week or so ago that I would be posting a three-part series, introducing Information Governance in terms that are familiar to anyone who has ever walked into a retail establishment. This, hopefully, means just about everyone. Welcome, then, to Part One: Define Centrally.

The Ad Hoc Approach

You may remember from last time that my first high school job was in a local pharmacy. Shortly after I was hired, I received a thorough and just scolding from a Regional Vice President for questioning the layout of our store. At the end of his lecture, he asked a rhetorical question, wondering if I’d prefer out customers go shopping in a street bazaar. As obtuse as the question seems in retrospect, it’s worth considering about his analogy a little more deeply.

There are some advantages to the street bazaar approach. First, it works. People have bought goods and services this way for over 4,000 years. Second, it requires very little administrative oversight, except for the informal enforcement of locations between vendors. Transactions between vendors and customers can be conducted in whatever manner and terms are required by the two parties. One transaction may be completed with hard currency. The next... two chickens. What's not to like?

It’s a good thing this works without oversight, because if you wanted to enforce standards on this process (as a regulatory agency might), you wouldn’t be able to. Other disadvantages are obvious:

  • It doesn’t scale beyond the local market.
  • Consumers have a hard time finding what they are looking for, unless they know exactly where it is.
  • It’s inherently un-measurable.

For these and probably a dozen other reasons, no corporate retailer would ever go to market with this kind of strategy.

Or would they?

Historically, many companies have approached Information Governance using an ad-hoc process. We've all heard the horror stories: Policies in a Microsoft Word document, printed, and pinned to the Record Manager’s cubicle. Policies produced by an outside consultant, who left them in a three-ring binder that, invariably, is "around here somewhere".

I submit that companies approaching Information Governance using an ad-hoc approach tacitly accept many of the same risks as a retailer might in selling goods through a street bazaar. It's needlessly complex, and impossibly difficult to measure and audit. Woe unto your poor business and legal users, who have a very tough time finding what they are looking for. Unless they know exactly* where it is.

* - This sort of domain knowledge has historically been an important value-add for Records and Knowledge Managers. Unfortunately, these ad-hoc demands have taken RM’s away from providing real value to their organization: a strategic overhaul of the inefficient and unsustainable process. As a Records Manager recently told me, “I’m too busy doing my day job to do what I was hired to do.”

Customers have told me they had no means for central policy definition. Instead, they let individual jurisdictions and business units define their own policies, and manage their own content as they see fit. This siloed approach is more common than you may think, and usually results in significant complexity, redundancy, and inefficiency.

Ask yourself: does your corporate taxonomy have thousands upon thousands of Record Classes? How many of those are redundant, sharing the same structure, metadata and retention schedules? How did we allow this to happen? (Hold that thought.)

I am pleased to say that most companies we meet with have evolved from a purely ad-hoc process, and have begun to place some structure around their approach to Information Governance. They have identified their exposure to risk. They are defining policies at a corporate level. The most forward-thinking of these companies have established an Information Governance Steering Committee, tasked with defining the vision for their IG Program. These customers are adopting our approach for standardizing the definition, management, and enforcement of information governance policies across their enterprise.

Like a retailer who has built or procured space and begun building their proverbial four walls, companies who have begun this journey already have the boundaries within which they will build out their Information Governance model. They’re ready to move to the next step, and build the infrastructure.

123824744_5f82a2681a_b

Brick by brick, the structure takes place. Photo courtesy of cdharrison via Flickr.

Developing a Standard

As I described last week, retailers spend considerable amounts of resources defining how their stores should be laid out. Multiple considerations factor in this decision, such as:

  • Traffic flow into, within, and out of the location
  • Governmental regulations, such as those defining accessibility guidelines and safe keeping of product and equipment
  • Consumer preferences

Out of these activities, they generate a shockingly large number of rules. Things like:

  • Don’t put food in the same aisle as pet supplies.
  • Milk and other dairy products should go in the back of the store, so people who come in to only buy a gallon of milk will be forced to walk by other merchandise, thereby increasing the odds they’ll buy more than they intended.
  • Conversely, high-revenue eye candy goes in front. Why does Home Depot place riding lawn mowers in the front of their stores? So that they can’t be missed. You came in for light bulbs; you left with a John Deere. And light bulbs.

These rules become the basis for a corporate standard for a retail layout. Once the standard structure is devised, it goes through many approval layers before becoming a standard template for store organization. They may produce several standards… for example, templates for urban, suburban, and rural locations. As feedback comes from remote locations, templates are constantly revised in accordance with changing market conditions.

This was my understanding of how this process worked 20 years ago. I’m told little has changed since, except retailers understand the science better than they did then. I’m happy to hear from experts on this topic, to confirm or correct my understanding.

If you are a frequent visitor here… if you have met with us, and / or attended many of our Information Governance webinars and events… you are already thinking about the parallels in the discipline of Information Governance. Information Governance begins at the corporate level, where companywide standards for information are devised. What is your information? What is the difference between information and a record? Where is it stored? Who can access it? What is the lifecycle that each record class undergoes? Who needs to be involved in the lifecycle stages? What about metadata?

These discussions should include Corporate Records Managers, Compliance Officers, Legal Counsel, representatives from each LOB, and, for companies that have one or more electronic records, IT. Once your policy is defined and validated, it should be published and easily accessible by every company employee with a stake in information.

RSD customers typically begin building out the Information Governance program by defining a corporate standard Master Classification, then applying variances as necessary to the various jurisdictions. This includes:

  • The hierarchy and structure of their Record Classes
  • Retention schedules that define not just retention and disposition, but also privacy actions, storage lifecycle events, and the handling of metadata attached to records
  • Who is involved in defining, validating, and maintaining these processes. Remember that Information Governance Steering committee I mentioned earlier? They’re like iPads. You're going to want one of those, if you don’t already have one*.

* - I don’t, so don’t take this as an informed endorsement.

In the past, companies have had to do this with multiple tools that were not designed specifically for this purpose. The focus of these solutions has historically been at the jurisdiction / business unit level. This is how we ended up with those messy taxonomies of redundant records. Since taxonomies and retention schedules were maintained at granular levels of the organization, local Records Managers defined the hierachies and structures they needed. There was significant overlap across jurisdictions. As these were centralized, many companies created taxonomies composed of thousands of Record Classes, many of which were redundant.

With RSD GLASS Mosaic, customers simplify their taxonomy into a single Master Classification, with centrally-defined variances that link to and account for laws and regulations applicable at each jurisdiction. Customers use Mosaic as the means for recruiting all constituencies in this process… legal, compliance, IT, Lines of Business, and Records Management at the various organizational levels.

Like a retailer who now has gained validation on a corporate standard for mapping out a store plan, including the various subtleties that may apply in different geographies and locales, Mosaic customers are ready for the next step, where they take the standard, and begin applying it…

Ah, but I get ahead of myself. This entry was all about "Define Centrally." They know all about that in Lebanon, Kansas. Geographic center of the contiguous 48 United States.

Lebanon Kansas knows what it means to Define Centrally

 

Posted by James Amsler at 12:48 AM in Buisiness Information Delivery, English language, Information Governance, Management and Administration, Records Management, Weblogs | | Comments (3) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , , , , , , ,

February 11, 2011

The New Guy's First Lesson in Information Governance

Greetings! While Tamir does an outstanding job keeping the RSD Blog fresh and interesting and relevant, the fact is he has quite a lot on his plate. This week, for example, he’s in Geneva, working with the marketing team there on some new deliverables, and sharing some of what we all learned last week at LegalTech. In addition, he is also preparing for next week’s webinar (you’re dialing in, right?). Busy times for Tamir, and, frankly a fascinating time for all of us at RSD.

By way of introduction, I am a Business Solutions Consultant for RSD, working out of our Chicago office. I’m a relatively new RSD employee. Previously, I spent 14 years in the Knowledge Management, SOA and Data Governance spaces. Mine is a hands-on pre-sales role, working with customers and potential customers to help build an Information Governance foundation. For this reason, much of what I will post here at the RSD Blog will be observations and experiences from real-world projects. It is easy, when discussing a topic as esoteric and overloaded as Information Governance, to think of it in very abstract terms. This is useful, but not sufficient in helping customers develop a strategy for managing their information. It’s my hope that I can generate discussion at a tangible level, passing along practical benefits and challenges my customers experience in their Information Governance maturation. I would very much like to hear from you as I do this. To get started, I will be posting a three-part series describing Information Governance in retail terms. I’ll introduce the idea today, and build it out over the next couple of weeks.

As you know, I am fairly new to RSD… naturally, this is not my first experience as The New Guy. No, that was my junior year in high school, when I was hired by the local Eckerd’s Drug store as a Pharmacy Technician. What a cool first job! While my friends were toiling away down the street at Del Taco and Baskin-Robbins, I got to take prescription slips, call for refill approvals, and even type some of the prescription information into that fancy new computin’ system. And at $3.85 an hour, I was making significantly more money than those aforementioned friends.

About 6 weeks into my employment, we had to stay late one night and give the store a thorough cleaning and restocking. It was explained to me that we were going to be visited the next day by "Ted Anderson"*, a Regional Vice President. Ted’s name was spoken in hushed tones, not unlike Voldemort’s in the Harry Potter books. He was the highest-ranking Eckerd’s executive we would ever see. What’s more, he had a reputation as a bit of a tyrant. My pharmacist told me that he would probably be gone by the time I came in for my shift the next day, but if not, all I should say to him was “Yes, Mr. Anderson.”

* - I have changed Mr. Anderson’s name just slightly because, for all I know, he Googles himself**, or perhaps even reads our blog, and might be a potential customer. I’d rather he NOT remember me for the story I am about to share.

** - Don't we all?

My pharmacist was wrong. Mr. Anderson was still in the store when I arrived the following afternoon. He was walking around the store, making pronouncements, assigning to-do lists. Three of my colleagues were following him, furiously scribbling notes. I stayed out of his way best I could, but he eventually made his way back to the pharmacy. And here I was, The New Guy, stocking shelves, laying low as instructed. I was hoping his time in my domain would be short. It wasn’t.

“Who do we have here?” I looked up from the crate I was unpacking, and it was Ted Anderson.

“Hi, sir. Jim Amsler, new pharmacy tech.” I had already said more than I was allowed. He looked at my name badge. We made polite conversation for a minute or so while my pharmacist watched nervously from behind her counter. Then came this:

“What do you think of the new layout?”

Apparently, shortly before I was hired, Eckerd's had rolled out a new store template. We were one of a half-dozen or so stores piloting the new design. And Ted Anderson was the chief architect behind the change. This was His Thing. Even though I didn’t know this at the time, I still should have punted the question, and made vague approving statements. Silly me. I didn’t.

“You know, I have actually been wondering about this. I don’t understand some parts of it. Like this End Cap here… it’s all Halloween Candy. It’s at the end of an aisle of dental products. That doesn’t make any sense to me.

My three colleagues all looked down at their shoelaces.

“Really, Mr. Amsler? What would you put here instead?”

Good question. I hadn’t thought about it. I made up something off the top of my head… I’m sure it was gibberish. It didn’t matter. There was no correct answer to this question. Ted Anderson patiently waited for me to finish whatever it was I was saying, maintaining unflinching eye contact. He then shredded me, preaching for 10 minutes on the fundamentals and process of store design. To this day, I remember his exact words when he was done: “Would you rather our customers walked into our store only to find a street bazaar?”

I remember this because I wasn't sure what a street bazaar was.

3149585212_12dd0e5121_b

To be fair, this retail model has worked for thousands of years... Photo courtesy of Ed Yourdon via Flickr.

Not to get all The Wonder Years on you, but… I learned a lot that day. Among other things, I learned:

  • Store Design is a science.
  • The process starts at the top levels of a retail organization.
  • Significant time and sums of money are spent on determining optimal store layout(s).
  • Once a model is approved at corporate, it then gets deployed to local stores.
  • This process is meticulously documented.
  • Customers expect each store to look like every other. Exceptions must be perfectly obvious and understandable.
  • Store Management can participate in this process through formal communication channels.
  • New Pharmacy Techs should keep their mouths closed when talking to an RVP.

As to the Information Governance space, first think about...

Ah, but I get ahead of myself.

Posted by James Amsler at 08:57 AM in Buisiness Information Delivery, English language, Information Governance, Management and Administration, Science, Weblogs | | Comments (3) | TrackBack (0)

Technorati Tags: , , , , , , , , ,

November 10, 2010

Lights Off – Thoughts and Observations from ARMA 2010

I just got back from attending ARMA 2010 in San Francisco. I have been to hundreds of conferences before including past ARMA events and have to say this was one of the most exciting events in recent years. This year, RSD was a silver sponsor and created a huge buzz on the tradeshow floor for a number of reasons.

Matchmaker, Matchmake, Make me a Match

First, RSD would like to thank all the supporters of the button-matching campaign. This was the most talked about contest on a tradeshow floor that I have ever seen.. The objective of the contest was for people to find a matching RSD button which had the same text and color. Everyone was walking around the conference, networking events, chapter parties, expo floor, and even in bars/restaurants looking for their match. People sent tweets and posted notes on the ARMA message board. This created a whole new networking opportunity for attendees. All the attendees seemed to have fun with this contest. At 4:30, we had close to 300 people at the RSD booth. We know people were let down when the matching buttons weren’t found and RSD certainly shares that disappointment. Due to the high demand, we ran out of buttons so we also ended up raffling off an iPad. If you think this year’s contest was a hit, wait until next year.

Records Managers are Acknowledging Information Governance

The RSD button contest wasn’t the only thing people were talking about at ARMA 2010. As predicted, information governance was the theme this year – from the preconference session on Sharepoint governance to the technology spotlight in the opening session, other various sessions, and the expo hall. Many people in the records management industry understand the challenge companies are facing today. They know they need to have better controls in place for not only managing the retention schedule but also enforcing it across the complex IT infrastructure. At this year’s conference, people were talking at a higher level and expanding their scope on information management. 

I attended the Technology in the Spotlight and was disappointed since the keynote vendor panel was nothing but a plugfest.

  • Automation – Vendor panel discussed importance of automation. This is not new.
  • eDiscovery – The costs are really high. This is not new.
  • Social media – This was the only interesting topic. The concern of social media can be compared with what happened to email about 5-6 years ago. Companies need to get a better handle on the impact of social media in the enterprise. The best line of the session “'cloudy with a chance of governance”

Without a doubt, Apple’s iPad and Microsoft’s SharePoint got best placement. 

Some Records Managers Still Don’t Get Information Governance

A woman was looking at the RSD signs and came into our booth. We had the following conversation:

Attendee: Hi, I am looking for a records management solution and not for information governance.

Tamir: How do you define the difference between information governance and records management?

Attendee: I am not sure.

Tamir: Records management primarily deals with the management of the retention/disposition of corporate records where information governance includes other facets of the information lifecycle such as laws/regulations, multiple jurisdictions, metadata, storage lifecycle, and data privacy rules.

Attendee: I am not sure if this applies to my role.

Tamir: How do you currently enforce your retention schedule?

Attendee: We really don’t need to do that right now.

Tamir: Isn’t that a concern for you?

Attendee: I am only interested in managing my records.

This is a concern simply because as you heard during the opening session, it’s imperative for records managers to deliver more value to an organization. Don't worry, we are getting there and will be making the information governance journey together.

RSD Announces RSD GLASS 2.0

RSD GLASS enables companies to better manage corporate risk and improve operational efficiency as they work to achieve compliance with regulations and laws governing enterprise information and records management. During the conference, we announced RSD GLASS 2.0 which is the first in the industry to demonstrate technological breakthroughs for enabling organizations to seamlessly go from policy to control to enforcement. We had a few people stop by our booth to validate if the PSS repacement announcement was true. It is true. We showed the ability to centrally manage policies, manage and enforce all lifecycle actions across all repositories -- Open Text, IBM, Oracle, and HP. 

That's information governance. Seeing was believing.

Posted by Tamir Sigal at 11:48 AM in Current Affairs, English language, Information Governance, Records Management, Weblogs | | Comments (1) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , , , , , , , , , , , ,

November 02, 2010

Preview of ARMA 2010

In the next couple of days, I will be heading out west to San Francisco for the ARMA International conference. I have been to ARMA before and certainly looking forward to catching up with old friends and meeting new ones. I will also be curious to see how many records management vendors will be “repositioning” their products as an information governance solution.

Information governance is becoming a top priority for many c-level officers since it helps companies better manage risk and increase the value/use of corporate information. IBM’s acquisition of PSS Systems and the recent press release from RSD has created a buzz in Twitterland. InformationGovernanceCompass  
I received about 100 emails with several meetings just from this press release – confirming the urgency of a true end-to-end information governance solution.

Information governance can be broken down in the following four categories:

  • Policy management – Information governance begins with a policy. Included in the policy is retention/disposition, rules and regulations, data privacy attributes, storage lifecycle management, and lifecycle of the metadata. The policy is then validated by all stakeholders.
  • Lifecycle management – The idea here is to enable records managers and business managers to manage the lifecycle actions as defined in the policy. These actions must be controlled and audited (independent of the repository).
  • Enforcement – The scheduled lifecycle actions must then be physically enforced in the repository infrastructure. This includes structured and unstructured repositories.
  • Role-based access – Finally, the business needs to have high-speed secure access to information regardless the format or how it’s stored.     

An end-to-end information governance solution enables organizations to seamlessly go from central policy to control/administration to enforcement. I will be curious to see how IBM, Autonomy, EMC, HP, and others address the information governance challenge.

This year, RSD is proud to be a silver sponsor along with IBM and HP. Please see us at booth #918 as we are looking forward to talking about your information governance challenges and showing you why RSD GLASS is the most comprehensive information governance solution on the market. 

After all – seeing is believing.

Posted by Tamir Sigal at 12:21 PM in English language, Information Governance, Records Management, Web/Tech, Weblogs | | Comments (14) | TrackBack (0)

Technorati Tags: , , , , , , , , , , , , , , , , , , , , , , , ,

Next »

Categories

Twitter Updates

    follow me on Twitter