M12S10 - Navigating Change: ARM your GPS (The Principles) into Drive Successful Information Governance


Published on

From the MER Conference 2012

Speakers: Galina Datskovsky, Ph.D. Robert Williams Marcia Zweerink, Ph.D.

"If you don't know where you're going, you'll wind up somewhere else."

Yogi Berra

Historically, the core paradigm of records management was materials management. Today, the core paradigm is information governance (IG) and risk mitigation. Successful IG identifies ERM hazards, and guides organizations on the safest ERM journey.

But how do we plot the safest IG course when the nature of the risk keeps changing? How do we know we won't 'wind up somewhere else' as we struggle to address a kaleidoscope of evolving ERM hazards, including:

- Exponential growth: The volume of new records grows every year and already far exceeds manual records management capability. And the pile of existing unmanaged records is almost beyond comprehension. For many organizations, the sheer size of the pile has become a significant risk -- and a very challenging problem.
- Ever-changing technology: The rapid evolution of software, hardware, mobile devices, social networking, and cloud computing is changing the very nature of records. The trend is further fragmenting control of the records -- and increasing the challenge of implementing records life cycle controls.
- Ever-increasing regulation and litigation: Not only do evolving regulations add to the explicit requirements for managing records, but the courts are also increasing expectations that organizations show 'good faith' in managing electronically stored information (ESI). How do you know you have the management evidence to demonstrate 'good faith'?
- C-Level scrutiny: Executives at the highest levels are more aware than ever that information governance is key to the reputation, efficiency and compliance of the organization. They want IG, but may not fully understand what that means. Do they really understand what success looks like?

If Yogi's car had a GPS, he might have had an easier time, provided he used it correctly. Now, you do have a RIM-focused GPS for your IG journey - GARP® and the associated assessment tool - to assist you in understanding where you are, and monitoring your progress toward your destination.

You also have the needed "wheels" - Assured Records Management (ARM) - to help plan which route to take, drive progress toward your destination, and document the 'tracks' you took to get there.

Published in: Education
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

M12S10 - Navigating Change: ARM your GPS (The Principles) into Drive Successful Information Governance

  1. 1. Cohasset Associates, Inc. NOTES Session 10 Navigating Change: ARM your GPS (GARP®) to Drive Successful Information Governance Tuesday, May 08, 2012 9:00 am B Like a GPS, ARMA’s GARP® Principles provide a standard measurement of where you are. Cohasset’s Assured Records Management (ARM) helps you plot g ( ) p y p your course and provides the wheels to move you forward. "If you dont know where youre going, youll wind up somewhere else." Yogi Berra 2 B Goals Explore how GARP and ARM can be used to navigate change and drive successful Information Governance Ensure the all important management evidence that proves Good Faith Effort on your journey 3 B 10.12012 Managing Electronic Records Conference
  2. 2. Cohasset Associates, Inc. NOTES Our Road Trip A quick look at GARP and ARM Our Mileposts Why do we need to navigate change? How can ARM help us drive? p How do we use the GARP GPS? What does successful course look like? How do we start this Journey? Throughout, we will consider YOUR leadership opportunities 4 G What is GARP®? Generally Accepted Recordkeeping Principles In order to achieve recognition at the regulator, business and associate level, ARMA International h d i l has developed Generally Accepted l d ll d Recordkeeping Principles (GARP) so as to allow organizations to adhere to and measure objective records and information governance standards MER May 18, 2010 5 G GARP® http://www.arma.org/garp Principles GARP® Accountability Maturity Color Transparency Level Status Integrity 5 GREEN Protection 4 BLUE Compliance 3 AMBER Availability 2 ORANGE Retention Disposition 1 RED 6 G 10.22012 Managing Electronic Records Conference
  3. 3. Cohasset Associates, Inc. NOTES What is Assured Records 7 Management? Assured Records Management (ARM) is an evolving methodology designed to help organizations establish and sustain Information Governance that results in Applying appropriate performance standards Aligning with business priorities and culture To ‘Get it right where it matters most’ and provide credible evidence of good faith. 7 M The ARM Approach Using models and techniques Aligned with Business Priorities that simplify Business drivers, culture, and strategy concepts and Risk-based continuous improvement promote buy-in t b i in Clear information governance processes Good Faith ARM Performance Standards Effort Organizational commitment And the evidence to prove it Lifecycle control of records and systems 8 M Milestone 1 9 M 10.32012 Managing Electronic Records Conference
  4. 4. Cohasset Associates, Inc. NOTES Today, the Core Paradigm is CHANGE Historically, the core paradigm of records management was materials management. We relied on a very structured set of standards and best practices Today, the core paradigm is information governance (IG) and risk mitigation. Governance is a process that accommodates change Successful IG identifies ERM hazards, and guides organizations on the safest ERM journey 10 B Why Information Governance? Because the RM landscape is rapidly evolving Users Business IT Case Law 1. Sheer volume 2. Changing technology 3. Legal landscape 4. Business changes, C-Scrutiny M Change Number 1 IG Includes EVERYTHING Hold for litigation orHold Legal regulatory matters CONTENT PROFILE 300 Retain Official Records as evidence of 250 business activities 200 150 100 Dispose of records when no longer 50 0 ? needed Official Records: Retain as evidence for the full retention period Ancillary Records: Dispose at any time, and as soon as possible Legal Hold: Suspend deletion as required by Legal 12 M 10.42012 Managing Electronic Records Conference
  5. 5. Cohasset Associates, Inc. NOTES Changes in Technology Cloud computing Who is responsible for Social media the information asset? Mobile devices What is the Official Security and privacy Record? Data proliferation and How do we collect and growth preserve information? Securing information assets based on their class Management and disposition of information 13 G Legal Landscape Evolution of the ‘Trusted Environment’ Record was managed User stewardship independent of the user IT stewardship P f i l t d hi Professional stewardship N New t h l i technologies Established policies and New legal perspectives procedures New testability practices Derived from checks and Importance of good faith balances in Finance and reasonableness 14 B C-Level Scrutiny Remember when we used to complain that senior management didn’t pay any attention? Well, those days are over The C Suite responds to Information C-Suite Governance Beware the rude gaze of management 15 G, M 10.52012 Managing Electronic Records Conference
  6. 6. Cohasset Associates, Inc. NOTES What Does the C-suite expect? “Understand our business” “Do something to help us succeed” Cost, efficiency, reputation, risk “Be specific” Be specific Does the C-suite understand ERM? Not so much Remember, the higher you go, the shorter the attention span 16 Milestone 2 17 G What is Information Governance? Governance covers all information in all formats Gartner defines Information Governance (IG) as the specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving, and deletion of information Remember: the purpose of governance is to help you meet your business goals! What Does Success Look Like? How do you know if you’ve achieved it? 18 M 10.62012 Managing Electronic Records Conference
  7. 7. Cohasset Associates, Inc. NOTES The Essential Elements of Governance Formal grants of authority Who gets to decide? “Laws” - Rules of the Road Rules make everyone safer Continuous improvement and oversight Specific goals and metrics What corrective actions are needed? Processes for change How do you change rules or grant of authority? 19 M Governance Challenges Resistance – we don’t do this for anything else! Organizational alignment Culture Governance models, processes, and roles ,p , Gaining buy-in and support Management, IT, user Training, communication, and awareness Governance support resources Commitment to continuous improvement 20 M Align Governance with Business Culture Rule-followers Wandering Cats Process workers Knowledge workers Conservative technology Must use the ‘latest thing’ Command and control Consensus 21 M, G 10.72012 Managing Electronic Records Conference
  8. 8. Cohasset Associates, Inc. NOTES What Does Success Look Like? YOU CAN’T DO EVERYTHING! No organization puts an equal emphasis on everything at once Governance knowing what you are trying to achieve and mapping a reasonable path to get there while balancing: Benefit Cost Risk Timing Feasibility ….. 22 M Consider the C-Level’s ‘Baby’ LOW HIGH Regulation Litigation Privacy Cost Control Intellectual Property Outsourcing 23 M, G Milestone 3 24 M 10.82012 Managing Electronic Records Conference
  9. 9. Cohasset Associates, Inc. NOTES Plotting the Course: Commit to an Ongoing Process Risk/ Value Assessment and WDSLL! Improvement Goals PLAN Management Execute Review and ACT DO Improvement Action Plan CHECK Measure and Report Results 25 G, M Using Your GPS 26 G GARP® Assessment The GARP® Assessment is an evaluation of more than 100 attributes of information governance an organization can deploy to determine how it measures up against the GARP® Principles. The Assessment is organized by each GARP® Principle to help determine the organization’s individual principle scores, leading to an overall GARP® Assessment Score. 27 G 10.92012 Managing Electronic Records Conference
  10. 10. Cohasset Associates, Inc. NOTES GARP® Assessment Measurable Outcomes Quantify Program Needs Prove Qualitative ROI Benchmark Progress Results Provides benchmarks Directs to resources Historical comparisons Experience to Date… G, M Milestone 4 29 G 30 G 10.102012 Managing Electronic Records Conference
  11. 11. Cohasset Associates, Inc. NOTES What Does Success Look Like? Improving Governance processes? If so – How? Roles? Awareness? Accountability? Cleaning up unneeded data? If so- What data? Where? How much? When? Improving management of Official Records? If so- Which records? How well do they need to be managed? 31 M Target the Right Level of Information Life Cycle Control Lifecycle control requirements vary Ancillary Records : higher volume, but generally less control Official Records: some require very tight lifecycle controls Higher Volume Ancillary Records Official Records Routine Collaboration Regulated Records Greater Lifecycle Control 32 M, G ARM Maturity Levels Simplify Concepts for Business Folks GARP® Maturity ARM Maturity Description Absolutely nailed down by 5 GREEN 4 Assured technology 4 BLUE Pretty good; some 3 Reasonable 3 AMBER technology control Some manual/ process 2 ORANGE 2 Manual control 1 RED 1 Ad hoc Absent (or individual) 33 M, G 10.112012 Managing Electronic Records Conference
  12. 12. Cohasset Associates, Inc. NOTES ARM Standards ARM Records Life Cycle Elements Maturity Create Retain Store Access Readability Dispose Digital g SEC IRS Digital Assured Image FDA DOD WORM Copy Copies Time/ IRS Film Reasonable UPA SEC UPA Anderson Speed Copy IRS Paper Manual INS Copy Ad Hoc 34 B Align With Your Business Priorities Consider Sources Standards Regulations Best Practices Elements of life cycle Maturity level for your organization Reflected in your policies and procedures These are YOUR operating standards 35 B Management Evidence Policies - WHAT Procedures – HOW Inspections/Audits – WHO/WHEN/WHERE Continuous process improvement Management Evidence Good faith Reasonability 36 10.122012 Managing Electronic Records Conference
  13. 13. Cohasset Associates, Inc. NOTES Milestone 5 37 G Get Started and KEEP GOING Identify stakeholders Align with culture Keep It Simple! Establish governance process Identify business priorities / strategy Identify Id if near term and long term goals dl l BE SPECIFIC Low hanging fruit makes a BE MEASURABLE refreshing salad! DO WHAT MATTERS Define ROI/ specific benefits, gain buy-in and funding Measure and report Then do it again! 38 G, M Start Simply to Target Areas for Improvement 1 = Ad hoc 2 = Manual 3 = Reasonable Business Types of Records 4 = Assured Value / Risk Current Desired Gap Control Control Product Testing Records 1 4 3 H Finance Records 3 4 1 H Accounting Records 3 4 1 H Manufacturing Records 1 4 3 H Design Idea Records 1 3 2 H Software Development Records 1 3 2 M Employee Records 2 3 1 M Toddler Focus Group Records 3 3 0 M Real Estate Records 2 2 0 L 39 M, G 10.132012 Managing Electronic Records Conference
  14. 14. Cohasset Associates, Inc. NOTES Drill Down to Identify Actions 40 G Leadership is a Team Sport You don’t have to figure this out yourself Take advantage of ARMA and GARP Consult with experienced practitioners (e.g., Cohasset and ARM) Take d T k advantage of MER networking to talk to your f ki lk colleagues Ask what has worked and what doesn’t Gather good ideas Exchange business cards Assemble your internal team Keep your friends close and Who else wins your enemies closer. Who’s buy in do you need Michael Corleone 41 M, G “One’s destination is never a place, but a p new way of seeing things.” Henry Miller 42 B 10.142012 Managing Electronic Records Conference
  15. 15. Cohasset Associates, Inc. NOTES Questions? 43 10.152012 Managing Electronic Records Conference