Seven keys to effective information and compliance strategies.In the wake of recent, well-publicized failures in information disclosure, organizations are now reconsidering the importance of effective information management. The court rulings and regulations directly resulting from these failures have created additional liability for organizations, exposing many records retention and compliance programs as insufficient. In Information Nation: Seven Keys to Information Management Compliance, Randolph A. Kahn, Esq., and Barclay T. Blair have crafted an informative, practical guide to help information professionals address these concerns. Part 1, "Laying Down the Foundations of Information Management Compliance," begins by examining key terms. Numerous definitions of "records" and "records management" are cited, demonstrating variances in how these terms are perceived by different groups of information professionals and how these perceptions have changed with advances in technology. While portions of these initial chapters may only serve as a review for many practitioners, the legal cases reviewed emphasize the importance of understanding how the courts have recently interpreted these terms. The first chapter, "Why Information Management Matters" examines the effect technology has had in promoting increased distribution and use of information, further complicating com·pli·cate tr. & intr.v. com·pli·cat·ed, com·pli·cat·ing, com·pli·cates 1. To make or become complex or perplexing. 2. To twist or become twisted together. adj. 1. the ability to track and manage this resource. This growth coincides with the increasingly significant, strategic role that information management plays in all facets of business operations Business operations are those activities involved in the running of a business for the purpose of producing value for the stakeholders. Compare business processes. The outcome of business operations is the harvesting of value from assets . The authors effectively explain how the responsibility of managing this resource requires the cooperation and support of all information professionals within an organization. The role of records management, as a vital component of information management, is also closely examined, with emphasis on compliance. The challenge of managing "trustworthy" electronic records is given particular scrutiny as the authors cite court cases in which this form of evidence has been excluded. Despite these examples, the authors contend that laws are generally technology neutral and provide a list of important considerations for maintaining reliable, authentic electronic records. Chapter 5 discusses the complications that evolving technologies present in regard to how information assets are managed. As the dissemination dissemination Medtalk The spread of a pernicious process–eg, CA, acute infection Oncology Metastasis, see there of information throughout an organization becomes more fluid, so does the need for all information professionals to have an understanding of their role in information management compliance (IMC (Internet Mail Consortium, Santa Cruz, CA, www.imc.org) An industry trade association founded in 1996 by Paul Hoffman and Dave Crocker that promotes Internet e-mail standards and features. ). The problems associated with adopting technologies that outpace out·pace tr.v. out·paced, out·pac·ing, out·pac·es To surpass or outdo (another), as in speed, growth, or performance. outpace Verb [-pacing, information management practices and those designed without consideration for compliance are discussed. These problems, which factor into many of the case studies examined, cannot be overemphasized and receive much attention throughout the book. Perspectives from the U.S. Sentencing Commission The U.S. Sentencing Commission is the agency responsible for the establishment of sentencing policies and procedures for the federal court system. The first task of the commission was to develop a uniform set of sentencing guidelines for the federal courts. are also provided in discussion of the U.S. Federal Sentencing Guidelines The Federal Sentencing Guidelines are rules that set out a uniform sentencing policy for convicted defendants in the United States federal court system. The Guidelines are the product of the United States Sentencing Commission and are part of an overall federal sentencing reform , which the authors consider central to the structuring of the IMC program they present. The final chapter of Part 1 takes a closer look at the Sarbanes-Oxley Act See SOX. and the changes in internal controls that have been recently mandated for governing financial documentation. While portions of this act only affect public corporations and accountants, the authors pointedly focus on specific sections and wording that can be applied universally. Helpful guidelines for creating "records hold" mechanisms are provided in direct response to the sections of this act that are examined. In Part 2, the authors discuss the seven keys to an effective compliance program. Sample policy statements and guidelines are presented, all of which effectively address the issues discussed in the preceeding chapters. The first key the authors examine is the importance of clear, concise policies and procedures Policies and Procedures are a set of documents that describe an organization's policies for operation and the procedures necessary to fulfill the policies. They are often initiated because of some external requirement, such as environmental compliance or other governmental that contain mechanisms to ensure consistent enforcement. The authors provide thoughtful advice for writing policies that will remain current as technologies change, suggesting that technology-dependent content only be used at the procedural level. The challenges presented by a distributed workforce, obtaining information from a variety of access points, are also examined. The second important key is executive-level support. Vocal support and funding must come from the highest level, and the authors once again rely on court cases to exemplify ex·em·pli·fy tr.v. ex·em·pli·fied, ex·em·pli·fy·ing, ex·em·pli·fies 1. a. To illustrate by example: exemplify an argument. b. instances in which chief executives have been held accountable for lapses in compliance programs. Key 3 explains the importance of all personnel understanding the role they play in IMC and the effective delegation of authority The action by which a commander assigns part of his or her authority commensurate with the assigned task to a subordinate commander. While ultimate responsibility cannot be relinquished, delegation of authority carries with it the imposition of a measure of responsibility. to those individuals. Collaboration between departments, specifically IT, legal, and records management, is re-emphasized. Although chapter 14 provides an informative model of information management organizational structure  This article has no lead section.To comply with Wikipedia's lead section guidelines, one should be written. , it may be a bit overwhelming for smaller organizations that lack the resources or personnel to support the various components that are suggested. Key 4 focuses on the importance of communication and training. The authors emphasize that success depends on employees at all levels receiving proper training and instruction relevant to their responsibilities within the organization. Instructor-led training and outside experts are recommended over mass memos or self-guided tutorials for issues of higher importance. Key 5 discusses the importance of audits and continual monitoring of a compliance program. These activities not only convey a level of importance to the employee but also demonstrate a level of commitment to the courts, regulatory agencies regulatory agency Independent government commission charged by the legislature with setting and enforcing standards for specific industries in the private sector. The concept was invented by the U.S. , customers, and the public, thereby promoting trust in the organization. Key 6, "Effective and Consistent Program Enforcement," is a component found lacking in many of the case studies examined throughout the book. This section adds helpful policy statements and a discussion of the important role IT departments play in creating automatic enforcement through the use of passwords and network monitoring The term network monitoring describes the use of a system that constantly monitors a computer network for slow or failing systems and that notifies the network administrator in case of outages via email, pager or other alarms. . Key 7, "Continuous Program Improvement," is partially an overview of themes brought up throughout the book with a closer look at some issues that are certain to change or become more prominent in the future. After a brief conclusion, notes, and index, the book provides a short but detailed directory of industry resources. Information Nation, through the use of straightforward, concise chapters, provides a surprising amount of information and advice for minimizing the risk of compliance failure in a small volume that is a fast read. Despite the great breadth of issues and the uncertainties that go along with tackling this challenging topic, the book is well structured and should be considered timely reading for anyone involved with an organization's informational strategies. TITLE: Information Nation: Seven Keys to Information Management Compliance AUTHOR: Randolph A. Kahn, Esq. and Barclay T. Blair ISBN ISBN abbr. International Standard Book Number ISBN International Standard Book Number ISBN n abbr (= International Standard Book Number) → ISBN m : 0-89258-402-5 PUBLISHER: Association for Information and Image Management The Association for Information and Image Management or AIIM (pronounced aim) is an international industry association focused on enterprise content management (ECM). (AIIM (Association for Information and Image Management International, Silver Spring, MD, www.aiim.org) A membership organization founded in 1943 devoted to creating industry standards and disseminating information about the document management industry. ) PUBLICATION DATE: 2004 LENGTH: 302 pages PRICE: $30 U.S. SOURCE: ARMA International Bookstore, www.arma.org/bookstore Gary Cox is the Reference and Public Service Archivist ARCHIVIST. One to whose care the archives have been confided. at the University of Missouri-Columbia. He may be contacted at coxgd@missouri.edu. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion