MoReq: the standard of the future? Want to understand what electronic records management systems (ERMS) should do? The Model Requirements for the Management of Electronic Records (MoReq) is a good place to start. (Setting Standards).
* defines and explains the MoReq specification
* identifies MoReq's strengths and weaknesses
* examines the specification's future
The Model Requirements for the Management of Electronic Records (MoReq) is a generic specification for systems designed to manage electronic records. It is not an official standard, but it can be used to design, select, and audit such systems. In practice, an electronic records management system (ERMS) might be a separate system or, increasingly, it is more likely an electronic document management system (EDMS) with ERMS functionality bundled on to it.
Cornwell Affiliates developed MoReq for the European Commission's Interchange of Data between Administrations (IDA) initiative. The authors, Marc Fresko and Martin Waldron, were assisted by a distinguished review panel drawn from Canada, France, Germany, Italy, the Netherlands, Portugal, and the United Kingdom. In addition, the requirements went through a validation exercise involving six public and private sector organizations drawn from three countries. The MoReq specification is designed to be pragmatic, easily used, and applicable throughout Europe.
MoReq's target audience is very broad, covering every economic sector and both business and public organizations. It may be used as the basis for
* preparing an invitation to tender (request for proposal) prior to purchasing an ERMS
* auditing or checking an existing ERMS
* preparing records management training and course material
* a teaching resource for academic institutions
* a product development guide that highlights required functionality for ERMS suppliers and developers
* a guide for records management service providers (i.e., outsourced services)
The MoReq specification is clearly laid out and structured. There are separate chapters covering classification schemes, controls and security, retention and disposal, records capture, reference, search, retrieval, rendering, and administrative functions. Other functions, such as managing non-electronic records, workflow, electronic signatures, encryption, electronic watermarks, and workflow, are also touched upon. In addition, the specification covers nonfunctional requirements such as ease of use, scalability, and technical standards. There is an entire chapter on metadata requirements.
Concepts and terminology are clearly explained. Within each chapter there are general statements to provide context and introduce ideas, followed by specific numbered requirements. Sensibly, given the breadth of potential use, the specification is divided into mandatory and desirable elements ("must" versus "should" clauses).
MoReq is sometimes called a "standard specification" but the publication describes itself more modestly as a "model specification." This is an important distinction. Users can add functionality relevant to the particular situation, or remove as required, the optional aspects from MoReq.
Anyone interested in the nuts and bolts of specifying or evaluating ERMS should read MoReq. For records managers who want to understand what an ERMS ought to do, MoReq is a good place to start. Thus, MoReq deserves to be widely used for teaching purposes. A future edition could be made more useful yet if it were restructured to separate technical requirements from service requirements and user requirements. It is likely that the specification would require modifications or additions to ensure a robust, practical result.
To understand MoReq's strengths and weaknesses, it is important to understand its origins. By the 1990s, the European Union (EU) became concerned that the United States' enormous competitive advantage in information technology (IT), the Internet, and e-commerce might leave the European economy at a permanent disadvantage. For example, Microsoft software applications were rapidly becoming the de facto standard for word processing and other office work worldwide, squeezing out local competition. It was clear that the next big changes would be in using information and communications technologies to deliver e-government and e-commerce. Would EU countries be able to compete, or would they be reduced to mere consumers of U.S.-developed products?
EU policy makers noted the strategic role the U.S. federal government had played in developing the Internet as a business medium. They proposed that European governments take a similar approach by actively promoting the infrastructure needed to support e-government and e-commerce. Success required a Europe-wide strategy.
IDA was one of a series of European Commission initiatives that resulted. IDA's mandate is broader than the technical problems of electronic records management. Specifically, IDA is dedicated to using advances in information and communications technology (ICT) to support rapid electronic exchange of information among EU member-state administrations. The objectives are to improve the European community's decision making, facilitate internal market operation, and accelerate policy implementation. Initially, IDA helped set up infrastructure, established common formats, and integrated new ICT-based business processes. It is now working to improve network services, tools, security, and interoperability, opening IDA to more sectors and, very soon, to the European economic area and EU applicant countries.
E-government and e-commerce by their very nature imply an enormous increase in electronic records. IDA managers recognized that the initiative needed to contribute to electronic records management. In 1996, IDA sponsored the first European DLM (donnes lisibles par machine, or machine-readable data) Forum designed to support electronic government in Europe, safeguard the information society's lasting memory, and provide European citizens with improved access to electronic information. The forum identified the need for comprehensive requirements for managing electronic records.
MoReq, published under the IDA initiative's banner, is regarded as the definitive European Commission state-of-the-art statement on managing electronic records.
MoReq was specifically designed with European member states' and businesses' needs in mind. But how effective has it been in meeting these needs, how is it being used, and what are the prospects of MoReq in a business environment that is global rather than continental in scope?
Remarkably few organizations appear to be using MoReq to design ERMS, although its use as a reference appears much greater. There are two main reasons for this:
1. The drivers for IDA are political, not commercial. In much of Europe, government agencies are falling behind in meeting their targets for e-government and, therefore, the need to manage electronic records is not as great as had been predicted. This is not surprising because e-government in Europe has been driven by the political agenda to "modernize government" and avoid being left behind by the United States and others, rather than by the quest to meet real operational needs. In some cases, government agency managers are dragging their feet because they do not see the point in doing more than the minimum necessary to keep their political masters happy. In other cases, more proactive public sector authorities are re-interpreting e-government targets by picking and choosing the business processes they engineer according to their own priorities and perceived needs. In either situation, electronic records management has a very low profile with decision makers. In these circumstances, it is easy for electronic records management to be dropped from the agenda altogether. In the medium term, it is probable that the volume of electronic records in European public sector organizations will increase and, therefore, create the business need to manage them systematically. But in the short term, MoReq may be ahead of its time.
2. MoReq has to compete with other solutions developed by national archives or other national agencies that are more directly useful. In the United States, the Department of Defense (DOD) started the trend by evaluating records management software against its own established criteria and publishing lists of applications that meet these requirements. With DoD 5015.2, in effect, the DoD bundled a standard and software evaluation into a single, user-friendly package. In the United Kingdom, the Public Records Office has a similar scheme. It has published a list of approved ERMS and several Requirements for ERMS. In Norway, law mandates the NOARK (Norwegian recordkeeping) specification for the government sector. Most national archives in leading industrialized countries have developed policies, guidelines, and functional requirements that are readily adaptable to private sector circumstances.
It is worth noting that evaluation teams in the national archives and elsewhere have likely read MoReq and incorporated features they found useful into their own national evaluation criteria. Thus, MoReq may have an indirect impact that is difficult to measure. The exception appears to be the Netherlands, where government organizations are using MoReq as one of many sets of functional requirements in implementing ISO 15489 records management standard.
MoReq in Make or Buy Decisions
When developing or selecting new systems, records managers face a choice: develop an entirely new bespoke system (i.e., build it themselves), or buy an off-the-shelf application. In most cases, organizations will prefer to buy off the shelf, which is where the combined standard-with-software evaluation scores. An off-the-shelf solution may only provide 80 percent of the functionality required, but the risks are greatly reduced. IT managers are well aware that a high percentage of bespoke development projects end in failure. Moreover, from the records manager's perspective, bespoke systems are seldom fully documented, whereas off-the-shelf systems tend to be better documented and supported over time, which helps reduce--but not remove--the risks attached to long-term preservation and access. More important, the availability of off-the-shelf systems that meet U.S. DoD 5015.2 or other standards has great appeal. Decision-makers know that such systems have been through rigorous, independent evaluation processes that would be expensive for any organization to duplicate.
[Editor's Note: For more on DoD 5015.2, see "Everything You Wanted to Know About DoD 5015.2" in the November/December 2002 issue of The Information Management Journal.]
MoReq might be useful when deciding between software applications that have been certified as capable of managing electronic records, as its comprehensive list of requirements could be used as an aide memoire or prompt during this process. However, most people will prefer to start with an analysis of their organization's individual business processes. For example, MoReq cannot provide answers to such basic performance requirements as acceptable retrieval times which, in fact, are likely to be critical in deciding among otherwise suitable software applications.
In some situations, such as integrated financial management systems in the public sector, a bespoke solution may be necessary or preferable because of a sector's special requirements. For bespoke systems, however, MoReq's length is a key issue. It is difficult to imagine many IT directors showing much enthusiasm for adding another 128 pages of electronic records management specifications to a new system's already substantial mainstream requirements. The cost would be significant, and unfortunately, most organizations regard records management as an occasionally useful, but not particularly valuable, service. This attitude may change as a result of the Enron, WorldCom, and other scandals that are connected with poor records management controls, but consideration should be given to developing shorter, more focused subsets of MoReq that might have greater appeal in specific industries, including the public sector, pharmaceuticals, nuclear industry, and general business. However, the MoReq specification's market is likely restricted to wealthy organizations that need and can afford a bespoke electronic records management solution.
Another potential use of MoReq is as a communications tool for achieving corporate buy-in. MoReq explains concepts well, with a minimum of technical jargon, and provides reasons for each group of requirements. In this context, the comprehensive scope of the requirements turns into a benefit. The document may have a useful career--either in its original format or "cannibalized"--in explaining electronic records management issues to IT directors, senior management, and other stakeholders who need to know more about the subject than just the high-level issues. Events may show that MoReq has the greatest potential and benefit for a wider audience in this area.
MoReq's Future as a Standard?
Will MoReq become the basis for an international requirements specification standard? Some consider MoReq a type of standard and it is, in the sense of being a yardstick of quality. But a true standard must be accepted by a practitioner community, either because it is required by law (as with NOARK in Norway) or because everyone agrees to use it. Good standards provide useful solutions in fields where common conventions are important and make sense. A standard is successful if it solves technical problems, formalizes solutions, and the market accepts it.
What are the chances of MoReq meeting these criteria? MoReq does successfully solve a technical problem and formalize a solution, but the problem is not vital to the conduct of business. For example, businesses exchange e-mails or documents using ICT standards every day, without needing to use a common electronic records management specification standard. Each business or organization can effectively act as an island with regard to specifying its ERMS without penalty.
As for the third criterion, acceptance by the market, a standardized electronic records management specification's main benefit is to lower procurement costs by minimizing the work needed to produce technical specifications. This issue is being addressed at the national, not the international, level. In the European Community's public sector, the area where MoReq could have had the greatest impact, European governments have not made compliance with MoReq a requirement for procurement decisions, but instead have chosen to develop their own specifications. Outside Europe, MoReq is still relatively unknown.
The main beneficiary of an international specification would be the ICT industry, especially those suppliers wishing to develop ERMS or electronic document management solutions that will be marketable in different national contexts. Such a specification would relieve suppliers of the cost burden associated with product certification by individual national archives. In addition, an internationally accepted specification would facilitate a global market for ERMS.
Essentially this is a free trade issue. Given the United States' continuing dominance as both a solutions developer and a product market, the attitude of the North American ICT industry is likely to be key. Unless the international ICT industry, and in particular the U.S. ICT industry, adopts MoReq, it is unlikely to have a significant impact, however well-thought out and well-written it may be. Thus, the next step for MoReq's developers should be clear if they want the initiative to form the basis of an international standard: Develop the business case for an international ERM specification and sell the concept to the ICT industry. The choice is stark: Make the leap to an international standard or allow MoReq to die.
READ MORE ABOUT
"Archiving Web Resources: A Policy for Keeping Resources of Web-Based Activity in the Commonwealth Government (revised January 2000)" Available at www.naa.gov.au/recordkeeping/er/web_records/intro.html (accessed 13 January 2003).
"Designing and Implementing Recordkeeping Systems (DIRKS): A Manual for Commonwealth Agencies (Australia)." Available at www.naa.gov.au/recordkeeping/ dirks/dirksman/dirks.html (accessed 13 January 2003).
Fresko, Marc and Martin Waldron, Model Requirements for the Management of Electronic Records (MoReq). Cornwell Affiliates plc, 2001.
DLM Forum. Available at http://europa.eu.int/ISPO/dlm (accessed 13 January 2003).
IDA Home Page. Available at http://europa.eu.int/ISPO/ida (accessed 13 January 2003).
"Joint Interoperability Test Command Records Management Application (RMA)." U.S. Department of Defense. Available at http://jitc.fhu.disa.mil/recmgt/#standard (accessed 13 January 2003).
Model Requirements for the Management of Electronic Records (MoReq). Cornwell Consultants in Management and IT. Available at www.cornwell.co.uk/moreq.html (accessed 13 January 2003).
NOARK Standard. National Archives of Norway. Available at www.riksarkivet.no/ english/electronic.html (accessed 13 January 2003).
U.K. Public Record Office. List of Approved ERM Systems. Available at www.pro.gov.uk/recordsmanagement/eros/Invest/listofapprovedsystems.htm (accessed 13 January 2003).
--. Requirements for Electronic Records Management Systems--1, Functional Requirements, 2002 Revision--Final Version. Available at www.pro.gov.uk/recordsmanagement/eros/invest/consultation.htm (accessed 13 January 2003).
--. Requirements for Electronic Records Management Systems--2, Metadata Standard, 2002 Revision--Final Version. Available at www.pro.gov.uk/recordsmanagement/eros/invest/consultation.htm (accessed 13 January 2003).
--. Requirements for Electronic Records Management Systems--3, Reference Document, Functional Requirements, 2002 Revision--Final Version. Available at www.pro.gov.uk/ recordsmanagement/eros/invest/consultation.htm (accessed 13 January 2003).
Piers Cain is a founding partner at Missenden Consulting and has served as international liaison member of the International Organization for Standardization (ISO) Technical Committee 46, Sub-Committee 11 Archives/Records Management. He may be contacted at firstname.lastname@example.org.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||Model Requirements for the Management of Electronic Records|
|Publication:||Information Management Journal|
|Date:||Mar 1, 2003|
|Previous Article:||The truth about taxonomies.|
|Next Article:||So you want to implement automatic categorization? Automatic categorization can be a powerful tool despite its limitations, but it is still important...|