Records Management (ISO 15489) Consultancy
One of today’s major challenges, with the almost exponential increase in document production, is records management. This explosive growth of information in all its forms is making it ever more difficult to capture and control. Increasing compliance requirements and litigation risks are calling for rigorous records management,
All types of organisations will process information and need to capture and control it, usually the larger the organisation, the bigger the problem.
Information that needs to be managed includes ‘structured information’ in databases and ‘unstructured information’ on paper and electronic files. This includes:
- transient documents;
- draft documents;
- documents of any type produced by employees using productivity tools (e.g. MS Office);
- output from blogs and other online fora.
This will include records vital to your business on a day to day basis as well as long-term records that must be retained according to either legislative (including ‘Legal Hold’ requirements) or corporate document retention requirements.
BCRM’s objective is to help you to:
- apply appropriate technology where it can help within your organisation;
- define, design and implement a records management solution tailored to your business;
- embed the chosen records management solution in your organisation;
- find the correct strategy for your information management issues;
- address the issue of ‘digital debris’ or ROT (Redundant, Obsolete or Trivial) information;
- identify the options for your information management issues;
- organise your information better;
- realise measurable business benefits.
BCRM covers records management as part of its information governance risk and compliance (GRC) in its widest sense, according to your needs. Legislation that is applicable in the UK includes the Data Protection Act (soon to be the General Data Protection Regulation (GDPR)) which is applicable to all organisations processing personal data with the Public Records Act applicable to government organisations and the Freedom of Information Act applicable to public authorities. In addition, there are regulatory requirements applicable to specific market sectors. GRC for records includes:
- data quality;
- information security;
- content control;
- naming and metadata standards;
- intellectual property rights (IPR);
- a well managed infrastructure supporting the records management process.
Whilst there has been a lot of discussion about the use and effectiveness of Electronic Document and Record Management Systems (EDRMS), BCRM refuses to be led by the latest vendor offering where the vendor is acting like the ‘Pied Piper’. We still believe there is a place in your records management system for an appropriately designed EDRMS that is business and NOT technology driven.. Our approach is based on the internationally accepted Deming cycle of:
that many of the major management systems standards have adopted.
BCRM can provide services at all stages of your records management programme. We can help you with:
- developing business cases;
- project scoping;
- initial gap analysis;
- analysis of existing systems;
- developing strategy;
- record management reviews;
- strategy option review;
- project development and implementation;
- defining a records management architecture;
- defining system requirements, including technical architectures;
- building a records management framework;
- developing policies, processes and procedures to support the framework;
- assisting in system design and development or purchase;
- training employees, as appropriate
- auditing records management systems;
- continuous improvement of your records management system;
- recommendations for improvement of existing systems;
- defining record retention schedule;
- identification of digital debris nd ROT information;
- implementing date culling housekeeping procedures;
- project management.
BCRM uses ISO 15489 and DIRKS as the basis for our records management consultancy.
The DIRKS methodology is an eight-step process for Australian Government Agencies to use to improve their records management and information management practices, including the design and implementation of new records management systems. The methodology is compliant with, and expands on, the methodological framework of the Australian Standard for Records Management, AS ISO 15489.
The DIRKS methodology, as adopted and adapted by BCRM, will help you to:
- understand your business;
- understand the regulatory and social context in which it operates;
- understand how your business works including its data flows and record types used both internally and from outside sources;
- identify the need to create, control, retrieve and dispose of records within your business;
- assess the extent to which your existing organisational strategies satisfy your needs for records management;
- redesign existing processes and procedures or design new ones to address any identified non-conformances;
- develop a record management system based on agreed strategies;
- implement the record management that you define;
- review the implementation to see if it meets the defined system objectives;
- undertake a process of ongoing audits against internal policies and procedures;
- implement a process of continuous improvement.
This approach gives you a number of practical tools that can be used to underpin good records management. It provides the essential framework to:
- adopt appropriate metadata standards for control and retrieval of records;
- compile a functions-based records disposal process for records unique to your business;
- construct organisation specific classification tools;
- design or select records management tools to create, control, retrieve and dispose of your records;
- develop a business classification scheme that identifies, labels and defines the unique functions and activities of your organisation;
- establish a business case for records management;
The BCRM approach builds operational resilience by ensuring that your records (both paper and electronic) are::
- aligned with your business needs;
- appropriately protected against unauthorised access, modification, erasure or disclosure;
- correctly documented through their complete life cycle;
- demonstrating compliance verified by a third party Conformance Assessment Body;
- easily accessible;
- interoperable between disparate systems, including external and collaborative partners and suppliers;
- subject to processes and procedures for records management that are documented and tested;
- transparent in the disposal process;
- subject to a public statement that you have addressed records management and information security needs of your, and your customers’, data;
- subject to managing and treating significant risks to reduce them to an acceptable level in line with risk appetite;
- properly maintained;
- traced to from creation to disposal or archiving.
- BCRM are justifiably proud of our 100% SUCCESS RATE, of achieving first time certification through an Accredited Conformance Assessment Body for our Clients;
- BCRM is committed to providing a consistently high value service to our Clients;
- David Lilburn Watson, who remains personally ‘hands-on’ throughout the process, manages this process.
- to understand how the BCRM suite of offerings can be used to transform your business, please contact us
- we look forward to discussing your specific requirements, at your convenience;
- whatever other type of consultancy you require, we can possibly offer a free Health Check.