Many people still think of the ERM system as a stand-alone system. In fact, the ERM system needs to be integrated with the many office and business applications within your organization. ISO/TR 15489-2:2001; Information and documentation -- Records management -- Part 2: Guidelines states that we need to examine our organization’s existing systems to determine what systems are in place and which ones capture records. Some of these will be records repositories, but many of them will be line of business applications which may create records but not manage them effectively. This assessment looks to determine whether records are being captured correctly, and if not, what needs to happen to ensure that they are. It also looks at both the technical and operational performance of those systems to determine whether they are as effective as they could be. Any gaps that are identified should be noted and used as part of the business case for the new system, and documented in our system requirements.

The first step in a technology assessment is to identify all of the applications in your organization that could potentially create records. Many of these applications may not, in fact, create or store records but it’s better to identify them early so there is no question later. These applications can be grouped for consideration into five categories.

- Enterprise. These are applications that are generally managed by a central IT staff and made available to the entire organization. The most well-known example of this today is probably email; these might also include customer relationship management applications, financial software and enterprise resource management applications.

- Business unit. For larger organizations, these might be similar to the enterprise applications – for example, a multinational corporation might have email servers in every country so as to not run afoul of privacy and data protection regulations. These might also be applications that are particular to that business unit because of what it does. For example, a research-focused business unit may have different applications than the product development business unit.

- Departmental. These are generally specific to a particular department. For example, in municipal government, the court departments might have a docketing applications, while the engineering departments might have CAD and project management applications.

- Stand-alone or end-user. Every user has some of these, whether they are simple desktop clients like browsers and PDF creation tools, or more complex applications required for their day-to-day use like project management or CAD applications. In many organizations, the records management program and most of its instruments are created using simple database applications like Microsoft Access or even spreadsheets like Microsoft Excel.

- Specialized applications. These are all the other applications that might cross organizational boundaries. Web-based applications might be listed here if they are allowed, as would applications required by a specific narrow group of users or a specific process that are unique in the organization.

Finally, it is important to consider integrations from two perspectives. First, if there are existing integrations in place, it is necessary to review them and the impacts on them of any additional technology changes. Often, applications are integrated using custom code, and any change to any of the applications could result in errors or the integration failing altogether. Second, this is also an opportunity for the assessment team to determine whether integrations between records management systems and other systems might be beneficial. If this is the case, the team would need to identify those requirements as part of the requirements analysis phase. Once all the applications have been identified, the next step is to examine their functionality to determine how they interact with records-related processes.

Some of these applications can be used to create documents or records, though, it is, by far, more common to draft documents and then capture them as records once they are published. Microsoft Word, for example, would certainly fall into this category, as would the email system (for at least some messages) and many of the line of business applications we identified earlier. Many of them are used to access and retrieve information, and, again, we must examine this in the light of the records program. It could be that there are compliance requirements that must be implemented in the application to ensure that unauthorized users cannot access certain types of information. Many of them store information, either in their own proprietary repository, a relational database, or using a combination of the file structure and security to mimic a repository. The points to identify here include who has access to the file storage area, who can change that access, what users with access can do to the files in the storage area, whether controls can be set up to prevent records from being changed or deleted, and so forth.

One important consideration is the capture of records from these other applications without user intervention. This will insure that the records are properly managed and available for quick access. The second consideration is having tight integration between these application and the ERM system to make it easier for users to capture their records.

Who has been successful in integratiing the ERM solution with their other business applications? What are your thoughts on the approach you used? What lessons have you learned in carrying out this effort?

Join us for an ERM Certificate course in:

• Silver Spring 03/23/10 - 03/26/10
• Tampa 04/06/10 - 04/09/10
• Chicago 05/11/10 - 05/14/10
• Toronto 06/22/10 - 06/25/10

Students who are Certified Records Managers (CRM) should apply for ICRM maintenance credits at a rate of 6.5 credits per classroom day!

Join us for an EMM Certificate course in:

• Silver Spring 05/04/10 - 05/07/10

We look forward to seeing you there!

Carl Weise – AIIM cweise@aiim.org

Also, visit www.aiim.org/training and www.informationzen.org – AIIM’s free social network created just for you.

Read the full story originally posted by AIIM Knowledge Center Blog.