Records management's interactions with information governance stakeholders.

• Author: Saffady, William
• Position: BONUS CONTENT - Editorial

Editor's Note: This excerpt from Information Governance Concepts, Requirements, Technology, to be published by ARMA International in late 2016, describes how records management professionals interact with the other key information governance stakeholders: information technology, information security, risk management, compliance, legal affairs, data science, and archival administration.

Communal pursuit of organizational interests is a principal characteristic of governance initiatives. A siloed approach, in which stakeholders operate independently and--in some cases--competitively, is not compatible with effective governance.

Information governance must promote interaction, cooperation, and consultation among stakeholders [i.e., records management, information technology, information security, risk management, compliance, legal affairs, data science, and archival administration]. In the absence of communication and coordination, a given stakeholder may implement policies, make decisions, or take actions that adversely affect other stakeholders. An action that improves the efficiency or effectiveness of one information-related operation can have unintended consequences elsewhere in an organization.

To maintain efficient operation of its e-mail servers, for example, an organization's information technology unit may routinely delete messages that are more than six months old, but the potential destruction of messages with evidentiary value poses problems for litigation support and regulatory compliance.

Similarly, a marketing department may want multi-decade retention for customer order information, but long retention of personal information about customers can pose problems for information security and may violate national data protection laws.

IG Takes a Broad View

While individual stakeholders understandably focus on their own responsibilities and operations, information governance takes a broader view. An information governance program must assess the organizational impact of local actions and balance the competing agendas of individual stakeholders to achieve results that are in the common interest. It must encourage dialogue, synergies, and consensus-building to identify potential problems, minimize disagreements among stakeholders, and resolve conflicts.

The following section discusses records management's involvement and interaction with other information governance stakeholders for specific information governance activities and business processes. The discussion is summarized in a responsibility assignment matrix--a so-called RACI chart [on pages B52-B53]--that identifies:

* The stakeholder unit that is responsible (R) for doing the work associated with an activity or business process.

* The stakeholder unit that is ultimately accountable (A) for correct completion and approval of the activity or business process.

* The stakeholder units that must be consulted (C) for information or advice about the activity or business process.

* The stakeholder units that are to be kept informed (I) but not formally consulted about the activity or business process.

In the RACI chart, the responsible and accountable stakeholders for a given activity or business process are identical but, within a given stakeholder unit, different employees may be responsible for doing the work and accountable for its correct completion.

In an information technology unit, for example, systems analysts or technology planners may be responsible for evaluating and acquiring specific computing or networking services, but the chief information officer or other unit head is accountable for correct completion of that task.

Similarly, staff attorneys in a legal affairs unit may issue holds to suspend destruction of information deemed relevant for litigation, but the general counsel or a comparable legal official must ensure that the holds were correctly issued.

If an organization has appointed a chief information governance officer or designated another high-level official to head its information governance program, that person may be accountable for many or all of the listed activities and business processes.

Records Managements Interaction with Other IG Stakeholders

With its enterprise-wide scope, records management affects and is affected by the responsibilities, interests, and activities of other information governance stakeholders. As the responsibility assignment matrix indicates, records management consults with and informs other stakeholders about specific activities and business processes for which it is accountable and responsible:

With Information Technology

Records management consults with information technology to identify technological issues and concerns related to specific retention rules, storage formats and media, and disposition processes. In many organizations, electronic data is stored on servers that are operated or supervised by the information technology...