Nov 30, 2020 | Blog
As Information management consultants we engage with organisations to help them create, review and implement complex information governance frameworks. Many of these organisations are subject to frequent and recurring administrative and organisational change. These changes present significant challenges for continuity of information access.
Recently we undertook a large information governance project for a government department who had undergone administrative restructuring. Key challenges for the department were:
- The provision of a single, shared technology platform, and
- the transfer of data into the shared platform and applications.
Additionally, we are seeing government business operations being outsourced. This has been common practice for the past few years for the delivery of infrastructure assets, but is now becoming more frequent for delivery of services. This has profound implications for information governance frameworks. Information creators are separate entities – with their own systems, metadata and data governance practices. But from the point of view of the responsible government agencies, the resulting physical and information assets must be returned to public custody once the infrastructure is commissioned or services delivered. The issues of information governance become increasing complex across multiple organisations. Information governance therefore requires policy settings, understanding what information assets have been created, where they are held, who administers them.
For the information custodian or owner, the resulting information assets needed to be governed, identified, secured and made accessible to operational staff. Often there were some basic metadata standards and transfer protocols established under contracts. This can make the transfer of data easier, but data migration may not be the best or complete solution. It’s becomes increasingly important to maintain relationships between data and the creating entities (the private providers) for data integrity.
In addition, there is the difficulty within the government agencies to have information governance staff with the right skills and authority to support implementation and delivery of frameworks and associated activities, and to raise awareness of information governance requirements
For managers the information framework is complex. Frequently the business rules on information governance are unclear and there is poor visibility at the executive level. There is a policy in document format, but how is this implemented; who can access data; what are the requirements for security and privacy protection; what are the rules on overriding security settings when regulators and auditors request access; who owns the data?
This is not just a compliance issue, it is about the struggle organisations have to document all of their information, where it is, who controls it and how to apply governance.
“Eat the Data: Reclaim the web, #CNIE2014 keynote by @brlamb expertly DJd by @draggin” by giulia.forsythe is marked with CC0 1.0
We have been seeking tools and systems providing visibility of the datasets and dataflows, to understand who and how data is used, assess data quality, identify risks and prioritise remediation.
Recently we worked with Informatica’s solutions to provide discovery and visualization of information assets. Their AXON product provides a dashboard providing graphical display on information assets, business term definitions, enabling business context and policy documentation. It provides executive management with the ability to gain useful insight into organisational information assets. We believe this is a new way of providing managers with the insight they need to manage information assets, to better understand the information framework and to use data to assess and mediate risks
We’re looking for ways to use automation for better business analysis. We want solutions that provide a sustainable solution. Recently we participated in a webinar with Informatica’s Data Governance Practice lead to explore emerging options for the issues we are seeing in our client base.
The link to the webinar is available here.
About the Author
Kerry Gordon is a Director and Consultant with Recordkeeping Innovation. She works on digital recordkeeping and archives for clients in Australia and SEAsia. Kerry delivers regular training programs in records management and managing digital records. Kerry has a Masters Degree in Information Management from Monash University, Melbourne and has experience in developing large scale strategic studies for digital transition, classification and retention, managing administrative and organisational change, project management and communications supporting information governance.
Nov 19, 2020 | Blog
Retention labels in Microsoft 365 (M365) provide organisations with the ability to apply retention controls to documents through the solution interface. Unlike retention policies, when a retention label is published end users can view and apply retention labels themselves.
To understand how retention labels can be used to support your retention requirements, let’s look at how they can be configured. Retention labels can be set to keep content forever, start a disposition review, or dispose of content a certain period after the following retention triggers:
- the content was created
- the content was last modified
- an event (we will take a look at event-based retention in a later blog)
Retention labels also have the configuration option of classifying items as ‘Records’ or ‘Regulatory Records’ once the label is applied. Once an item is declared as a record, certain restrictions are placed on actions that can be performed, such as editing record content.
Retention labels can be imported as a file plan. Please note that in our experience when importing from CSV there appears to be a 36-character limit per cell for the import. As such, if using the file plan import organisations may wish to leave Comments, Notes, Reviewer Email and Citation URL’s blank and manually add this information to labels after import. Event-based retention labels also need to be manually created.
In order to use retention labels, they must first be published to a retention label policy, which we will focus on in a future blog.
The following rules apply to published retention labels:
- only one label can be applied to an item
- if a label is manually assigned, it can be changed by end users (I.e. you cannot prevent people from modifying the label assigned)
- if an auto-apply label is assigned, end users can apply a manual label instead
- if a manual label has been assigned, an auto-apply label cannot replace it
- if an item meets the conditions of multiple auto-apply labels, the label with the longest retention is applied
Disposition Reviews
A major benefit of using retention labels is the disposition review feature (only available to E5 licences with access to Advanced Information Governance). Where a Reviewer Email has been set on a retention label, once a record with that label applied passes its retention period the reviewed will receive an email notification asking to review disposal.
Pending dispositions can be viewed in the compliance centre, with Reviewers given the option to:
- permanently dispose of the item
- extend the retention period
- apply a different retention label
Proof of disposition is maintained for 7 years, and is based on Unified Audit Log data.
Organisations however may find that there are gaps in metadata required to be captured for proof of defensible disposition.
In the next part of our series we will look at event-based retention in M365.
About the Author
Adelaide Copland has worked as an information specialist and CM/TRIM application administrator since 2014. Adelaide has experience in Microsoft 365 implementations, process improvement, records training delivery, development of policies and procedures, strategy and establishing digitisation programs.
Nov 4, 2020 | Blog
World Preservation Day 5/11/2020
Did you know that the first Thursday of November is celebrated as World Digital Preservation Day (WDPD). WDPD allows preservation experts across various industries to come together and raise awareness of digital preservation initiatives and societal benefits of preservation.
The world in which we work today is largely digital. Digital information and records are growing exponentially every day, and appropriate strategies need to be developed and implemented to ensure appropriate records and information are preserved over time. As we live through the COVID-19 pandemic, it’s evident that evidence of worldwide organisational and social responses to the pandemic are likely to have ongoing historical, social and research value. So how do we ensure that relevant records and information are maintained and preserved for future generations?
In a past blog, we talked about digital preservation. In it we discussed what preservation means, its importance, and resources to support digital preservation programs and initiatives. The Digital Preservation Coalition act as champion of WDPD, and provide a plethora of resources to help organisations get their digital preservation journey underway. The Digital Preservation Handbook is a great starting point for organisations wanting to understand what preservation involves.
Before you get started it is important to understand:
- the digital records and information assets your organisation owns
- the repositories (i.e. systems) that house your records and information assets
- retention requirements for digital records and information assets
- organisational expertise and technical capacity to carry out digital preservation activities
From this, organisations can develop a digital asset register which can provide a clear and concise view of digital assets it owns. Having an understanding of organisational readiness will also help to inform preservation next steps, and whether external expertise is required to support your preservation journey.
If you’re looking to start your preservation journey and need some support the team at Recordkeeping Innovation can assist you. Learn more at http://www.records.com.au/
About the Author
Adelaide Copland has worked as an information specialist and CM/TRIM application administrator since 2014. Adelaide has experience in Microsoft 365 implementations, process improvement, records training delivery, development of policies and procedures, strategy and establishing digitisation programs.
