Establishing a governance structure to control document

management behavior

Ark EDRM Evolution Conference April 18-20 Sydney 2007

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y What are governance structures?

• U.S. Department of Justice, Office of Justice Programs definition

“as the set of organizational regulations and standards exercised by management to

provide strategic direction and ensure that objectives are achieved, risks are managed appropriately, and resources are used responsibly. “

• Two types;1. Govern behaviour2. Govern communication about behaviour

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y Technical governance structures….

• Audit trails

• Server data management/transfer including backups

• Security matrix

• Confidentiality level

• Policy and procedures on how to create, store, save, share and dispose of electronic information

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y Communication governance structures….

Steering CommitteeProject ManagerWorking party

Funding body

Users Project team Records Manager

Records staff

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y Why are governance structures important?

• You can add new text slides by clicking on the ‘new slide’ icon at top or by clicking Insert then New slide

• You can use the multiple slide view at the bottom to copy and paste slides.

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y Benefits of governance structures…………

• Stakeholders have buy in by feeling they are heard

• Formalises and documents decision making

• Effectively implement complex IT projects

• Ensure a united vision of the outcome

• Channeling staff behavior to be legally compliant

• Harnesses expertise of many instead of one

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y Influencing document control behavior…..

• Hardcopy1. Enforced policy and procedures2. Caveats

• Electronic1. Documented business rules2. Automate processes

• TechnicalSecurity matrix (example hardcopy)

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y Who controls the documents?

• Hardcopy1. Records Manager

2. Librarian

• Electronic1. Systems Administrator

2. Document controller - policy

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y Who governs document management?

• During implementation• Working party confirm• Steering Committee endorse• Change controls• Documentation ISO 10013-2003 compliant

• After implementation• Different staff have different roles defined

by document control procedure

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y Communicating compliance culture

• Change management most important aspect of project

80/20 budget breakup

• Staged awareness/training program

• Reinforcement

• Report non compliance

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y

• Automate, automate, automate processes

• Report non compliance

Aligning compliance and business

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y Managing secure access

• Legislation

• IT ISO/AS standards

• Records regulations

“The ERMS should support as a minimum the security categories outlined in the Commonwealth Protective Security Manual.”

From National Archives of Australian ERMS specifications and guideline documents (2006) at http://www.naa.gov.au/recordkeeping/er/erms/ERMSspecifications.pdf

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

YC

HA

RLE

S D

AR

WIN

UN

IVER

SIT

Y References

• Hutton, D. (1994). The change agents handbook:A survival guide for quality improvement champions. ASQC Quality Press:Milwauke Image and Data Manager Jan feb 2007

• The federal Privacy Commissioners site at www.privacy.gov.au is an excellent resource of guidelines, precedent and interpretations

• National Archives and Records Administration (2005).Electronic Records Management Initiative:Guidance for Building an Effective Enterprise-wide Electronic Records Management (ERM) Governance Structure

• NT Government Records Management Standard - Records Security and Access (issued October 2003)http://www.nt.gov.au/dcis/nta/recordkeeping/ntg_security.html

• ISO 10013-2003 Guidelines for quality management system documentation

CH

AR

LES

DA

RW

IN U

NIV

ER

SIT

Y

Anastasia Govan

BA(IM)GradDip(Mgt)PCP AIMM MACS AALIA MRMAASenior Lecturer Charles Darwin University Information & Kowledge Management Director & Consultant Whitehorse Strategic GroupChair Australian Computer Society NT Executive Council

PO Box 2096, Darwin, NT, Australia, 0801Phone 0428836405agovan@whitehorsestrategic.com

Contact details

www.cdu.edu.au