The strengths and weaknesses of the information governance approach to records management

By James Lappin posted 03-22-2014 07:52


It is clear that a new records management approach is emerging.   We can see the signs:

  • a new set of tools has emerged that seek to enable organisations to mitigate and adapt to the the fact that their records are largely held in places such as e-mail accounts, shared drives and SharePoint team sites that are difficult for the organisation to manage.    In contrast the previous records management approach (the electronic records management approach) sought to move records out of these repositories into an environment that was easy for the organisation to manage - a standards compliant electronic records management system
  • a new set of beliefs are forming about records - the belief that the burden of records management on end-users should be minimised. The belief that end-users cannot be relied upon to make consistent decisions on whether or not particular documents or e-mails needs to be captured as a record.  The belief that organisations should no longer try to distinguish between records and non-records, records systems and non-records systems, but should instead realise that all content they hold needs to be managed and accounted for.
  • new guidance has been issued from influential bodies - the US National Archives has told federal agencies to designate the e-mail accounts of key staff for permanent preservation if they have not been able to find an alternative way of routinely capturing important e-mails as records.   It has asked agencies to innovate and to look for new ways of automating records management to reduce the burden on end users.  It has asked vendors for their ideas and help for ways of automating records management
  • new professional groupings are forming which are exploring, promoting  and extending the new model most notably the Information Governance Initiative founded by Barclay T Blair, and the Next Generation records management blog formed by Don Leuders and others.

The best way of understanding the new approach is to compare it with what has gone before.   In the history of records management  we have had periods where the profession has had a coherent approach to offer organisations, interspersed with periods of disruption during which technological and communications developments have made an existing approach untenable:

  • The registry approach  (1950s to early 1990s) In the paper age the registry approach involved employing teams of records clerks (grouped into 'registries') to maintain files and place correspondence and documentation onto those files.     This meant in effect that an organisation of 1,000 people that wanted good records management across all its activities would deploy around 40 people to capture all the records of the organisation.  Post would arrive in a post room and then it would be sent to a records registry for filing before being delivered to the individual addressee for action.
  • The disruption of the arrival of e-mail (1993 to 1999)   The arrival of e-mail meant it was no longer possible to route the flow of incoming and outgoing correspondence through registries - instead correspondence went directly from sender to recipient with no space for intermediaries
  • The  electronic records management system approach (2000 to 2007).  With this approach an organisation asked every individual within the organisation to declare every important e-mail/document that they created or received to the electronic records management system.   This in effect means that an organisation of 1,000 people was asking all 1,000 people to take decisions on what gets captured as a record and where it is placed within the records classification/filing structure.  The  benefit was that every document declared into those systems were well described and well governed.  The problem was that records capture was no-longer routine and no longer integrated into the process by which people exchanged written communications.  Instead records capture was an after-thought, dependant on the motivation, awareness and workload of individual staff.
  • The disruption of the rise of SharePoint (2008 to 2011)  the rise of SharePoint destroyed the market position or electronic records management systems by capturing the collaborative space, without in itself offering a workable records management alternative.
  • The information governance approach (2012 -  )  in this emerging approach an organisation gives a central information governance or records management unit  tools to index/apply classification and retention rules to / clean up/ the various  applications/repositories that the organisation is using.  This means an organisation of 1,000 people is asking 3 or 4 members of staff to make records organisation and disposition decisions for the whole organisation.


Strengths of the information governance model

Ability to deliver quick wins

The main strength of the information governance approach is that it enables organisation to take pragmatic measures in the short term to tackle key pain points or cost points:

  • If they are paying a fortune keeping their entire shared drive on expensive first tier shortage they can use analytics tools to identify redundant, outdated, trivial or rarely looked at content and either dispose of it or move it to cheaper storage.  Organisations often lease such tools on a short term basis for particular projects/cases, rather than taking out perpetual licences.
  • If organisations are facing problems responding to eDiscovery requests they can deploy (or their eDiscovery service provider can deploy) an indexing engine to index shared drives, e-mail accounts and SharePoint sites; apply legal holds; and support the review process

This is a contrast with the electronic records management system approach which typically took several years before beginning to deliver benefits.

Less need for change management

The second strength of the approach is that it is not dependent for its success on end-users changing their behaviour.   In-place records management tools and SharePoint records management  plug-ins, and to an extent e-mail archive systems, allow the application of records classification and retention rules without end users leaving the applications that they work in.   It isn't that these tools have no-impact on end-users (they might require an end-user to act when creating a new folder/document library for example), but they have far less impact than the electronic records management systems approach.

The problem with the electronic records management system approach being so dependant on end-users changing their behaviour was not so much the resource implications of the training necessary.    It was the fact that there was no certainty that the change management would succeed.  A significant number of electronic records management system projects were abandoned due to lack of user buy-in.

Possibility of extending, rather than abandoning, electronic records management systems

Another strength of the information governance model is that it enables those organisations that did manage to establish electronic records management systems to extend the reach of those systems to shared drives, e-mail accounts and SharePoint sites.   This could be done by using an analytics/indexing/clean-up/in-place records management tool to move selected content from repositories such as shared drives into the electronic records management system.


Weaknesses of the information governance model

Lack of a fully worked through theory

The information governance model is an emerging model, it is still not fully worked through.  In particular there is no coherent body of theory and guidance yet.   As an illustration of this we saw in 2013 the US National Archives appealing to vendors for ideas on how to automate records management.  This is in stark contrast to the situation at the end of the 1990s when various national archives around the world were specifying to vendors exactly what functionality an electronic records management system should have.

Focus on the compliance requirements of external stakeholders at the expense of the day-to-day needs of internal end-users

If one of the main strengths of the information governance model is the reduction in burden on the end-user, the main weakness of the model is a lack of clear benefit for end-users.

For example:

  • indexing engines (such as those provided by Nuix and Zylab) act in effect like an enterprise search engines, albeit with the additional ability to be able to  take action on content rather than simply find content.  They can be shone across e-mail servers, shared drives, SharePoint, line of business systems etc.   But unlike enterprise search engines these indexing engines are not intended for end-users.  They are intended for central administrators and those charged with dealing with eDiscovery and access-to-information requests.   Most organisations buying indexing engines such as Nuix do not provide end-users with an interface to these products. Providing such an interface is not feasible because the whole point of such tools is that they can be used to search 'dark data' - material in e-mail accounts which contain a mixture of harmless,useful, harmful, useless and private content.  This means that indexing engines can be used by administrators/legal counsel to service the needs of external requestors (often hostile to the organisation), but cannot be used to service the day -to-day information needs of internal users who wish, for example, to know what a predecessor had said to a particular stakeholder/customer/client/citizen/lobbyist/regulator.
  • Electronic records management systems aimed to create an electronic 'file' that told the whole story of a piece of work (much like good paper files used to), and that functioned as a single point of reference for that piece of work.  In other words they were trying to 'shape' the way records accumulated in a way that was useful (or was thought to be useful) to both the individuals carrying out that work and any future stakeholders.  In contrast in-place records management tools attempt to apply policies (classifications and linked retention and perhaps access rules) to content held in different repositories. They are not looking to shape the way records accumulate.   They are not looking to create a single source of reference for a particular activity.  They are instead looking to make sure that the organisation can apply an appropriate classification and retention rule to all content.

The lack of focus on the information needs of internal end-users is not surprising.  This is an information governance approach that is being adopted as a records management approach.   Information governance and records management are different professional perspectives, with different histories and aims.  Neither can be reduced to the other without giving up some of its core aspirations.  

The aspiration that records management is giving up if it takes the information governance approach as it is, without adding to it or reshaping it, is the aspiration to design records systems that are equally as useful  for the day-to-day needs of internal end users as they are for compliance with the requirements of external stakeholders.   The information governance model, as it stands at the moment, has a strong emphasis on the latter to the neglect of the former.



04-03-2014 09:41

Hi Susan
I think with the analytics tools and with in-place records management tools it is more likely to be central information governance/ records management staff using them, rather than local records co-ordinators/ champions. These tools are very powerful but also quite complex in that they give such a range of choices and options to the administrator. I don't see organisations being able to train local records management co-ordinators/champions in their use

03-24-2014 19:01

Enjoyed your observations on information governance(IG). Can you elaborate on your comment that with the IG approach, "… an organisation of 1,000 people is asking 3 or 4 members of staff to make records organisation and disposition decisions for the whole organisation.” Are you thinking of the Records Manager and staff or are you thinking of the records coordinator/champion network that has dotted line responsibility to the records manager or a new compliance group?