Blogs

To Support or Not Support the DoD 5015.2 Standard (Some pet peeves and views on the debate from a RIM practitioner’s perspective)

By Ronald Layel posted 06-10-2013 12:06

Recommend

I’ve recently read again the post by Don Lueders in AIIM Expert blog space and the counterpoint by Mark Mandel. Having attempted to post some rather long responses to both I found there is a word limit, so I had to edit them rather severly. This editing resulted in some lack of logical flow and loss of explanatory details, so I’m posting the entire set of comments here.

I love both Don Lueders’ detailed post on this subject, On Why I No Longer Support the DoD 5015.2 Standard, and Mark Mandel’s rebuttal, I Support DoD 5015.2; and Encourage ALL Federal Agencies to Adopt It, as I believe that a full debate on standards for IT systems creating and housing Official Federal Records is really needed. The have taken a position that others no doubt share; and both raise some really good points for discussion (both for and against), as other comments already posted indicate. I agree with many of Don’s arguments for throwing out 5015.2; but I do have a few pet peeves that these blogs brings to the fore:

1. Why are the discussions and serious work on standards for managing Government electronic records in the US always limited to DoD 5015.2, as though it is the only existing standard? As Don very convincingly points out, this standard is so outdated and inadequate in many ways. This is particularly noticeable when it is compared with others such as MoReq 2010, ISO 16175 and the Object Management Group’s Records Management Services (RMS) specification.

For MoReq 2010, I can only assume that it is the “NIH” factor (not the federal health institute) that keeps it out of wider adoption and even serious discussion in the US. In my view it addresses many of the problems cited with 5015. I don’t get why this is dismissed here as being just “the European standard”.

Likewise, the OMG RMS directly responds to one of the major problems Don raises with 5015 – i.e. it is essentially a standard for “stand-alone Records Management applications (which) haven’t existed for almost a decade”. As I understand it, the whole purpose of the DMS endeavor, which a consortium of NARA, federal agency Records & IT reps., and industry partners undertook, was to create a set of requirements and specifications for RM functionality that can be “baked in” to any system/application and that will run in the background as a service. For any standard/specification to be useful in today’s government IT/RIM environment, it must allow for a “manage in place” strategy that does not assume a centralized RMA repository for all electronic Official Records or valued information assets.

2. Why would anyone seriously interested in establishing a systems standard for federal government RIM/Information Governance (IG) think that DoD and their technology vendor community has all the answers? And why is it assumed that what may be required and workable for Defense will also be viable for the civilian federal government? Don’s piece cites several examples of where the 170+ functional requirements in 5015.2 are either irrelevant or over-engineered (particularly for civilian agencies). I’m obviously agreeing with Don on this one – and again making the argument for looking at other standards-making groups/endeavors rather than focusing so much on just this one, which was based on a couple of fundamentally false premises.

3. Why is the work and debate on systems standards for Record Information Management (RIM) in Federal Govt. dominated by EDM/ECM/ERM systems vendors and “industry analysts”? Correct me if I’m wrong, but don’t these analysts make their livings in large part by advising technology companies on how to position their products to maximize sales to government and private sector customers? I’m not directing this concern at Don, Mark and their industry colleagues, as their experience and insight is very much valued and needed. However, isn’t it about time that NARA and my colleagues (those of us who actually practice RIM & IG in government) step up and take the lead? I for one am very concerned that whatever standard emerges to replace 5015.2 (or even worse if 5015.2 should be mandated), must not be driven by what is in the best business interests of vendors, but rather by what is really required and what is workable for the government RIM/IG practitioners who will have to live with it and attempt to make it work. Further to this point, I fully agree with those who have earlier posted responses to your blog, that there was a huge opportunity missed when NARA and OMB did not take a more thoughtful and direct stance on these standards (including rescission of NARA’s prior “endorsement” of 5015.2 for use by civilian federal agencies) in the Managing Federal Records Directive (MFRD) issued August 2012. If they are not yet ready to adopt an existing standard (e.g. MoReq 2010, ISO 16175, or OMG-DMS), which I’m pretty sure they are not; then they should at least lay out a clear direction with milestone and deadline to get it done. Of course, I believe this new direction should require active participation by agency Records Officers/RIM/IG practitioners, while also continuing to involve industry/technology/consultant experts. By not addressing this in the MFRD NARA/OMB have perpetuated a huge dilemma for federal agencies – requiring in Federal Regulation (36 CFR 1236, Subparts B and C) the use of systems with “recordkeeping functionality” to effectively manage all electronic records, without clear definition of what that means and without guidance on how to implement it.

Thanks again Don and Mark for stimulating this discussion with your blogs! As indicated, I’m not ready yet to agree with every point in Don’s piece, but I definitely lean in the direction of doing away with DoD 5015.2 as a standard “endorsed” by NARA for use by civilian federal agencies. if time permits (and space on this AIIM Community site allows) I will follow this up with some point-by-point reactions to comments on the six specific requirements of Cutoff, Metadata, Email Records, Non-electronic documents, Record Relationships, and Metadata-based Security.

#ElectronicRecordsManagement #Records-Management #DoD5015.2 #RIM #ERM

4 comments

379 views

Comments

Mark Mandel

06-18-2013 15:24

"5015.2 is fundamentally flawed by its assumptions that all of an organization’s record information will be managed in some type of centralized and stand-alone RMA, EDM/ECM system. This has been an invalid assumption, and it doesn't seem at all likely to be feasible in the future in large organizations, particularly for the huge volumes of Temporary email records."
Ron, please look at the Department of Interior as an example of the centralized approach - ECM in the cloud, with email archive and records management. This is not only feasible, it is the best practice model for OMB 12-18.

Mark Mandel

06-18-2013 11:47

@Ron
I guess the answer to your latest reply is no to both questions.
I was using email as an example of how 5015.02 provides mandatory metadata standards - it also contains metadata requirements for digital photos, scanned images, electronic documents, web records, PDFs, classified records, FOIA requests, Privacy Act requests, transfers and more.
To me these mandatory metadata requirements represent the most significant benefit of 5015.02-STD compliance.

Robert Kornegay

06-18-2013 09:41

Once upon a time, records meant paper documents. They lived in file cabinets, and they were managed and maintained by secretaries, librarians and archivists who knew the rules, and applied them diligently. When space for more file cabinets ran out, the records were put in boxes, marked with a destruction date, and shipped out to a off-site records storage company. When the destruction date was reached, the off-site records storage company would take care of destroying it, and recording the fact that it had been done.
Today, IT departments are struggling to manage electronic records that exist in electronic form all over the business, often well beyond the reach of the traditional custodians. So we now need much wider “Information Governance Policies” to ensure that our corporate information (and our customers information) is secure and is easily located. In particular, businesses are increasingly faced with the possibility of high profile criminal, commercial and patent cases that hinge on evidence from electronic documents, from emails, and even from social network comments. So these records need to be “discoverable” and presentable to regulators and lawyers. And as the argument moves on from “how do we keep stuff?” to “how can we defensibly get rid of stuff?”, we need to examine what shape enterprise records management takes and, in the big data age, how do we keep a lid on the escalating costs of content storage?

As the non-profit association dedicated to nurturing, growing and supporting the Information Management community, AIIM is proud to provide this research at no charge. In this way, the entire community can leverage the education, thought leadership and direction provided by our work. We would like this research to be as widely distributed as possible. Feel free to use this research in presentations and publications with the attribution – “© AIIM 2013, www.aiim.org” Rather than redistribute a copy of this report to your colleagues, we would prefer that you direct them to
www.aiim.org/research for a free download of their own.
In this survey, we look at the risk profile around electronic records, the keep-all versus delete-all options, the international view of e-discovery, and the implications of social, mobile and cloud on RM policies. We also look at the development of enterprise-wide governance policies, and how they translate into system strategies.

Information Governace...Records & Information Management...2013

Paul Wester

06-13-2013 17:09

Thanks for this post, Ron!
The National Archives and Records Administration (NARA) is extremely interested in this discussion, and we're paying close attention to the opinions on all sides of this debate -- here and elsewhere.
We recognize that there are many powerful products on the market now, including DOD 5015.2 certified systems, and many agencies do make effective use of them to manage their electronic records. However, too many electronic records in the Federal government remain unmanaged. Too many agencies have not been able to procure and deploy existing systems, for one reason or another, and the National Archives believes that even in agencies that have electronic records systems, too many processes still rely on end-user intervention for all records to be consistently captured and managed.
We’re interested in better understanding what the hurdles are to managing electronic records well, addressing those hurdles, and ensuring that we find and share information about tools that meet our needs so that ALL electronic information is managed well. We want to work with all parts of the broader information management community, including AIIM, to figure out what steps to take so eventually all information can be managed effectively and access is maximized by default
Under the auspices of the Managing Government Records Directive, we are launching two initiatives intended especially to gather the opinions and expertise of the vendor and standards communities on these issues.
First, we want to find solutions and approaches that address agencies’ short term need for tools to manage their electronic records as automatically as possible to meet the Directive's 2016 and 2019 goals.
Second, we invite you to help us rethink the whole Federal information ecosystem for the long term. If there are opportunities to make dramatic improvements in the future by making more fundamental changes in our processes, structures, and mental model, we want to start working on that. In the long term, we envision a world we easily provide access to electronic information to anyone with the right to use it, for as long as that information needs to be accessible.
We will be inviting the AIIM community to submit your insights into how we can address these issues starting this summer. We will also be inviting vendors to present information about their solutions for ERM automation to Federal records and IT staff.
Details will follow shortly!
Paul M. Wester, Jr.
Chief Records Officer for the U.S. Government
National Archives and Records Administration