Effective records information management (RIM) is a strategic resource for a company as it helps the Chief Executive Officer and management team to manage and analyse both physical and electronic records. As a result, it is important to understand what principles underpin an effective RIM system because information is one of the critical assets for most companies.
RIM is the secure and effective administration of all business records throughout their lifecycle. This process includes identifying, classifying, storing, securing, retrieving, tracking, destroying or permanently preserving records and other forms of information.
It is important to remember that records document important business events and can include contracts, budgets, purchase orders, memos, e-mails, instant messaging logs, web site content, customer service records, images, videos and marketing material. These elements can be generated and stored in either paper or electronic format.
The effective management of records throughout their lifecycle is essential for critically important areas in a business including enterprise information management, business intelligence, business analytics, regulatory compliance and disaster recovery.
As a guideline, all business owners must aim to adhere to the following principles of RIM to ensure an effective process:
Accountability: The RIM process should be assigned to a senior executive, who should be accountable for managing the information governance programme (IGP). This person should be responsible for developing and implementing RIM policies, as well as for ensuring system auditability. Equally, all managers should be accountable for information governance, RIM, budgets and costs in their respective areas of operation.
Integrity: Working with a trusted records management partner is essential to ensure that the records generated or managed by or for the company have a reasonable guarantee of authenticity and reliability. Together with its RIM supplier, the company should identify technologies and processes that will provide suitable guarantees of integrity.
Protection: The company and its RIM supplier must ensure a superior level of protection for official records and business information that is private, confidential, privileged, secret or essential to business continuity.
Compliance: The company’s IGP must comply with all applicable and jurisdictional laws and regulations, as well as the company’s own policies. The challenge here is not so much in developing an appropriate programme, but in ensuring compliance across all forms of information repository.
Availability: Records and information should be managed in such a way as to ensure that they can be retrieved accurately, timeously and efficiently whenever needed.
Retention: Records and information should be maintained for a statutory period but no longer. Retention schedules should take into account business, legal, regulatory, fiscal, operational and historical requirements.
Disposal: Records and information should be slated for disposal if they are no longer required for regulatory purposes, no longer have any business value, or potentially create a liability for the business.
Transparency: The company’s IGP should be implemented in an understandable, accessible and defensible manner, and reports on the programme should be readily available to both internal and external stakeholders.
“The RIM lifecycle involves a number of different activities from the time a record is created until it is finally archived or destroyed. As a result, it is important for businesses to partner with a reliable RIM supplier to not only ensure the process is effective, but to also save time so that managers can spend more time on running other functions of the business,” concludes Clarke.