Managing electronic records is not simply a matter of procuring computer applications or systems. Solutions for managing content must be business-driven, not IT directed. To be successful, a systematic approach consisting of analysis, identifying business and system requirements, and identifying those solutions that can satisfy those requirements is needed.
ISO/TR 15489-2:2001 Information and documentation -- Records management -- Part 2: Guidelines provides an implementation methodology for Records Management projects. It includes the following eight steps:
Conduct preliminary investigation
In this step, the organization conducts an initial high-level assessment to determine its administrative, legal, and business environments so that it can determine how it will need to manage records. It will help to identify the records-related challenges the organization faces and understand what is doable within a particular time frame for the organization. And it will result in defining the scope of the program and the development of a high-level program charter.
Analyze business activity
This assessment has a number of goals and purposes. First, the assessment allows the project team to understand what the organization looks like in terms of its functional structure. This might be provided in the form of an organizational chart, or the assessment could result in the output of an organizational chart. Next, it attempts to determine how the organization actually works. Often, organization charts are either out-of-date or do not reflect the reality of how work gets done. The assessment seeks to determine which roles and groups perform which tasks and processes.
Identify requirements for records
The purpose is to identify the organization’s requirements to create, keep, and receive records of its business activities and to document the requirements in a structured and maintainable form. It results in a requirements document that can be used as the basis for designing the records system. This document will be based on a number of sources depending on the organization and the approach it takes to develop its requirements definition.
Assess existing systems
The purpose of this step is to examine the organization’s existing systems to determine what systems are in place and which ones capture records. Some of these will be records repositories, but many of them will be line of business applications which may create records but not manage them effectively. The assessment looks to determine whether records are being captured correctly, and if not, what needs to happen to ensure that they are. It also looks at both the technical and operational performance of those systems to determine whether they are as effective as they could be. Any gaps that are identified are noted and used as part of the business case for the new system and impact the requirements definition.
Identify strategies to satisfy requirements
In this step, the organization determines which policies, procedures, and tactics are necessary in order to create the appropriate records control framework. These vary depending upon an organization’s regulatory environment, business needs, and culture. At the end of this step, the organization should have a framework in place to ensure that records are created, used, and managed appropriately. This framework will then inform the design or updates to applicable records management systems.
Design records system
This step calls for designing the processes, tools, and systems required to implement the program according to the requirements and the governance framework. In this step, the project team will work with subject matter experts and users to produce a detailed system design. Outputs from this stage might include detailed project plans, documentation of changes to requirements, the detailed system design, including architectural diagrams and models, file plans, support plans, and the implementation plan.
Implement records system
The next step in the process of designing and implementing a records management system is the implementation of the system. In this phase, the project team will develop and implement the solution previous designed, including testing, piloting, and the actual implementation.
Conduct post-implementation review
The final step in the implementation framework espoused by ISO 15489 is to conduct a post-implementation review. This allows the organization to step back from the implementation process and review the system as delivered and the delivery process to identify gaps and areas for improvement. It calls for establishing a monitoring regime moving forward so that small changes can be addressed before they require big changes, and big changes can be anticipated and addressed in an orderly fashion (most likely with another iteration).