When I think back to this time last year, I’m shocked by just how different things are since the start of COVID-19. Businesses have gone through major shifts in record time - projects like moving to a remote office environment that often takes months to complete were carried out in just a few days or weeks.
In this series, we've been exploring the intersection of IIM policy and the law in order to help IIM practitioners and legal specialists work together more effectively by gaining a better understanding of the relationship between the two. So far, we've covered: Part 1 - IIM Policies and The Principle of Hearsay Part 2 - IIM Policies and "Ordinary Course of Business" Now, let's compare IIM policies to contracts.
Making an ECM implementation successful requires planning and attention to detail. The best way to create the right solution is to identify organizational goals and priorities. Learn how to manage a successful implementation in our free guide.
In this series, we've been exploring the intersection of IIM policy and the law. The idea here is to help IIM practitioners and legal specialists work together more effectively by gaining a better understanding of the relationship between the two. In my first post, where we explored the principle of hearsay, we left off asking about the relationship between IIM policies and the "ordinary course of business." So, let's take a look.
Back in the day, when work was centralized in locations and on devices “within” the enterprise, it was reasonable to assume that control could most effectively be maintained by managing security at the firewall. Information security was largely a function of “keeping the bad guys out.”
Every so often, IIM practitioners and lawyers cross paths. One such intersection is around policy writing. As practitioners modify and improve their IIM policies, it's important to keep in mind how those policies specifically relate to the law. Understanding that relationship better will help IIM and legal specialists work together more effectively.
Too often, I hear IIM professionals complain about this issue. "People aren't reading our IIM policy," they say. "I wish our organization forced everybody to read the policy. That way they would know what the IIM requirements are." My response is always the same: Given the choice, 99% of the people in your organization will never read your IIM policy. Get used to it. That is not going to change. It's not a bad thing.