Guest contribution by Martin Waldron,
In-Form Consult Ltd; Managing Director
MGB MoReq Governance Board, Chair
Der erste Teil des Artikels erschien im Newsletter 20090325Newsletter 20090325. Die Teile 3 und 4 erscheinen in den nächsten Ausgaben des PROJECT CONSULT Newsletter. Der Beitrag wurde ursprünglich als Whitepaper für die Fa. EMC verfasst.Orientation
The objective of this paper
This paper aims to help the business executive reader to understand how MoReq2 will affect their corporate records management programmes.
The paper provides an assessment of the possible value and limitations of MoReq2 in addressing the challenges of specifying good records management practices for the complex e-information technology world of business.
What is MoReq2 and what is its purpose
Organisations across Europe have been subject to increasing pressure, through the demands of compliance and corporate governance, to manage their organisational records in a more disciplined way, and to make public the policies and procedures that they follow in order to do this. The European part of the AIIM 2008 Information Management survey showed that “Compliance and Risk Management” vied with “Improved Efficiency” as the main business driver for adopting a corporate records management programme. Organizations of less than 1,000 staff showed 31% identified compliance and risk management as an important driver against 36% for efficiency; over 1,000 staff the figures were 38% for compliance and risk against 28% for efficiency. Most organisations now have at least some records in electronic format, and as a result have demanded ‘Electronic Records Management’ software from IT vendors.
Over the last ten years electronic records management has established itself as a core discipline in organisations, and with that several ‘best practice’ guidelines have been produced at national, pan-European and international levels to provide guidance to organisations and suppliers. These guidelines have been mainly for the public sector with various governments including the UK producing their own guidelines in the absence of a European approach.
The creation of a comprehensive specification of requirements to provide a European ‘standard’ for Electronic Records Management (ERM) was funded by the European Commission in 1999. The resulting MoReq – “Model requirements for the management of electronic records” - was first published in 2001. The MoReq document was developed as a guide to organisations in both the public and private sector when specifying their functional requirements for an EDRM system. MoReq also included general guidance on operational and user considerations in deploying an EDRM system. MoReq quickly gained wide acceptance and recognition in Europe and internationally. EU member states such as Holland and Finland have used it as a base to define their national standard and Germany, UK and Norway updated their existing standard along MoReq guidelines. MoReq has also been translated into ten languages including Spanish, Russian, Italian, and Hungarian.
MoReq2, published in March 2008, is comprehensive revision of the original MoReq specification. The MoReq2 project has updated and significantly expanded the original specification, and also developed a set of testing scripts which will be used to support a compliance testing scheme for EDRM solutions vendors. Unlike other internationally recognized ERM specifications such as the American DoD 5015.2 and the UK TNA , it is written to be equally applicable to public and private sector organisations. Also it is written with EDRM users of all types in mind: not only administrators, records managers and archivists, but also general office and operational staff who use EDRMS as part of their everyday work.
The specification covers both records management and related areas such as document management, e-mail and physical record management. This is advisable because records do not stand alone; they are part of the larger information management picture.
Commercial software products may support only records management (ERM systems or ERMS); many go wider and provide integrated support for document, web content and content management, workflow/business process management, e-mail management, archival and other functionality. Typical acronyms for these are EDRM or ECM systems – Electronic Document and Records Management or Enterprise Content Management systems.
Information Lifecycle
The schematic below shows the information lifecycle of a document from the creation or receipt of the document which progresses to a final rendition which is then declared as a record. The record is then considered to have business value as it is used in transacting or recording business activity. The record loses business value as its activity decreases. The record however needs to be still retained to meet its designated retention period normally set by legal or statutory requirements and at the end of the period disposed of or in exceptional cases retained for historical or other designated purpose.
This lifecycle records management process is a vital requirement to meet compliance requirements and improve quality and accessibility of corporate information. MoReq provides a technical specification of good electronic records management practice to meet these requirements, throughout the record’s lifecycle.
White Paper Terms of Reference
This paper is aimed mainly at organisations considering implementing EDRM, and sets out guidelines to assist the user in assessing whether MoReq2 could be of value for their organization within their EDRM project. It includes review and comment on the main sections of MoReq2, and an assessment of areas that need careful scrutiny. It identifies areas omitted from MoReq2 that may need to be included in your EDRM requirement. For those familiar with the original MoReq, it describes the major changes and enhancements in MoReq2.
Where does MoReq2 fit in an EDRM project?
As with any other IT-related project, business requirements come before technical requirements. MoReq2 is not suitable as a base for developing business requirements but provides input to producing the technical requirements for the EDRM system. The schematic below identifies where and how MoReq2 contributes to an EDRM project.
It should be noted that MoReq2 does not address aspects of EDRMS implementation such as project management, development of a fileplan, training and communications, acceptance of the system. These are all outside the scope of MoReq2, but are absolutely essential to any successful implementation.
Drawbacks of using MoReq2 as is
The specification attempts to cover a wide range of requirements and it is also voluminous – there are some 868 requirements across all sections with 462 in the Records Management section alone, and it runs to 332 pages.
This wide scope was intentional and set out in the MoReq2 tender document published by European Commission’s DLM forum. This has resulted in major limitations, primarily that time-consuming modification is required to map it on to an individual organisation’s EDRM requirements. MoReq2 also provides little or no guidance on which areas apply, or how to prioritise the detailed requirements within each area (other than as mandatory or desirable). Suffice to say, this can lead down a path of wasted or unnecessary effort.
It’s important to understand that MoReq2 relates to a wide range of business, compliance and operational requirements; some may not be relevant to your organisation and others may be addressed in more depth than required to meet your needs. You most likely will not need a system to be as complex and extensive as implied by the full MoReq2 specification. Many users will find themselves grappling with for example esoterics of archival science which in fact apply only to a limited audience within the public sector.
As acknowledged in MoReq2, the requirements for ‘optional modules’ which are not core functions of an ERMS are presented at a high level; they are not exhaustive but provide an indication of the appropriate activities This is particularly true of Chapter 10 which contains a wide range of functionality including collaboration, workflow and CMS integration.
Also MoReq2 has introduced a ‘chapter zero’, allowing member states to add their unique national requirements, take into account different national languages, legislation, regulations, and record keeping traditions. As yet none have been submitted for approval, so MoReq2 may be incomplete in this respect.
Client Side Requirements
A further major omission is that there are no requirements specified for the rapidly growing number of organizations that use SMS, instant messaging, wikis or blogs, which have similar record keeping requirements. This area of “Social Networking” applications is set to grow rapidly with Web 2.0/social networking content being created and the associated applications now being widely adopted by large enterprises.
Anm.d.Red.: Der Beitrag wird in der nächsten Newsletterausgabe fortgesetzt.
Metadata