Manual for the Design and Implementation of Recordkeeping Systems (dirks)

Вид материалаДокументы

Содержание


Make sure strategies meet your needs
Tip: Keep a broad focus
Document your decisions
Tip: Reconfirm organizational commitment
Be pragmatic
Case study
Example: Strategies for licence agreements
Long term accessibility
Record security
Training in regional offices
Подобный материал:
1   ...   37   38   39   40   41   42   43   44   ...   71
^

Make sure strategies meet your needs


Once you have selected the strategies you wish to employ, you need to confirm that the recordkeeping requirements you arrived at in Step C and the gaps you identified in Step D have been addressed. 

To do this you need to: 
  • revisit the requirements that relate to the system you are assessing 
  • look at the gaps you identified in this system, and 
  • ensure that your chosen strategies are capable of resolving all identified issues and meeting the requirements you specified. 

This will enable you to determine the extent to which requirements are being met by the broad strategies you have selected, and to identify any glaring gaps or omissions in the system’s coverage.

The mapping between system components and requirements will not be ‘one-to-one’. Some strategies will address more than one major requirement; some major requirements will be met using a combination of different strategies.

 

^ Tip: Keep a broad focus

You should keep in mind that this tool is meant to provide a check of the initial high-level solutions you are proposing against your major recordkeeping requirements. You should not get bogged down at this stage with very particular requirements. These will be addressed by the more detailed and precise design specifications produced in the systems development process in Step F.
^

Document your decisions


Once you have selected a range of strategies and ensured that they enable you to meet your recordkeeping requirements, you should document your decisions. These can be documented in a plan that outlines how you want to proceed with your design work, based on your work and assessments to date. 

Your plan may need to receive managerial endorsement before you can proceed to implement your recommendations. 

 

^ Tip: Reconfirm organizational commitment

Step E can be a useful point at which your department/section can make or reconfirm a high-level commitment regarding the remaining design and implementation process. This may involve using in-house staff, external consultants, system vendors or a combined project team to bring some or all of the strategies to fruition.
^

Be pragmatic


You may have significant objectives that you wish to achieve following from your research to date. However, given business considerations and financial constraints, it may not be possible to achieve all that you have identified, or actually implement the strategies you've proposed. Depending on the nature of your department/section, it may also not be possible for the records management area to set organization-wide information management practices and priorities. 

To help your objectives to be achieved, it may be possible to use other organizational initiatives to help leverage your project. That is, if knowledge management, work process re-engineering, business system redesign or other initiatives are current hot topics in your organization, it is worthwhile trying to use these projects as means by which your work can be initiated.

 

Tip: Other pragmatic approaches
  • implement part of the strategy to address essential needs
  • opt for no further action at this time
  • revisit the preferred solution when its circumstances have changed, or
  • take a staged approach to the implementation of your solution.
^

Case study


The following case study was discussed in Step D: Assessment of existing systems as the results of a gap analysis. The following identifies how Step E can be used to identify strategies to help resolve the issues identified in Step D. 

 

^ Example: Strategies for licence agreements

One organization had a requirement to keep records of its licence agreements for fifty years after the issue of the licence. Their legislation stated that these records must be securely maintained for the duration of their existence. The organization has a number of offices across the state, each performing the licence management function. 

After undertaking their Step D analysis, it was concluded that:
  • the long term accessibility and evidentiality of the records was not assured. Licence records have to survive for upwards of fifty years and currently no strategies are in place to ensure this long term objective is achieved. 
  • records are not stored in appropriately secure ways. System controls prevent unauthorized personnel from accessing and changing the records, but they do not prevent authorized staff from accidentally or intentionally modifying or deleting licences. 
  • policies and procedures for system use are widely available at central office. Training in system use and access is often frequently conducted in this office. In the regional offices, however, little policy or procedural documentation exists and that which does exist is frequently different to that used in central office. Regional office staff have also not been trained in system use. 

In Step E, the following strategies to remedy these gaps were decided upon.

^ Long term accessibility
The organization is to employ the policy strategy. It will develop procedures, aimed at both records and IT staff, that will require that licence records are securely and accountably migrated through system change. Back-up procedures operate over the records, but these do not enable the full record to be preserved in a secure and evidential manner over time.  

Again in conjunction with IT, use of the standards strategy will be investigated. The agency knows it has to keep its records for long periods of time and believes that adoption of a standard, non-proprietary format will be a more secure and cost effective solution in the long term. 

^ Record security
The security of its licence records is of key business importance to the organization. It will therefore use the design strategy to limit user activities within the system and to make all records subject to read only access after their creation. To deal with security issues, the organization will also again employ the policy strategy to alter work processes to ensure that two staff have to authorize and validate any changes made by the administrator to licence records within the system. 

^ Training in regional offices
The organization will use the implementation strategy to make sure training is conducted on an annual basis in all regional offices. Using the implementation strategy, the organization will also distribute up to date policy and procedure manuals to ensure all staff are following the same processes. Again using the implementation strategy, the organization is researching alternative training mechanisms for regional staff and is particularly examining online training mechanisms.