Menu right
Information Compliance Management

 

 

What is Information Compliance Management?

 

Compliance within business broadly falls within three key domains:

  • Information
  • System
  • Risk

RHE Infrastructure address the Information Compliancy domain which relates to the correct management of information produced in the normal course of business. Compliancy in this area is primarily driven through regulatory measures or industry guidelines which impose obligations regarding the capture, retention, maintenance, archival and disposal of information records.

 Our Approach - Information Compliance Management Approach (ICMA)

 

Our Information Compliance Management Approach (CMA) is top down and encompasses all aspects of process, policy and technology enablement. The phases of the approach are described below:

  1. Records and Process Identification and Design

Compliance obligations relate to all business records and it is important to perform an audit, or stocktake, of the records that play a part in the operation of the organisation. Of critical importance is to identify all inbound records, outbound records and records that are created in the course of an organisation's daily business and develop policies and processes developed regarding their capture, retention, archival, security, audit, accessibility and ultimately, disposal. 

 

 

  1. Implementation of Content Management System (CMS) and Processes

With the exception of specialist records that are maintained in specialist systems, RHE IS advocates the design and implementation of a centralised Content Management System ("CMS") for unstructured data records e.g. Office documents, images, email.  The CMS must support the processes, policies and business taxonomy required to support compliancy.

  1. Alignment of information technology infrastructure and capabilities

RHE IS’ observation is that the information management policies and processes are often not supported by the underlying infrastructure. Common issues we see in business are:

  • Backups do not match the record retention periods prescribed by their policies (e.g. 7 years, 25 years)
  • Archival systems do not retain the policies associated with a record (e.g. retention, disposal) when the records are archived from a primary system (e.g. Content Management System).
  • Appropriate Disaster Recovery strategies are not in place to prevent record data loss and support business continuity of the mission critical records.
  • The value of the infrastructure is not aligned to the value of the data and applications running on it.

RHE best practice recommends that the Content Management System and the underlying Technology are treated as a single programme of work. Information Compliancy is only achieved when process, policy and technology are aligned, and the required changes should cover all of these components.  

  1. Compliance Information Management Solution

With policies, processes, systems and infrastructure in place, the organisation must have a plan and roles defined to manage the ongoing compliance activities.

 

 

An Information Compliance Engagement

 

Our industry observation is that compliancy implementations either neglect the importance of records identification and policy development, or they neglect the underlying infrastructure and systems needed to support the process and policies. We combine the record centric view and the technology centric view, to provide an information compliancy approach that aligns the policy and process with the enabling technology.

 

The nature and scope of engagements will depend upon the requirements of the customer and their level of information management maturity. We typically split our engagements into manageable projects, because information compliancy is as much about technology and policy as it is about managing change within the business. Examples of engagements include:

  • Strategy review to align the storage infrastructure (storage, backup, DR) with the requirements of the data produced by the business (security, accessibility, audit, performance, DR).
  • E-mail management and archiving implementations.
  • File system archiving design and implementations.
  • Consult around the management of documentation within the organisation and its relation to archiving.

Key Benefits to our Customers

  • Confidence that a holistic, rather than piecemeal, approach will be taken to information compliancy.
  • A trusted relationship with a partner that genuinely understands the domain area.
  • The ability to translate business requirements into the enabling technology and make recommendations.
  • An open approach to working with other partners who specialise in records management.
  • The intellectual property and a methodology to get quick wins on the board.
Copyright @ 2007 RHE Infrastructure Services   ||   Register   ||   Login
 
Case Study

  

"Virtualisation has delivered our customer's uptime needs within budget and without sacrificing agility and scalability." 

Careers

Please contact the RHE Infrastructure Services HR Manager on hr@rhe.co.nz

Featured Technology

 

Solaris ZFS

 

 

 

The Solaris ZFS file system is a revolutionary new file system that has been designed to be robust, scalable, and simple to administer. ZFS is a new file system technology that provides immense capacity (128-bit), provable data integrity, always-consistent on-disk format, self-optimizing performance, and real-time remote replication.