Introduction

Welcome to my Weblog. This site is dedicated to my thoughts, views and understanding on anything that touches upon records management, archives management as well as information management in Malaysia. I believe in becoming a 'functional and meaningful' information professional, the term I refer to as person who can function in many ways possible for the betterment of this discipline. Interested parties, may reproduce or quote materials published with the condition that they are credited to alwiyunus.blogspot.com Comments must be accompanied by names or pseudonyms. Anonymous postings and those containing profanities and obscenities will be rejected. http://adf.ly/8Y1UN

Thursday, September 21, 2017

Preserving records in digital age

Dear all...



Loss of records occurs when disaster strikes, affecting the loss of corporate memory that can never be recovered. Digital preservation technology comes to the rescue, allowing enormous storage of records and information indefinitely. However, such technology is fragile in nature if not properly managed and handled. 

The keeping of digital objects comes together the risky parts and challenges; cost, technological, organizational and legal challenges. These are all ongoing process and not just a one off step. Information agencies; libraries, archival institution, museums, research institutions and public organizations face these challenges and must consider digital collection maintenance as part of organizational strategies and ongoing tasks for longevity and posterity of digital collection. 

Digital technology today is used to create, process, share, transfer, store, communicate and use information in business transactions. The quantity of the digital objects transacted; records and document created, born in various formats are enormous and grow exponentially. It affects the amount of works for preservation tasks to be done while relying for real and enduring solutions for digital preservation. 

Friday, January 13, 2017

Defining Records Management Ownership....

Article by http://www.if4it.com/use-a-steering-committee-for-records-management-ownership/


Use a Steering Committee for Records Management Ownership


If you’re a small company or government agency, finding someone to own Records Management (RM) is usually pretty straightforward. However, as enterprises grow and have many different organizations that perform different functions, finding RM ownership becomes less than clear. This is where a Steering Committee should be considered.

Examples of Records Management Ownership Dysfunction

As an enterprise grows, it becomes very unclear who should own and control Records Management.
  • The Legal Organization exists to deal with law and litigation. They certainly have access to RM legislation but they have no insight into where all records may or may not be. Managing RM becomes a distraction from what they were hired for and do best, which is to deal with legislation and contracts.
  • The IT department access to (most) digital data in structured, semi-structured, and raw form but they certainly don’t own the creation of business data or its orchestration for business purposes. They also usually have no part in the control of many different physical records, like paper. IT is usually responsible for enabling other areas of the business and taking direction, in the form of requirements, on how systems should be have and how they should structure, store, move, and retrieve data.
  • Human Resources helps create data about employees and consultants but they have no accountability or insight into or for things like customer or product manufacturing records.
  • Sales has authority for the acquisition and coordination of customer purchases and accounts. However, they know nothing about employees or consultants’ personal data.
  • Auditing and Compliance has a pretty solid understanding of general Governance, Risk Management, and Compliance (GRC) functions and industry regulations that drive certain retention practices. However, they almost never have complete insight into the details of product manufacturing, customers, employees or consultants.
  • Etc.).
It becomes obvious that every major organization (and its leaders) owns a piece of the RM puzzle, big or small, but no one clearly owns or should own the whole puzzle. This starts us down the path of considering a group approach to ownership and accountability for RM.

Fact: Not every enterprise is structured the same way

Records Management Ownership becomes even more convoluted when we realize that so many companies and government agencies are not structured the same way, even within common industries. For example, not all companies have a Chief Operating Officer (COO) or a Chief Information Officer (CIO), although people with other titles in different organizations might own the functions traditionally associated with such roles. In the United States, for example, leadership structures in state-based agencies often vary from state to state.
The structure of different enterprises and the roles perceived as necessary to successfully operate such structures vary for many reasons, such as but not limited to: Size of the enterprise, Industry, and Geography.
In short, because we can’t rely on organizational structures to be and stay constant between enterprises, we cannot make a definitive statement that forces standardization across all enterprises like, “The COO for all companies should own Records Management.
This leaves us with only one conclusion about RM ownership in larger enterprises… When it comes to larger enterprises where functions get separated among many different organizations in a manner where there is no repeatable guarantee of structure from any one enterprise to another, the only conclusion is that multiple organizations must have a stake in ownership and accountability for Records Management.
(Note: Assigning RM ownership and accountability to a single person in a large enterprise will simply fail because almost all other leaders will not report directly into the RM leader and their own professional goals and agendas will conflict with those of the RM leader. That is, until the company gets sued or the government comes knocking on the door.)

Records Management Ownership by Committee

So, if multiple stakeholders need to be involved in Records Management Ownership and there is no one standard place we can put ownership, it is clear that ownership is a floating concept that must be shared across organizations. This means a Committee or, more specifically, a Steering Committee.

The Benefits of a RMSC for Ownership

A Steering Committee allows multiple leaders with significant power and resources to pool such assets together and collaboratively work together to solve any and all RM-related problems. It also has the added benefits of ownership redundancy and peer oversight at a leadership level, which is critical for Records Management Governance (RMG) and the success of other RM-related work efforts.

RM Steering Committee Composition

So, who should participate in this RMSC? At a minimum, your RMSC should be composed of the following stakeholders…
  • The head of your Legal Department (or an acceptable delegate),
  • The head of your Human Resources Department (or an acceptable delegate),
  • The head of your Financial Department (or an acceptable delegate),
  • The head of your Audit and Compliance Department (or an acceptable delegate),
  • The head of your Information Technology (IT) or Information Systems (IS) Department (or an acceptable delegate).
NOTE: Acceptable Delegates are discussed later.
In addition to the above, it is recommended that you include at least one member (or an acceptable delegate) from every area that creates “records sensitive data”. For example, if your Marketing & Sales organization generates customer data that needs to be a part of your RM program, the head of Marketing & Sales (or an acceptable delegate) should sit on the Steering Committee.
Also, your industry will dictate other members of your Steering Committee. For example, if you are an insurance company and you process claims, your head of Claims Management (or an acceptable delegate) should sit on the committee. If you are a Pharmaceutical company and you create Clinical Trial Data, the head of Clinical Trials (or an acceptable delegate) should have a stake in the committee.
Identifying which records are important enough to drive who has a seat the table is a bit of a chicken-and-egg problem because you have to identify and prioritize all Record Types before you can be sure you have the proper representation but you can’t prioritize what Record Types are most important without approval from the appropriate leadership authorities. If you have to, start slow. Pick a few Record Types that you feel are most obvious for your RM program, get those leaders onto the RM Steering Committee so that you have a few of the key/core members on board, and then use their leadership clout to make further decisions about who else should be brought (sometimes dragged) on board.

The criteria for “Acceptable Delegates”

There is a very undesirable trait associated with being given responsibilities for any RM program. It is the reality that people will have to sign their names to documents that could come back to haunt them or the enterprise, legally, at a later time. For this reason, many of the highest leaders will often assign a delegate to a role that requires such accountability. If this is the case in your enterprise, you should ensure that the delegate understands he or she is working on behalf of his or her leader and that the work should be taken very seriously because of the accountability with the role.
Also, it’s important to ensure that whoever the delegate is also has decision and signature authority on behalf of his or her leader. This reduces the logistical overhead of the delegate having to go back to his or her leader, every time, to explain and discuss what has already been explained and discussed at the RM Steering Committee table.

Primary Responsibilities of the Records Management Steering Committee (RMSC)

With the exceptions of magnitude and scale of the work, the responsibilities of the RMSC, as a whole, should be no different than the responsibilities of a single individual, in a smaller company. For example, the following functions still hold true:
  • The identification of Record Types
  • The identification and approval of Record Type Owners and Record Instance Owners (where applicable).
  • The prioritization of Record Types.
  • Managing the higher-level command, control and communications of dispositions and locations of Record Instances.
  • Driving the data collection and management for all Record Types.
  • The processes associated with Record Life Cycles (e.g. Creation, Storage, Access, Modification, Destruction, etc.)
  • Establishing and driving enterprise-wide Records Management communication and education.
  • Continuous direction on the current state and future state of the Records Management Program.
  • Ensuring that RM programs get prioritized and funded in the overall portfolio of enterprise programs.
  • Setting up lower level RM working groups and providing them with sponsorship, direction, and funding support.
  • Understanding and facilitating Records-related issues for ongoing audits and litigation.
  • Create and present relevant RM-related reports to the Board of Executives (BoE) or other equivalent leadership entities.
  • Etc.
It should be apparent that the above functions will grow in complexity, time, and cost as more people get added to the committee and as more systems and processes become part of the broader RM solution. Unfortunately, this is something all enterprises deal with and accept.

Frequency of Meetings

There is no documented standard for the frequency of RM Steering Committee meetings. It is logical that, for most enterprises, the less the committee meets and works together the less it will accomplished and the more Records Management will drop as a priority for the enterprise.
Meeting once a week might be too much but meeting twice a year is clearly far too little.

RM Steering Committee Leadership

There is no rule that one person should always chair the RM Steering Committee. It is ok to have revolving leadership. However, the gravity of leading the RM Steering Committee should be made clear to all committee stakeholders and leaders.

RM Steering Committee Administration and Logistics

Like all committees, your RM Steering Committee will generate significant RM-related materials and work. You’ll have to ensure that the right people are assigned to the RMSC to help with things like meeting notes/minutes, documenting issues, work, and decisions, preparing stakeholder communications, etc.

RM Steering Committee Knowledge Repository and Library

Your RMSC will need a place to store all documentation and media it receives and generates. Consider an appropriate location for your RMSC knowledge repository and library. Also consider breaking it into different segments like:
  • Work Not Started
  • Work in Progress
  • Work Completed
  • Materials Published for General Consumption and Use

Steering Committee Reuse

It is important to understand that Records Management is only one of multiple important efforts going on in any enterprise. It’s also important to understand that many of the leaders that sit on the RM Steering Committee will be required to sit on the Steering Committees of other efforts and programs. For this reason, consider merging your RM Steering Committee with other similar significant efforts. One very viable area for merging with is Governance, Risk, and Compliance (GRC), which has many similarities and overlaps with work performed in Records Management and which will be discussed, in more detail, in a future article.
Merging Steering Committees has the benefits of making your leaders more efficient because they have less meetings to attend, keeps them more engaged because they’re not rehashing the same topics in different meetings, and gives the Steering Committee far more authority and control to get significant work accomplished.

Conclusions

  • Not having an owner for Records Management is not an option.
  • As an enterprise grows, who should own RM gets cloudy for multiple reasons.
  • As an enterprise grows, establishing a Steering Committee for Records Management Ownership becomes a viable option.
  • The RM Steering Committee should be composed of stakeholders from multiple organizations that either create critical Records or have a significant hand in their handling.
  • RM Steering Committee members should have decision and signature authority.
  • RM Steering Committee members should have the power to influence the portfolio of programs and secure funding.
  • The RM Steering Committee’s responsibilities should be made clear to all stakeholders and its functions and progress should be communicated to the entire organization, regularly.
  • Leadership can be constant or rotating.
  • Frequency of meetings should be high enough to maintain regular progress.
  • Consider merging your RM Steering Committee with other Steering Committees to be consider of each members’ time and responsibilities and to achieve economies of scale, throughout your enterprise.

Tuesday, October 11, 2016

Understanding your organization for good record keeping practices

Dear all...

It is crucial to do business process analysis prior to implementing a good record keeping practices or embarking on it. As such, will determine the gaps, the loopholes, for record management implementation.

Image result for business process analysis imagesMany organizations exist because there is a need to be established, for higher objectives and vision not for the purpose of records management establishment. This is based on the nature and direction of the organizations themselves. Records management comes into the picture because organizations needs to proof that they exist, manage its transactions and ensuring accountability and responsibility based on the scope of work and functional requirement of each department. Without which, the high order of vision, mission and objectives of the organization cannot be documented and properly kept for track records or future use.

Image result for business process analysis imagesThus, it is undoubtedly important that records management or record keeping practices must be in place to bear the task of keeping track of the achievement, progress and development of an organization. A sound and proper running of an organization must have proper record keeping practice. It ensures accountability, increasing the organizational image, maintaining trustworthiness of the organization and its staffs thus allowing for organization to grow and flourish further.

To do that, proper record keeping practices must be in place. Hence, a study or business process analysis must be made to understand how organization works before implementing records management properly. At any instance, once an organization is set up, it has in some manner a record keeping practices, however though, it depends on the organization whether they have a professional staff having background in records management to establish records management policy and procedures to be used in daily transactions. Should they have it, then the organization is in its right track. On the other hand, in most cases, many organizations do not have it, and they manage their files as it is (Alwi, 2016).

Image result for business process analysis images

To establish a record management practices, one must be able to understand and collect information as part of business process analysis, the followings:  
  1. How organization works?
  2. Scope and nature of operations.
  3. Demarcation line of authority.
  4. Identify the type and scope of transactions.
  5. Understand the workflow and standard operating procedures of transactions.
  6. Define the relationship between one transaction with another.
  7. Understand the segregation of works, inter-department as well as intra-department department transactions.
  8. Current work practices used.
  9. Work processes and workflows.
  10. List out activities and transactions.
Business process analysis (BPA) is critical in order to investigate business system, taking holistic view of the organization. This includes examining elements of the organizational structures, staff development, current processes and IT system in placed. 

BPA is also meant to evaluate actions to improve the operation of business system, as well documenting the business requirement for system support using appropriate documentation standards.

The core business analyst roles could be defined as an internal consultancy role that has responsibility for investigating business situations, identifying and evaluating options for improving business systems, defining requirement and ensuring effective use of information system (records management) in meeting the need of business.

In this manner, records management is is an integral part of business system which ensures the success and achievement of business operation in term of efficiency and economy of work process and business practices.  To do so, business analyst or records management specialist must be able to focus on understanding the needs of the business/organization as a whole, its strategic direction, and identifying initiatives that will allow a business to meet those strategic goals. It also includes;

It also includes:
  • Creating and maintaining the business architecture
  • Conducting feasibility studies
  • Identifying new business opportunities
  • Scoping and defining new business opportunities
  • Preparing the business case
  • Conducting the initial risk assessment

Ultimately, business analysis/records management specialist wants to achieve the following outcomes:
  • Create solutions
  • Give enough tools for robust record keeping practices
  • Improve efficiency and reduce waste of resources
  • Provide essential documentation, like requirements document, project initiation documents and others.
  • develop file plan structure for document control.


Reference:

Kathleen B Hass, Richard Vander Horst, Kimi Ziemski (2008). From Analyst to Leader: Elevating the Role of the Business Analyst Management Concepts, 2008. ISBN 1-56726-213-9. p94: "As the discipline of business analysis becomes professionalized"

"Business Analysis Body of Knowledge v2.0" (PDF). IIBA. Retrieved 2012-08-26.

Thursday, October 6, 2016

Smart partnership

Dear all...

Image result for collaboration imagesYesterday,  6th of October 2016 marked a historic moment for Faculty of Information Management, Universiti Teknologi MARA, Puncak Perdana Campus and D.G.KOM Sdn Bhd - a local software provider company specializing in electronic records management system (ERMS), where a memorandum of understanding was signed by both parties to officially launch mutual and win-win cooperation and collaboration in records management activities.

Displaying IMG_5901.JPGThe collaboration and understanding includes cooperation in joint research and development in electronic records management system development, shared and exchanges of expertise, advocacy of records management professional and discipline in Malaysia as well as industrial placement for internship for graduates of records management program of Faculty of Information Management. Through the MOU, the industry (D.G.KOM Sdn Bhd) has agreed in sponsoring and installing ERMS software application known as DGFlo for the faculty, providing 100 user license for DGFlo software, 2 set of servers and Cloud computing capability for storage in the ERMS Smart Lab at Faculty of Information Management at UiTM.
Image result for collaboration images
Such initiative is a hallmark of smart partnership and truly a strategic undertakings between UiTM as the only university in Malaysia that solely provides a degree in records management to students with D.G.KOM Sdn Bhd. an ERMS software developer and provider.  

Why collaboration?

Image result for collaboration imagesThe global ICT trends that dynamically evolves from time to time and the limitation of budget, resources and experts in developing the highly customized ERMS software suitable and fulfilled the functional requirement of ERMS has paved the way for industry-institution collaboration and smart partnership in this case is between UiTM and D.G.KOM Sdn Bhd. Due to the fact that, industry is more dynamic in responding to market demands and full exposure of project implementation has created for such smart partnership and collaboration. UiTM (Faculty of Information Management) on the other hand is the only educational provider in the country for graduates and professionals in records management discipline has made the matching of industry-institution collaboration and reality.

Displaying IMG_5906.JPGThis collaboration will open up for greater cooperation between two organization for the benefit of the nation and society which is in line with the government of Malaysia's aspirations towards electronic service delivery and the e-government flagship in the country. A shared and mutual understanding for research and development, shared expertise, shared efforts towards achieving full flagship of e-government initiative could be achieved.

Displaying IMG_5896.JPGIt is a hope that this collaboration and smart partnership will be beneficial to both parties and dynamically heightened the records and electronic records management discipline in Malaysia.



Wednesday, September 21, 2016

Records is an "Internet of things"....

Dear all...

Image result for internet of things imagesI had had a very lightly and meaningful conversation and discussion with my a good friend of mine today. Rarely did he so energize in giving details and pointing out his argument however this afternoon was a lot different. We talked about a lot of things and issues pertaining to records.

"We have a lot to consume when it comes to information today....more than before did we immense ourselves in abundance of information and data" he said. 'In fact, our intelligence is challenged so much than before to absorb and filter so much information...." he further said.

"I agreed.....it is internet of things" I nodded.

"Yes..it is internet of things....a dynamic nature of constant data creation and data collection 24 hours and 365 days.....we cannot simply ignore it. Just imagine a scientist or so called a bio-marine expert, would like to study the extinction of green turtle in the ocean of today....to understand the life of the green turtle, the scientist must collect enough information which is derived from a lot of data from different channels and sources, up to the extent that the scientist must be able to track the movement on the migration activities of the turtle in order to understand the life of a green turtle. Otherwise, the scientist would not be able to understand the life environment of the green turtle." he explained to me.

"To do so, the scientist must use current technologies to help in collecting the data.....so much so a satellite and GPS based tracking system must be attached to the green turtle as subject of research.....by that, the data movement of the green turtle, location of its hunting or eating supply of its food, location of ocean, the temperature of the ocean, time and space by which it is moving from one place to another could be derived......these data are collected and feed to the database on daily basis...it is huge amount of data and it is kept in the repository of database. Later on, the scientist will need to analyze the data, prepare a report and summary of the data. To do so, the data must be categorized, classified and analyzed accordingly." he further explained to me.

"Hurmm...you are talking about a subject or a particular specied (marine species now in the realm of extinction) and how massive is the data collected throughout a specific time for the purpose of the research so that certain conclusion could be made huh! Later on, based on that findings would be derived from there" I responded to him.

"Yes...you got my point" he responded.

"The data you were mentioning just now is raw data.....then when it is categorized and classified it becomes information, the report as a result of the analysis made is now a record?" I said to him.

"Not only that...the collected data is big data, the analysis made to the data is already a record......where during the years of collecting that, it has created a lot of and massive information which is now becomes a records...the information in its single form is kept in a document whether it is soft copy or printed copy.....finally the records is used and referred to by other scientist for maybe some other research or purposes." He further explained to me.

"So tell me, if you have the data, but there is no analysis, no classification and categorization to the data....do you think normal people like us will understand that data?" he asked me.

"Of course I don't understand because the data needs analysis from the expert in the field....not me. I am not the expert to gauge conclusion from the data. I could only understand the report derived from the data." I said to him.

"Then, the whole things I am saying is about internet of things - massive data collected in one kind of field - in this case is bio marine research on the life of green turtle which is about to extinct to day - and it is closely related to records management." he reiterated again.

"I do understand....." I said calmly.

----------------------------------------------------------------------------------------------

Image result for internet of things imagesThe above statements are part of the conversation between me and my friends when somebody mentions that "the trend today is on document management system not records management".

The conversation is the analogy and explanation towards the importance of records in relation to internet of things-big data, dynamic and consistent data derived for various purposes.

to be continued.........


Monday, December 21, 2015

Knowledge asset is record....

Dear blog readers

Previously, I posted a discussion on the need of KM (Knowledge Management) for records management...it received overwhelming comments and reads. Thanks for patiently reading my blog post...

I would like also to welcome positive comments from you people with regard to my postings. Please do so voluntarily.

Today, I am discussing on the other perspective of records...

Top management discusses and makes decision on specific issues relating to organizational works and problems. These decisions are taken and contain policies and critical information including the processes and justifications on why such and such decisions are made....

The justifications are reasons derived and made in response to specific problems occur within organizational settings. The purpose of these decisions made is to ensure organizational works and targets are achieved. Works can progress, projects and programs can run smoothly. 

To arrive to such decisions, there are processes undertaken. Information and reports are derived and verified, checking on the problems and issues are made which resulted in different results and feedback. These consequently create enormous amount of information which is meaningful and containing lesson learnt, best practices, past mistakes and could possibly created a repository of knowledge within organization.

The reports, feedback, justifications are all recorded and documented in such a way it can be referred back. These recordings require effective and efficient record keeping system. Once it is done, the records themselves are considered having value by itself that serve the purpose of the organization. These are all knowledge assets. Tapping these knowledge assets is critical for the success of KM implementation. 

Embarking KM without considering knowledge assets is useless. Recognizing  knowledge assets in organization are primary aspect in any KM initiatives. Employees could learn, unlearn and relearn of the decisions, impacts, feedback from previous initiatives as lesson learnt, best practices and past mistakes (that should not be repeated) while sharing it with others.

Ignoring efficient and effective records keeping system will lead to information disaster. Knowledge assets are difficult to recognize. Knowledge is then scattered everywhere. The rate of success for KM implementation is beyond achievable target. Actions and deliverable cannot be achieved without previous reference to information and knowledge. 

Hence, knowledge must be captured. The capturing process takes place in the form of recorded information and knowledge. It is then classified and categorized according to its specific subject and kept in the repository or knowledge portal in paper format or electronic format. This is called as explicit knowledge, a process by which knowledge is documented and recorded and conversion of tacit knowledge into explicit knowledge so that it useful, shareable and preserve for longer period of time. To encourage sharing and use, the records (knowledge assets/explicit knowledge) must be readily available to all and easily accessible through online portal.  


The above discussion indicates that, KM needs records more than records need KM. 

Ponder over these;


  1. How sharing could take place if the substance (knowledge and information) is not around?
  2. How organization could capitalize on its strength if they do not possess what they have (knowledge and information in recorded information)
  3. How organization could leverage on future and current knowledge if the past knowledge is not captured?

Saturday, December 19, 2015

Knowledge management without records....

Dear all...

I was invigilating masters student in information management yesterday. Though I did not teach them, I am pretty much close to the subject they were taking.......years back, I happened to be involved in the development of one of the subject, Knowledge Management. Yesterday the final examination subject is on Epistemology of Information Management. I looked through the questionnaire and have the chance of browsing through the whole set of questions. One of the question asked about the identification of the knowledge assets in the knowledge management (KM) implementation. 

I was intrigued by the question in the question paper while invigilating the students, my mind kept working......

Here is some input that I want to share with my blog readers....  

Image result for knowledge assets imagesTapping the knowledge which comprises of skills, experiences, methods and approaches, lesson learnt, mistakes and others requires information professionals to look at two distinct categories of source of knowledge in the form of tacit and explicit knowledge. The so called tacit knowledge can only be useful when it is converted to explicit knowledge and later readily available, can be derived and referred to by others. It is where the explicit knowledge may contains past decision makings or actions taken or reported development of a project or initiatives made by a team, organization or a department through different phases of development.

Tacit knowledge can be very much meaningful when it is transformed or converted and put into proper documentation, and recorded in any possible form. Through textual documentation, the tacit knowledge can now be referred to, lesson learnt can be derived as well by users, people or other team members working on a particular project or program.

The converted tacit knowledge is now residing in organizational database or knowledge portal or maybe recorded and kept in a file. It exists everywhere, referred to anytime by anybody necessarily.

These are records or an organization or a corporate memory of an institution.

Ironically, without records, tacit knowledge will be gone. It is literally not documented and resided in the mind of the people. Though useful, it is not meaningful.

The development of knowledge management depended heavily on the practices of information management which in particular the management of records in an organization. Institution embarking on knowledge management initiatives must look at the vast potential of records management as the source of explicit knowledge of an organization - corporate memory.

What happen if tacit knowledge is not captured? Not converted into recorded information? Not documented properly and kept in a central repository? Initially, organization will lose its huge potential of years of experience and high cost of investment in training cost, staffs involvement in critical projects, success stories, lesson learnt and past mistakes which can be avoidable if project teams took a lesson learnt from it.

Image result for knowledge assets imagesEffective records keeping or records management will help organization to leverage and capitalize on its own internal knowledge. Past actions would help decision/policy makers to make decision more effectively and efficiently. Mistakes and high risk of monetary or non monetary may be avoidable if project teams learn from the past actions derived from reports, previous project undertakings, decisions made.

Success stories could also be captured, shared and routed electronically when the stories are captured in whatever ways possible. New staffs or existing staffs could learn from the success stories which may inspire them to achieve organizational targets and objectives. Organization may also repeat the success or crafting better success or achieving higher objectives and targets. The lesson learnt from the failure or mistakes made in the course of initiating projects previously will secure organization from repeating the same mistake. This ensures higher success rates alternately reducing project losses financially.

Least to say, without records management which we can tap into knowledge assets, knowledge management would not working. KM success is highly dependable on the effective and efficient record keeping in organization. It is where the knowledge assets are derived from. Having proper documentation, recorded transactions, decisions makings, evidence of past actions and later classify it properly in a manner that it is easily retrievable and searchable using proper taxonomy will make knowledge assets more meaningful to organizations. (Please refer to SECI Model by Nonaka)




Sunday, November 29, 2015

Understanding records management

Dear all readers

  1. Are you working now?
  2. Are you tasked with specific scope?
  3. Are you involved in audit process? Are you answerable to audit team?
  4. In your task, do you need to prepare report? Daily? Weekly? Monthly? Quarterly? Yearly?
  5. Do you need to refer to previous report for confirmation? 
  6. Do you know where are the record to refer to? 
  7. Which file? 
  8. Anyone holds that file? 
  9. Is the file missing? 
  10. Can you find the file?


The above are some of the questions for you to ask yourself from time to time in the course of performing your work. Should your answer is yes to some of the questions, it is time to look for records.

It is also time for you to look into current practices of record keeping if the answer is yes and no for question number 5-10.

Records are the last thing one would be thinking in work operation. Most of the time, it is ignored, it is not given due attention. This is a lackluster attitude among employees and top management (most of the cases). It is only needed most when there is an audit in progress or any cases as a result of litigation or judicial inquiry. In most cases, records is "managed" just enough. No serious undertakings from person in charge for proper record keeping. Records manager or records officer is consulted when only there is problem, otherwise, they are not.

Hence, record keeping is seen and deemed as 'supportive" to current operation. This state of ignorance results in record keeping as not due all the time.

Think about it.....

What is your role as record professionals to change such perceptions and views?
What could you do to make change?
How are you going to recognize that records is the backbone of any organizational operation?
How are you going to tell your top management of the critical role of proper records keeping?

Most important of all, how can you change the current perception that proper record keeping is considered secondary while the fact that everybody needs records rather than records need them. 

Thursday, November 5, 2015

My organization is jammed....

Dear all...


One fine day, i received an email. Somebody who happened to be my former student sent me an email. The email stated like this;




Stacks of Veterans Affairs claim folders overtake a regional office in Winston-Salem, N.C. These photos were included in a 2012 report from the Veterans Affairs Office of Inspector General. (Somewhere in USA not in Malaysia)


"Dear sir, How are you? I am now working with one academic institution at the northern state in Peninsular Malaysia. I am now in charge of the records in this organization. However though, I have an uphill task of managing all those paper records. Space is scarce and I have nowhere to store the records. Could you please shed some opinion on how I could go about it? Can I just dispose off all records so that I can save some space for other records? Or is there any modern equipment to be installed so that the current space can accommodate more? Please advise, thanks".....


I read through with amusement. I recalled last time when I was called for a talk by the same organization, and had a fruitful discussion with a few top persons in that organization, the problems had been resolved. During which I believe, at that time, my former student who sent me this email has yet worked there. The incident was much earlier then.


When receiving this email, now I realize that, those compounding problems are far from solved. It surprises me a bit. I could just imagine how much backlogs now then before. Surely they are struggling to keep all records. When asked previously, they said they do not have budget to have new space built for it or allocate for and even to engage offsite storage providers.


That is the problem now and before. I look at it as a disaster... a record disaster. Everything is jammed. Backlogs are there, and organization cannot operate efficiently and effectively. Everything seem to be slowing down...I mean the operation of organization. Access and reference is difficult to be done. I could just imagine, stack of records are everywhere in that organization. I think I read somewhere of similar problems somewhere. if I am not mistaken there is an interesting article named "MY ORGANIZATION IS JAMMED.....".


Hence, after sometime, and after giving some thoughts, I managed to reply the email. I said to him;



"In your situation, which I do really understand that it has been for sometime, and you are employed to deal and manage it. I understand your constrains. The space is there, it is full now. If you installed moving rack, similar problem will occur in near future. It is just temporary. What you can do now is....get your top management certain budget. It must be done, otherwise, the problems will still be there and haunting you. It is like a ghost....a nightmare to you, especially when you are tasked and entrusted to deal with it. You can dispose off the records after appraisal process, and prior to disposal, you could do digitization. All the records must be digitized. Once done, dispose off all records necessarily as well as preserve records deemed of having continuing value...I can guide on that.




When doing digitization, be careful, it is not mere digitization...you have to prepare for the digitized materials to be stored digitally and electronically....so that it could be accessed, referred to later. With that, you need some investment; peripherals, and software. You can use locally developed software by one local company, their software has received endorsement from the National Archive of Malaysia, and compliance with the functional requirement of electronic records management and MS2223 Part 1&2 as well as ISO 16175 and 15489....no worry about it. Their software are also used in more than 31 government agencies as for now with more than 20,000 users in the Federal Government of Malaysia (as far as I am concerned).....for your information, I also use their software for teaching and learning purposes at my ERMS lab...my student are exposed to this electronic records management software when I teach them electronic records management subject...."


That is my answer to him. I gave him a contact number to that company so that he can make arrangement with them.






Soon after, I received a reply email from him; "Thank you sir....I am considering to use the software and to do digitization to the records at my holdings....please advise me on that later. I will keep in touch with you sir"


I believe my answer is such a relieve to him now. I hope his backlogs will soon disappear and the 'records disaster' will be gone. That is records.....if we ignore them now, later it will haunt us all. It must be managed right from the very beginning.

Sunday, November 1, 2015

Jenayah siber dan kecurian maklumat dan rekod secara maya...BERNAMA Isnin 2 November

http://www.bernama.com/bernama/v8/bm/ge/newsgeneral.php?id=1183654


AM › BERITA


undefined




Membendung Kecurian Rekod Elektronik

Oleh Mohd Hisham Abdul Rafar

KUALA LUMPUR, 26 Okt (Bernama) -- Melindungi data dalam talian daripada sebarang ancaman keselamatan adalah satu tugas mencabar bagi kebanyakan organisasi, namun golongan pakar berpendapat bahawa pengurusan rekod dan maklumat yang efisyen boleh mencegah serta membendung kecurian rekod dan maklumat elektronik.

Sesebuah organisasi tidak boleh memandang remeh terhadap isu keselamatan siber, malah sepatutnya diperlengkap dengan pelan tindakan bencana yang merangkumi polisi keselamatan rekod elektronik bagi membendung berlakunya kecurian rekod, kata Dekan Fakulti Pengurusan Maklumat Universiti Teknologi MARA (UiTM) Kampus Puncak Perdana, Prof Madya Dr Mohd Sazili Shahibi.

"Organisasi perlu membuat risikan awal terhadap ancaman-ancaman penjenayah siber dan menyediakan satu pelan tindakan efektif untuk melindungi data dan rekod elektronik. Kepakaran mereka yang mahir dalam teknologi maklumat amat diperlukan," katanya kepada Bernama.

Kepakaran profesional teknologi maklumat (IT) perlu bukan sahaja untuk melindungi rekod dan maklumat elektronik malah mereka mempunyai kesedaran dan kebertanggungjawaban yang tinggi mengenai keperluan melindungi rekod-rekod dan maklumat berkenaan.

Mengulas lanjut, beliau berkata pada masa kini, hampir semua organisasi banyak bergantung kepada maklumat secara elektronik, justeru cabaran menguruskannya adalah berbeza daripada cara konvensional yang digunakan pada masa lalu.

MELINDUNGI REKOD DALAM TALIAN,/b>

Pensyarah kanan fakulti sama, Alwi Mohd Yunus berkata sebarang kebocoran maklumat atau kecurian data boleh memberi kesan buruk kepada mana-mana syarikat, organisasi malah negara.

"Ia boleh menyebabkan berlakunya peras ugut dan pemerasan kewangan, kehilangan aset, penghinaan terbuka dan merosakkan kredibiliti," kata beliau dan menambah kata bahawa penjagaan rekod sulit adalah kritikal bagi mengelakkan berlakunya penipuan dan kecurian identiti atau maklumat.

Beliau berkata ancaman keselamatan siber boleh ditangani melalui peningkatan sistem kawalan akses fizikal dan logikal serta pengawasan yang berterusan.

Menurut seorang lagi pensyarah kanan di fakulti sama, Dr Azman Mat Isa, satu daripada cabaran terbesar yang dihadapi organisasi adalah memastikan tidak berlaku pertindihan rekod-rekod dalam talian.

"Hakikatnya, pemalsuan dokumen atau rekod elektronik boleh dilakukan oleh pakar teknologi maklumat dengan menggunakan teknologi sofistikated. Justeru, keadaan ini memberi cabaran hebat dalam menentukan ketulenannya," katanya kepada Bernama.

Nombor fail sahaja, kata beliau tidak memberi jaminan ketulenan sesuatu rekod memandangkan kecanggihan perisian dan perkakasan teknologi maklumat hari ini mampu menghasilkan dokumen yang sama dengan dokumen asli.

Namun, ketulenan dokumen atau rekod elektronik sama ada dalam talian dan perisian elektronik boleh dipastikan melalui metadata iaitu dengan menilai data yang tersirat di sebalik dokumen atau rekod elektronik.

"Metadata meliputi nama orang yang menghasilkan atau komputer yang digunakan, tarikh dan masa dokumen atau rekod berkenaan dihasilkan. Data ini dicerap secara automatik oleh sistem komputer," jelas beliau.

SABOTAJ

Sementara itu, Mohd Sazili juga mengingatkan bahawa organisasi-organisasi perlu mengamalkan aspek-aspek pengurusan rekod dan maklumat sebenar, kerana akses terhadap rekod-rekod elektronik tidak boleh diberi sewenang-wenangnya kepada semua petugas.

Tegas beliau, kecurian rekod dan maklumat elektronik boleh berlaku bukan sahaja daripada tindakan sabotaj pihak luar, sebaliknya berpunca daripada pihak dalaman organisasi sendiri.

"Sepatutnya hanya individu-individu tertentu sahaja yang diberikan akses penuh terhadap rekod-rekod elektronik," kata beliau.

Mohd Sazili menasihatkan pihak organisasi agar selalu membuat penilaian risiko bagi rekod-rekod elektronik dari semasa ke semasa sebagai langkah persediaan menghadapi sebarang ancaman elektronik.

"Kita perlu ingat bahawa risiko terhadap rekod elektronik ini sentiasa berubah-ubah mengikut keadaan semasa.

Pada 2 Okt lepas, Menteri di Jabatan Perdana Menteri Nancy Shukri dilaporkan berkata bahawa kerajaan sedang menimbang untuk memperketatkan lagi undang-undang siber sedia ada berikutan terdapatnya tindakan-tindakan membabitkan jenayah siber yang menjadi-jadi ketika ini sehingga boleh menjejaskan keselamatan negara.

-- BERNAMA







Kami menyediakan langganan
berita melalui perkhidmatan 
Newswire .