Article by http://www.if4it.com/use-a-steering-committee-for-records-management-ownership/
Use a Steering Committee for Records Management Ownership
If you’re a small company or government agency, finding someone to own Records Management (RM) is usually pretty straightforward. However, as enterprises grow and have many different organizations that perform different functions, finding RM ownership becomes less than clear. This is where a Steering Committee should be considered.
Examples of Records Management Ownership Dysfunction
As an enterprise grows, it becomes very unclear who should own and control Records Management.
- The Legal Organization exists to deal with law and litigation. They certainly have access to RM legislation but they have no insight into where all records may or may not be. Managing RM becomes a distraction from what they were hired for and do best, which is to deal with legislation and contracts.
- The IT department access to (most) digital data in structured, semi-structured, and raw form but they certainly don’t own the creation of business data or its orchestration for business purposes. They also usually have no part in the control of many different physical records, like paper. IT is usually responsible for enabling other areas of the business and taking direction, in the form of requirements, on how systems should be have and how they should structure, store, move, and retrieve data.
- Human Resources helps create data about employees and consultants but they have no accountability or insight into or for things like customer or product manufacturing records.
- Sales has authority for the acquisition and coordination of customer purchases and accounts. However, they know nothing about employees or consultants’ personal data.
- Auditing and Compliance has a pretty solid understanding of general Governance, Risk Management, and Compliance (GRC) functions and industry regulations that drive certain retention practices. However, they almost never have complete insight into the details of product manufacturing, customers, employees or consultants.
- Etc.).
It becomes obvious that every major organization (and its leaders) owns a piece of the RM puzzle, big or small, but no one clearly owns or should own the whole puzzle. This starts us down the path of considering a group approach to ownership and accountability for RM.
Fact: Not every enterprise is structured the same way
Records Management Ownership becomes even more convoluted when we realize that so many companies and government agencies are not structured the same way, even within common industries. For example, not all companies have a Chief Operating Officer (COO) or a Chief Information Officer (CIO), although people with other titles in different organizations might own the functions traditionally associated with such roles. In the United States, for example, leadership structures in state-based agencies often vary from state to state.
The structure of different enterprises and the roles perceived as necessary to successfully operate such structures vary for many reasons, such as but not limited to: Size of the enterprise, Industry, and Geography.
In short, because we can’t rely on organizational structures to be and stay constant between enterprises, we cannot make a definitive statement that forces standardization across all enterprises like, “The COO for all companies should own Records Management.”
This leaves us with only one conclusion about RM ownership in larger enterprises… When it comes to larger enterprises where functions get separated among many different organizations in a manner where there is no repeatable guarantee of structure from any one enterprise to another, the only conclusion is that multiple organizations must have a stake in ownership and accountability for Records Management.
(Note: Assigning RM ownership and accountability to a single person in a large enterprise will simply fail because almost all other leaders will not report directly into the RM leader and their own professional goals and agendas will conflict with those of the RM leader. That is, until the company gets sued or the government comes knocking on the door.)
Records Management Ownership by Committee
So, if multiple stakeholders need to be involved in Records Management Ownership and there is no one standard place we can put ownership, it is clear that ownership is a floating concept that must be shared across organizations. This means a Committee or, more specifically, a Steering Committee.
The Benefits of a RMSC for Ownership
A Steering Committee allows multiple leaders with significant power and resources to pool such assets together and collaboratively work together to solve any and all RM-related problems. It also has the added benefits of ownership redundancy and peer oversight at a leadership level, which is critical for Records Management Governance (RMG) and the success of other RM-related work efforts.
RM Steering Committee Composition
So, who should participate in this RMSC? At a minimum, your RMSC should be composed of the following stakeholders…
- The head of your Legal Department (or an acceptable delegate),
- The head of your Human Resources Department (or an acceptable delegate),
- The head of your Financial Department (or an acceptable delegate),
- The head of your Audit and Compliance Department (or an acceptable delegate),
- The head of your Information Technology (IT) or Information Systems (IS) Department (or an acceptable delegate).
NOTE: Acceptable Delegates are discussed later.
In addition to the above, it is recommended that you include at least one member (or an acceptable delegate) from every area that creates “records sensitive data”. For example, if your Marketing & Sales organization generates customer data that needs to be a part of your RM program, the head of Marketing & Sales (or an acceptable delegate) should sit on the Steering Committee.
Also, your industry will dictate other members of your Steering Committee. For example, if you are an insurance company and you process claims, your head of Claims Management (or an acceptable delegate) should sit on the committee. If you are a Pharmaceutical company and you create Clinical Trial Data, the head of Clinical Trials (or an acceptable delegate) should have a stake in the committee.
Identifying which records are important enough to drive who has a seat the table is a bit of a chicken-and-egg problem because you have to identify and prioritize all Record Types before you can be sure you have the proper representation but you can’t prioritize what Record Types are most important without approval from the appropriate leadership authorities. If you have to, start slow. Pick a few Record Types that you feel are most obvious for your RM program, get those leaders onto the RM Steering Committee so that you have a few of the key/core members on board, and then use their leadership clout to make further decisions about who else should be brought (sometimes dragged) on board.
The criteria for “Acceptable Delegates”
There is a very undesirable trait associated with being given responsibilities for any RM program. It is the reality that people will have to sign their names to documents that could come back to haunt them or the enterprise, legally, at a later time. For this reason, many of the highest leaders will often assign a delegate to a role that requires such accountability. If this is the case in your enterprise, you should ensure that the delegate understands he or she is working on behalf of his or her leader and that the work should be taken very seriously because of the accountability with the role.
Also, it’s important to ensure that whoever the delegate is also has decision and signature authority on behalf of his or her leader. This reduces the logistical overhead of the delegate having to go back to his or her leader, every time, to explain and discuss what has already been explained and discussed at the RM Steering Committee table.
Primary Responsibilities of the Records Management Steering Committee (RMSC)
With the exceptions of magnitude and scale of the work, the responsibilities of the RMSC, as a whole, should be no different than the responsibilities of a single individual, in a smaller company. For example, the following functions still hold true:
- The identification of Record Types
- The identification and approval of Record Type Owners and Record Instance Owners (where applicable).
- The prioritization of Record Types.
- Managing the higher-level command, control and communications of dispositions and locations of Record Instances.
- Driving the data collection and management for all Record Types.
- The processes associated with Record Life Cycles (e.g. Creation, Storage, Access, Modification, Destruction, etc.)
- Establishing and driving enterprise-wide Records Management communication and education.
- Continuous direction on the current state and future state of the Records Management Program.
- Ensuring that RM programs get prioritized and funded in the overall portfolio of enterprise programs.
- Setting up lower level RM working groups and providing them with sponsorship, direction, and funding support.
- Understanding and facilitating Records-related issues for ongoing audits and litigation.
- Create and present relevant RM-related reports to the Board of Executives (BoE) or other equivalent leadership entities.
- Etc.
It should be apparent that the above functions will grow in complexity, time, and cost as more people get added to the committee and as more systems and processes become part of the broader RM solution. Unfortunately, this is something all enterprises deal with and accept.
Frequency of Meetings
There is no documented standard for the frequency of RM Steering Committee meetings. It is logical that, for most enterprises, the less the committee meets and works together the less it will accomplished and the more Records Management will drop as a priority for the enterprise.
Meeting once a week might be too much but meeting twice a year is clearly far too little.
RM Steering Committee Leadership
There is no rule that one person should always chair the RM Steering Committee. It is ok to have revolving leadership. However, the gravity of leading the RM Steering Committee should be made clear to all committee stakeholders and leaders.
RM Steering Committee Administration and Logistics
Like all committees, your RM Steering Committee will generate significant RM-related materials and work. You’ll have to ensure that the right people are assigned to the RMSC to help with things like meeting notes/minutes, documenting issues, work, and decisions, preparing stakeholder communications, etc.
RM Steering Committee Knowledge Repository and Library
Your RMSC will need a place to store all documentation and media it receives and generates. Consider an appropriate location for your RMSC knowledge repository and library. Also consider breaking it into different segments like:
- Work Not Started
- Work in Progress
- Work Completed
- Materials Published for General Consumption and Use
Steering Committee Reuse
It is important to understand that Records Management is only one of multiple important efforts going on in any enterprise. It’s also important to understand that many of the leaders that sit on the RM Steering Committee will be required to sit on the Steering Committees of other efforts and programs. For this reason, consider merging your RM Steering Committee with other similar significant efforts. One very viable area for merging with is Governance, Risk, and Compliance (GRC), which has many similarities and overlaps with work performed in Records Management and which will be discussed, in more detail, in a future article.
Merging Steering Committees has the benefits of making your leaders more efficient because they have less meetings to attend, keeps them more engaged because they’re not rehashing the same topics in different meetings, and gives the Steering Committee far more authority and control to get significant work accomplished.
Conclusions
- Not having an owner for Records Management is not an option.
- As an enterprise grows, who should own RM gets cloudy for multiple reasons.
- As an enterprise grows, establishing a Steering Committee for Records Management Ownership becomes a viable option.
- The RM Steering Committee should be composed of stakeholders from multiple organizations that either create critical Records or have a significant hand in their handling.
- RM Steering Committee members should have decision and signature authority.
- RM Steering Committee members should have the power to influence the portfolio of programs and secure funding.
- The RM Steering Committee’s responsibilities should be made clear to all stakeholders and its functions and progress should be communicated to the entire organization, regularly.
- Leadership can be constant or rotating.
- Frequency of meetings should be high enough to maintain regular progress.
- Consider merging your RM Steering Committee with other Steering Committees to be consider of each members’ time and responsibilities and to achieve economies of scale, throughout your enterprise.