Organizations depend on information to manage day-to-day
operations, comply with regulations, gauge financial performance and monitor
strategic initiatives. This critical information resides in the organization's
business records.
Increasingly, organizations must defend their
recordkeeping practices to regulatory and other oversight organizations and
respond to discovery demands. Excessive discovery costs for records that should
have been disposed, regulatory sanctions against organizations that cannot
produce required documentation or poor business decisions based on incorrect or
incomplete information are all risks that can be managed by effective
information governance processes.
"Compliance measurement is a
critical component we find missing from many records and information management
programs."-Mark Lagodinski, Ernst & Young
ARMA
International's eight GARP principles can help you to establish and monitor an
effective information governance program in your organization.
-
Principle of Accountability: An
organization shall assign a senior executive who will oversee a recordkeeping
program and delegate responsibility to appropriate individuals, adopt policies
and procedures to guide personnel and ensure auditability.
-
Principle of Transparency: The processes and activities of an
organization's recordkeeping program shall be documented in an understandable
manner and be available to all personnel and appropriate interested parties.
-
Principle of Integrity: A recordkeeping program shall be
constructed so the records and information generated or managed by or for the
organization have a reasonable and suitable guarantee of authenticity and
reliability.
-
Principle of Protection: A recordkeeping program shall be
constructed to ensure a reasonable level of protection to records and information
that are private, confidential, privileged, secret or essential to business
continuity.
-
Principle of Compliance: The recordkeeping program shall be
constructed to comply with applicable laws and other binding authorities, as
well as the organization's policies.
-
Principle of Availability: An organization shall maintain
records in a manner that ensures timely, efficient and accurate retrieval of
needed information.
-
Principle of Retention: An organization shall maintain its
records and information for an appropriate time, taking into account legal, regulatory,
fiscal, operational and historical requirements.
-
Principle of Disposition: An organization shall provide
secure and appropriate disposition for records that are no longer required to
be maintained by applicable laws and the organization's policies.
MARILYN BIER is the executive director for ARMA International, a
not-for-profit professional association and the authority on managing
records and information, and oversees the development and implementation
of all headquarter projects. Additional information for each of the GARP
principles is available at www.arma.org/garp.
|