SharePoint Records Management & Compliance Update

As was reported back in May, Microsoft (with the help of Applied Information Sciences) received the U.S. Department of Defense (DoD) 5015.2 stamp of approval for their SharePoint/MOSS records management solution -- meaning that the fledgling Enterprise Content Management platform has taken one more step into the broader ECM ring.

The certification by the DoD greatly increases the value of MOSS 2007 as a platform, and now even more questions have been addressed.

For those new to the topic, the DoD 5015.2 Standard is managed by the (take a deep breath) Joint Interoperability Test Command of the United States Department of Defense, or JITC for those with less lung capacity. It is the de facto records management standard in North America, defining the basic requirements that must be met by records management applications acquired by the Department of Defense and its components based on operational, legislative and legal needs.

The standard often sets the bar for records management applications in the enterprise content management space.

Of note, Microsoft recently posted a series of practical FAQs on the official MOSS website, which address the importance of certification and what it entails.

Perhaps most importantly, the FAQ addressed the question of when the Records Management Application (RMA) add-on pack -- upon which the records management compliance is dependent -- will be released. The answer: the RMA will be available to customers in the Fall of this year ... to be, er, kind of precise.

Customers who ordered MOSS 2007 will need to install the add-on pack onto their Office SharePoint Server. Microsoft recommends that customers contact a sale representation to acquire the pack and strongly encourages users to use a partner to implement the pack. Furthermore, users who install the add-on pack with a licensed copy of Office SharePoint Server 2007 will be eligible for support.

Inevitably, some changes to the platform were made in order to meet compliance. These changes will be officially announced once the add-on pack is available. In their initial press release, Microsoft referenced the integrated capabilities that would be offered in regard to records management and compliance. They included:

• Information management and retention: organizations can control the way content is managed to enforce compliance with corporate, legal or governmental policies.
• The Records Center site template: organizations can implement their records management and retention programs with extended standard Office SharePoint Server 2007 features like vault abilities, records routing, information management policy enforcement, and the ability to add records that are subject to litigation or investigations to a hold list.
• eDiscovery: organizations can streamline the process of document retrieval with integrated search and the placing of records on hold that are subject to litigation or investigation.
• Information Rights Management (IRM): organizations can limit the actions that users can take on files that have been downloaded from SharePoint lists or libraries.

In addition to the new and updated features the forthcoming release is likely to bring, it will also encourage GRC managers to learn more about SharePoint 2007 and understand and appreciate the prospect of good record management practices that can be implemented on the platform.

3 Reader Comments

Leave a Response