This is the fourth and final day at SharePoint Conference Las Vegas. After a good party last night, it's time to talk risk management in my first session of the day, presented by Paul Olenick: "Reducing Organizational Risk Through Effective Information Management."
- Define it
- Apply it
- Wrap it up
Paul sees information as a living organism: It comes in, it comes out, it grows, it rests. We want to do something with it: react, proact(ive), find, keep safe, relay. We are not just talking about documents, but also of people and other context.
The IT View is policy, metadata and search. Paul follows with a brief description of these terms, which most of the people in the room are probably already familiar with. But he follows his definitions with the following statement, which I agree with: information management is not a list of features. It is more about how we react to data or how we handle access to data.
- React Tools: Metadata
- Proact(ive) Tools: Policy, Metadata, Search
- Find Tools: Search, Metadata
- Keep Safe Tools: Policy, Metadata
- Relay Tools: Metadata
There are some obvious and not so obvious consequences to poor or non-existent information management:
- Audits: Legal, Financial
- Compliance: HIPPA, Affordable care act
- Data security: Permissions, email, print
Not so obvious stuff
- Incorrect processes
- Inability to react
- Frustrated information workers
- Lack of transparency
- Loss of IP,
- Productivity leak,
- Loss of revenue
Some of this probably applies to most organizations, it’s a good reminder of what happens without information management.
Example One: Hidden Risks
SharePoint has some out of the box capabilities that can help in this area. e-Discovery can take snapshots of a lot of data that results from a search query. This can be used when you have a legal audit. This is a very good feature, I think it really gives business value if you have structured data.
There's brief mention of how with the auditing policy on you can create reports on document change, etc.
At this point the presentation got a bit more technical, let's hope Paul keeps it on the business track!
Example 2: Inability to Visualize Data
This example looks at data located in silos outside of SharePoint that are related, but unconnected. By using search crawling, a unique record can be made that could help FAST search to crawl different file servers and relate the data inside and outside of SharePoint. (This is my understanding, I may have described incorrectly as I don't have the technical skills in the area.)
Paul discussed building a foundation for your information management plan. He makes the point here that you shouldn't discuss this with the CIO, but rather talk to the business. It’s very good point for him to make and for people to hear.
- Focus and define high-level business value
- Every thing should have a specific outcome
- Know your audience
- Find consensus and build form there. (Organizational buy-in)
- Identify and quantify risk
- Identify and quantify opportunities
- Determine project scope
- Build your buy-in
Paul suggests watching out for these factors when working on your information management plan:
- Conceptual, not technical
- Fear of impending business
- Fear of automation, this is something I have felt as well, also when discussing integrations.
- Resistance from end-users
- Getting into the weeds
- Failure to gain consensus
- Understand how to quantify risks
In conclusion he makes some good points:
- Stay business focused
- Focus on opportunity and revenue
- Metadata is the fuel to that drives automation and search, surfacing info
- Challenges will be organizational, not technical.
Off to another session; will try to write another article filling in the gaps later.
About the Author
I have over 16 years of experience within IT; I have a wide technical knowledge and proven skills in service, product management and governance. The last few years I have turned my attention to SharePoint Governance, as well as Branding and Design — some of my biggest interests.