Integrity, on the other hand, is about protecting the document from any possible modification or alteration without documented authorization. In order to do this, a system must be in place to identify and keep a record of every action that affects the document, including consultation, modification and deletion.
Usability consists of maintaining the usability of the document at all times, and therefore it must be kept in a format and in a medium that guarantees its reusability for as long as possible. A policy of migrating to another medium must therefore be established periodically.
Finally, metadata aims to describe the context of the operation, the dependency relationships between documents and document systems, links between the social and legal contexts, and the relationships with the actors involved in the creation, management and use of business documents. To play their role fully, certain metadata must be assigned at the time of the capture or creation of the business record.
According to ISO 15489, in addition to document requirements, records management systems must:
– comply with the various requirements of the organization’s functions and with the various laws, standards and good practices in the field of activity. This conformity must be maintained throughout the life of the system;
– be reliable by containing documents and metadata that properly retain the production context. Systems must be scalable to meet the needs of the organization without affecting the integrity of the documents and their value, even after transfer and/or migration operations;
– be extended to integrate all the activities of an organization, even in stages, given the very high cost of implementing such a system;
– have integrity by ensuring controls on user identities, access rights, security and the various manipulations of documents;
– be of a systematic nature by ensuring that the program is linked to all its processes and that all methods of document creation and storage are systematized [COU 06].
1.3.3. Design and implementation of an RM project according to the standard
According to ISO 15489, any project to design and implement a records management program goes through eight stages (see Figure 1.8).
1 1) Preliminary survey: the preliminary survey is the first step in designing a records management program and is the foundation for the entire intervention. It concerns all of the company’s activities and practices, as well as its structure, culture and legal, regulatory and economic environment. This survey allows us to recognize all types of documents resulting from the activities of the company, and to detect the strengths and weaknesses in the management of these documents.
2 2) Analysis of activities: the second step consists of conducting an analysis of the company’s activities during the preliminary survey. This analysis can lead to an activity classification scheme, a process map and work methods. These documents can be the basis for the development of archival tools, such as the retention period repository, the thesaurus or the list of authorities.
3 3) Identification of archival requirements: the third step follows on from the first two steps and concerns the identification of archival requirements. This identification consists of defining the needs of the company in terms of capture (creation and/or acquisition), management, organization, conservation and dissemination of documents. This definition of needs would make it possible to know the types of documents that the organization would be able to use to ensure a certain efficiency in the realization of its various activities and to illustrate them while guaranteeing its rights. This is in fact the main objective of standard 15489, which is to establish a records management program capable of creating, managing and preserving reliable, honest, authentic and usable records, as mentioned above [COU 06]. Figure 1.8. RM project design and implementation (ISO standard 15489) [COU 06], For a color version of this figure, see www.iste.co.uk/mkadmi/archives.zip
4 4) Evaluation of existing systems: this evaluation consists of deciding which of the methods and systems used could be kept, either in their current state or with adaptations. This decision must be taken after a serious analysis of the strengths and weaknesses of these existing systems, particularly in terms of efficiency and safety. It must always be kept in mind that a records management system must be part of the general information system.
5 5) Identification of strategies for system development and implementation: this fifth step consists of identifying strategies to meet archival requirements, thus developing and implementing the new records management system. These strategies consist of defining procedures (creation and codification of documents, metadata, recording, access rights and security, management, borrowing of documents, retention periods, transfer, disposal, control, etc.), policies (objectives and broad outlines of the system), retention rules (retention period and final disposition of all types of documents) and access.
6 6) System design: the sixth step represents the first operation in the development of the records management system, the design of the archiving system adapted to the company and the drafting of specifications. A specification is a document that formalizes the descriptive elements, processes and features selected for the system in question. It is the result of an internal reflection within an organization between different experts, document managers, computer scientists and others, after having made an analysis of the existing system, a study of needs, an opportunity study and a risk study.
7 7) System implementation: this step consists of implementing the system and training employees on its use. This training can be held at two levels: general training using the technical guides and more detailed training on the functionalities of the system that can be provided by the quality advisor, with the participation of the archivist.
8 8) Follow-up and control after implementation: this step consists of evaluating the records management system, once it has been implemented and is functional. This evaluation is carried out through internal and external audits regarding compliance with standards (notably ISO 15489). In order to ensure that the system can evolve, revisions of certain parts of the system, as well as the quality documents, should be considered every five years [COU 06].
1.3.4. MoReq: the added value of RM
As noted, ISO 15489 is perhaps the most influential standard for records management. It proposes that an organization use a RMS (Records Management System) to implement various management processes ranging from identifying the information that needs to be managed as records to documenting the process of managing those records, including creating, recording, classifying, storing, processing, controlling access, tracking records and disposing of records. It defines such a system as “an information system that captures, manages and provides access to records over time” (ISO 15489-1:2001, section 3.17). MoReq (Model Requirements for the Management of Electronic Records) is a practical specification for defining a records system expressed as a modular set of requirements. First published in 2001, MoReq has been continuously developed by the DLM Forum10 and the European Commission to create a series of specifications: MoReq1 in 2001, MoReq2 in 2008 and MoReq10 in 2011.
MoReq2010 is the latest simplified version. It aims to provide more flexibility in its specification and more openness to reach both the public and private sectors. It goes beyond the general description proposed by ISO 15489 to add a little more detail and specificity in the case-handling processes. One of its strengths, in addition to modularity, lies in the potential for interoperability that it guarantees between different archiving systems (see Figure 1.9). This interoperability allows all organizations to resolve the problems of migrating records from one system to another, as required by technology developments every 3-5 years [DLM 10].
MoReq2010’s service-based