“Does Microsoft Finally Get Records Management?” AIIM E-DOC Article Available

I wrote this review of Microsoft’s first foray into the records management world with Microsoft Office SharePoint Server 2007. You can download the article here.

In the article I review some of the common records management features that Microsoft does a good job of addressing. I then list the three areas where Microsoft misses the mark. The article appeared in the July/August 2006 print issue of AIIM E-DOC magazine. It has not made it onto the AIIM E-DOC web site yet.

Take a read and let me know what you think…

Tags: , ,

Under The Covers: Oracle Content DB & Oracle Records DB

I took the time last night to view the Oracle Executive Briefing on Oracle Content Management Strategy. This 88 minute marketing event was at times painful to slog through, but did provide some clues on Oracle’s new positioning for enterprise content management.

Positioning? Yes, positioning. I did not really see any solid new functionality from what was demonstrated to me at AIIM 2005 over a year ago. I think the positioning of Oracle Content DB and Oracle Records DB is a concerted effort by Oracle to distance themselves from the “collaboration” word. They are positioning these products as core infrastructure that leverages a clients current investment in the Oracle database.

The slides, demo, Analyst videos, and talk track throughout the webcast focused on these two add-on services layers on top of the Oracle 10g database. The way Rich Buchheim (By the way, Rich was a panelist on my AIIM Future of ECM session) described it:

“Content management out of the box (OOTB) for everybody in the organization along with a robust infrastructure that can support much deeper applications built by partners”

The OOTB capability is really focused on the most common business requirement (>70%) collaborative document creation and management…features according to Oracle, customers said they most need. But, they still are distancing themselves from the old moniker of “Collaboration Suite”.

Oracle included short vignettes from analysts Connie Moore from Forrester and Jeetu Patel from Doculabs. Connie stated that there are several reasons to put content in the database:

  • Manageability
  • Scalability
  • Reliability
  • Security

During the demonstrations the Oracle end user paradigm is based on using Windows Explorer and the “Oracle Drive” which must be deployed to the desktop rather than using the web browser as a primary interface. One feature that was nice was that advanced properties are accessible from Windows Explorer. This provides rich functionality including sharing set up and email notification which automatically grabs the URL and email addressed of the participants.

Records DB is used to establish the File Plan and the lifecycle management policies associated with the File Plan node. These properties/policies including lifecycle instructions can then be applied to a folder in Content DB. Oracle is making a point of saying all workflows interacting with Content DB and Records DB are BPEL workflows. The workflow is used to move through the milestones on the lifecycle.

The timing of this announcement is interesting. It looks like many of the same features available in Microsoft Office SharePoint Server 2007 and the next version of Office 2007 are being announced and highlighted in these two products. I think Oracle is trying to trump Microsoft with a 2-3 month jump on releasing these two products. Although the strategy was announced and presented last week the following was on the website regarding pricing and availability:

“Oracle Content Database and Oracle Records Database are options for Oracle Database 10g Enterprise Edition. Both products are expected to be available within 60 days and pricing will be announced at or prior to availability. Additional information on Oracle Content Database can be found at http://oracle.com/database/contentdb.html. Additional information on Oracle Records Database can be found at http://oracle.com/database/recordsdb.html.”

The other interesting aspect of the webcast was that Tom Jenkins CEO from Open Text presented at the end of the program and talked about how Open Text intended to deepen the partnership with Oracle by leveraging Content DB as a repository for LiveLink. This is the very advice I have given to the other ECM vendors over the last year if they want to remain relevant 3-5 years from now. Don’t care which horse you pick (IBM, Microsoft, or Oracle) just pick one.

The following are links to resources related to these products”

Content DB

White paper:Content Management for the Entire Enterprise (PDF, 166 KB)

Internet seminar: Managing Your Content in the Enterprise Database (18 min.)

Customer snapshots: Fiorde, M. Dias Branco, and Power Engineers

Video: Power Engineers Centralizes with Oracle Database (1 min.)

Launch webcast replay: Executive Briefing on Oracle Content Management Strategy (88 min.)

Press release: Oracle Announces Next-Generation Content Management Strategy (June 2006)

Press release: Industry Demonstrates Strong Support for Oracle Content Management Strategy (June 2006) 

Press release: Oracle to Provide Infrastructure for OpenText Content Management Technology (June 2006) 

InternetNews: Oracle Opens Content Management to The Masses (June 2006)

InfoWorld: Oracle unveils ‘content management for the masses’ (June 2006)

Records DB

Internet seminar: Managing Electronic Records Securely in Oracle Database (15 min.)

Cohasset white paper: Managing Records Across the Enterprise (PDF, 836 KB)

Customer case study: Power Engineers

Oracle Announces Next-Generation Content Management Strategy

It has been a busy week in the ECM world!

First CA acquires MDY Software, then the LOBi announcement by Microsoft which will help bring structured and unstructured data together (easier ;-)), then the Open Text and Oracle announcement, and now this big announcement by Oracle about their "Next-Generation Content Management Strategy".

So what will this mean? Is Oracle really serious about getting their ECM train back on the track?

I plan to pour over all the material they released this week over this weekend and will post my conclusions. Maybe Oracle is ready to wake up from the hibernation and get their act together. While at the Oracle booth at AIIM the nice sales and marketing fellow I was chatting with mentioned to me that Oracle was going to make an announcement in about three weeks about their content and records management strategy. I thought he was blowing smoke since the three weeks past and nothing was announced. I guess they needed an extra week to get the PowerPoint slides downloaded from the SharePoint site they were preparing the announcement with. 😉


Powered by Qumana

Talking With John Newton On The AIIM Conference & Expo 2006 Show Floor – May 17

I had a chance to talk with John Newton, CTO of Alfresco today at their booth on the exhibition floor. It was great to finally meet John in person and have a chat about my post Alfresco Adding Real Records Management To Their ECM Suite??? late last month. John confirmed that Alfresco plans to release a version of their ECM suite by  the end of the year that will include records management capabilities that will comply with the DoD 5015.2 STD requirements.

This is significant!!!! It will be interesting to see if having an Open Source ECM solution that has DoD 5015.2 certified records management will have a dramatic effect on the adoption curve of Alfresco by regulated or government customers. I asked John if Alfresco was planning to take the Alfresco suite through the certification process and he said that Alfresco would rely on a partner to take on the logistics of taking the suite through the testing process.

This next year should be very interesting to watch. Real RM in Alfresco, the Office 2007 launch, and ????? Tags: , ,

Powered by Qumana

CIO Survey Shows ECM Security, Compliance As Top Concerns

George Dearing had this post on his "The Enterprise Content Management Blog"

SealedMedia released recent survey results from from 29 CIOswho invested more than $1 million in ECM systems. I was a bit surprised the workflow/process automation piece ranked so low.

The concerns were ranked on a scale of one to eight, eight being the most important. 

  • Guarantee ISO 17799 compliance: 6.03
  • Protection of intellectual property during offshoring or outsourcing: 5.52
  • Protection of high- and executive-level communications: 4.79
  • Improvement of workflow-process automation: 4.41

Also from the article in CIO News Alert about the survey "more than three-quarters of respondents said they’re seeking additional content security safeguards and control over who accesses what. Participants were most concerned with data being improperly accessed or modified while it’s being edited or worked on, and when it’s being distributed, according to the survey."

What this is telling me is that the major ECM providers have not fulfilled the promise of making ECM easier and accessible by the majority of users. It is still too damn hard.

In my next post I will talk about some requirements that I think need to be met to address this problem…Tags:

Some Q & A With Julie Gable

The following is a series of questions that Julie Gable asked me to respond to for an article she was writing for the Association of Records Managers & Administrators (ARMA) Information Management Journal. Julie is a widely respected expert on electronic records management and compliance.I thought the questions along with my responses might be useful and provide a snapshot of some of my thinking regarding compliance, records management, and how organizations are addressing these challenges.

1. Tell me about your company, where is it based and what do you do?  Compliance Solutions Group is based in Reston, VA (The Washington D.C. Metro area). Compliance Solutions Group (CSG) specializes in implementing document, records, and business process management solutions that address compliance with the Sarbanes-Oxley Act, SEC and NASD regulations for publicly traded companies and financial services businesses.As recognized authorities on compliance, document, records, and workflow management, CSG brings practical experience, thought leadership and technical expertise to every engagement. Our projects can be delivered in weeks or months not months or years.CSG is a subsidiary of Applied Information Sciences; a 25 year old software engineering firm, a Microsoft managed Gold Partner (www.appliedis.com), and has completed hundreds of enterprise solutions on-time, on-budget and on-target.

2. What compliance regulations do you deal with in your work?   We typically focus on DoD and Federal regulations for our Federal Government customers. For our commercial customers we focus mostly on addressing SOX. Our business mix is approximately 50/50.

3. How are your clients/ customers approaching compliance?  Is there a compliance officer?  Is it a team effort?  Who participates?  For government: Most often the Records Manager is driving the need for compliance with the Federal Records Act. In other scenarios business executives are seeking business solutions and they know implementing a DoD certified solution is required.For commercial clients we are seeing Chief Risk Officers and SOX Program Managers primarily focused on addressing SOX compliance. There primary goal is reducing the year over year costs to manage the program. We have found that many are not that aware of the document and records management implications of SOX and the coinciding guidance from the SEC. I have produced a white paper called “Boiled Sox” which extracts the sections of the SOX Act that specifically relate to DM and RM and provide this to our clients. In many cases they are surprised while in other cases they know they need to do something but are not sure.

4. Are there models or processes that companies have used successfully in their compliance initiatives?  Can you describe these?  For example, identifying what the law requires, identify the processes involved, determine the controls needed, identify what is needed for reporting, etc.  Many companies that we work with to implement our Compliance Toolkit™ for SOX are in year 2 and beyond on their SOX compliance program. Most have very mature and well defined and documented processes for reviewing their SOX related business processes and for testing the effectiveness of their internal controls. What has not been that successful is the amount of automation used to support these processes and integration of document/records lifecycle management.Many are using spreadsheets to track the status of their compliance initiatives, using File Shares as a document repository, and using email as a workflow tool.One client is using a model similar to the Software Engineering Capability Maturity Model (i.e. CMM-Level 2) to model his program and methodically mature the processes over time. His model sets a goal of maturing the model each year with year four becoming steady state.

5. Have standards played a role in the compliance efforts you’re familiar with (e.g., COBIT, ISO 15489, ISO 17799, etc.).  If so, what purpose have standards served and how have they helped or hindered compliance efforts?  COBIT is becoming important to many clients in their second and third years of SOX with the increased attention to the IT dimension related to SOX by the external auditors. We do not see much interest in ISO 15489 or 17799. The DoD 5015.2 STD still shows up as a standard that commercial clients are using to select and narrow the field of potential RM vendors or ECM solutions with RM.

6. At what point in the process (if any) does records management come in to play?  What are the biggest concerns (if any) that surface regarding recordkeeping and proving compliance? How are these concerns met?  Surprisingly, we have only seen a few companies addressing SOX who have an appreciation for the RM dimension of SOX compliance. In many cases we are educating them and getting the RM folks involved. We are working to develop a Compliance Toolkit ROI Calculator which will help clients more effectively evaluate the potential ROI of automating their compliance activities.

7. Companies that have put SOX controls in place now realize the cost of resources needed to maintain those controls, and this is probably true for compliance with many other regulations as well.  Are you seeing increased emphasis on cost control in compliance efforts?  If so, what remedies are your customers/clients considering?  Yes – we are seeing an increased emphasis in controlling these costs. Another aspect that is being looked at is improved risk management. Many are seeking IT solutions to help them reduce costs by pushing the activities and responsibility for process reviews and controls testing out to the business. The clients we are working with are considering workflow and business process automation technologies to help them automate the tracking and processing of tests, controls, etc. in their SOX programs. There also a great deal of interest in providing better reporting for senior management, the Audit Committee, and the Board with more detailed insight to the underlying details that are summarized in the reports.

8. What trends are emerging for compliance practices?  Is there greater emphasis on centralized efforts than previously?  Is there more emphasis on process automation and technology for monitoring controls, reporting, etc.?   The trends we are seeing include centralized command & control of the compliance programs with a strong desire to distribute the responsibility for compliance, testing, and for oversight to the business owners. The folks charged with administering the compliance programs cannot continue to manage all aspects of these programs. Many have been supplementing their staffs with temporary help and cannot continue to fund this. Also another key concern is their experience of spending over 95% of their time gathering, tracking, and preparing reports while having little time to review the accuracy and provide analytical review of the information to identify trends and make conclusions.

9. What advice would you give non-US firms and the small and mid-sized firms that will be contending with compliance issues?  Are there key policy elements or practices that will save them grief?  Small to mid-sized firms should seek out both professional functional and technical help early and not try to go it alone. Many small and midsized Accounting and Financial Services consulting firms have produced templates, best practices, and prototype frameworks that can quickly jumpstart a small to mid-sized firm quickly and more inexpensively. Applying IT and RM technologies early can ensure that the documents and documentation required for SOX compliance are managed effectively.