the untapped texas gold mine

The Untapped Texas Gold Mine: How to Implement Records Management with Microsoft 365Prepared By: Ryan Britton, IQBG | Stephen Jones, MicrosoftDate: November 2021

GDPR REGULATIONS ARE INCREASING

OSHA

CCPA

Sarbanes-Oxley Act

Federal DataProtection Law

General DataPrivacy Law

PPA

HIPAA

PDPA

Personal Information

SecuritySpecification

PIPA

US IRS Publication 583

EU Directive 2006/24/EC

POPI

DATA

Vendors

PlatformsPublic

Remote

Private Cloud SaaS

StructuredUnstructured

Records

SMS

Documents

Corporate

Emails

1 Cost of Compliance 2019, Thomson Reuters

Discovering and managing data is challenging.Are you a leader or follower?

© 2021 IQBG Inc. 2

200+updates per day from 1000 regulatory bodies1

>80%of corporate data is “dark” – it’s not classified protected or governed2

68%of companies see themselves as “advanced” or “highly advanced” in adopting AI to automate information governance3

2 IBM Big Data Analytics Hub 3 Best practices for automating information governance, AIIM, 2019

Intelligent compliance and risk management solutions

© 2021 IQBG Inc. 3

InsiderRisk Management

Identify and take action on critical insider risks

Protect and govern data wherever it lives

InformationProtection &Governance

Quickly investigate and respond with relevant data

Discover & Respond

Compliance Management | Simplify compliance and reduce risk

Information Protection and Governance

© 2021 IQBG Inc. 4

Protect and govern data – wherever it lives

Data growing at exponential rate

Discover Classify

Unified approach

Devices Apps Cloud services On-premises ISVs, 3rd-party

Monitor

Apply policyProtection Prevent data loss Encryption Restrict access Watermark

Governance Archiving Retention & deletion Records management Disposition reviews

Sensitive info discovery Content explorer Activity explorer

Audit trail Proof of disposals

ProtectYour Data

Govern Your Data

Prevent Data Loss

Know Your Data

Records Management

© 2021 IQBG Inc. 5

Manage legal, business, and regulatory recordkeeping obligations

Built-inClassify, retain, review, dispose, and manage content without compromising user productivity and data security

IntelligentManage unstructured data at scale through automated and intelligent classification(e.g. trainable classifiers)

DefensibleRespond to compliance obligations by providing proof of disposal and documented audit trails

IQBG Background and Expertise

© 2021 IQBG Inc. 6

Capture Classify Manage Archive Discover Dispose

Content and RecordsManagement Specialists

Trusted Advisors on Large ECRMprograms

End to End, Thought Leadership, Strategy and Delivery

100% Software Agnostic, Experience with Most

Full Suite of Services: Assessments, Roadmap, Software Selection, Core ECRM, Taxonomy, Records, COE, Change Management

150 Customers in FED/SLED and Highly Regulated Industries

Solutions and Services across the full content/records management lifecycle, and partner of choice for public and private institutions of all size.

The Changing Face of the Information Ecosystem

Historically, Collaboration and Records Management Happened in Different Systems

Historically, Identity was something managed per-system or integrated superficially

Historically, security could be implemented at the perimeter

Historically, Teamwork applications were ad-hoc, informal and formed a part of Shadow IT

Historically, organizational information was predominantly on-premises

© 2021 IQBG Inc. 7

New Information Landscape

Security and Identity

Records Management

Systems

Collaboration Systems

Teamwork Systems

Cloud Environments

The Intersection of Security, Content, Teamwork and Compliance

© 2021 IQBG Inc. 8

Security Focus Restricts Teamwork Teamwork Focus Compromises Security Content Focus Increases Compliance Risk Compliance Focus Restricts Teamwork

A Holistic Approach is Required Governance and Compliance

Teamwork

Identity / Security

Content

Challenges for Records Managers Today….

© 2021 IQBG Inc. 9

Records Managers are Having to Revise

Methodologies based on Physical

Records Management

Only 8% of Records Managers have Adopted SaaS-based Records Management

Solutions

Cloud and Social Platforms Render “File and Declare”

Ineffective

NARA will stop accepting Physical Records in 2022

Hardware obsolescence,

Tape/Disk Decay, File Format Loss

Pressure to Digitize, Lower Carbon

Footprint, Move away from Paper

Big Data, Unstructured

FormatsAutoclassification Becomes Viable

Approach to Defensible

Disposition using Technology and

Automation

Primary Drivers of Information Governance

Why are Organizations Adopting Microsoft?

© 2021 IQBG Inc. 10

Familiar interface, multiple tools

Strong security, Global Presence

Highest Compliance Standards

Scalability, Stability, Availability

Current and future

Existing Licensing and Agreements

Anytime, anywhere access

Current Market Comparison: Strengths and Weaknesses

© 2021 IQBG Inc. 11

Productivity Suite Integration Third Party Ecosystem

SaaS Limited Content Capture

Capacity/Storage Considerations Danger of Sprawl

The complexity of the problem…

© 2021 IQBG Inc. 12

POLICY MANAGEMENT MONITORING & RESPONSE

AUTOMATIONCourtesy of the Smart Compliance on M365 Framework

Content & Records Management + Microsoft 365

© 2021 IQBG Inc. 13

Implement Enterprise Content and Records Management (ECRM) in Microsoft 365 (M365) to ensure frictionless collaboration and comprehensive governance within your organization.

Consulting & AssessmentsRapid assessment of operations that results in:• ECRM Strategy• Business requirements• Roadmap for implementation.

ECRM Solution / ConfigurationLeader in implementation of ECRM Solutions. This includes configuration of current technology and implementation of supplementary technologies.

eDiscovery/FOIA Services and support in Identifying, collecting and producing electronically stored information in response to a request for production in lawsuit or investigations.

Support & MaintenanceAssisting our clients to reduce TCO through appropriate support, knowledge-transfer and training; ensuring continued improvement and solution optimization.

OFFICE 365 DATA GOVERNANCE FRAMEWORKIMPORT GOVERN MONITOR

Capture/Import

Intelligent import of on-premise Microsoft and third-party data

Classification, Policy,

& Sensitive Types

Manual and auto-classification of content to apply right governance policies

Retention, Archival,

& Disposition

System-enforced lifecycle disposition workflows and defensible deletion processes

Dashboards, Insights,

& Reporting

Monitoring reports and intelligent trend identification and suggestions

Audit, Supervision,

& Defensibility

Data investigation, eDiscovery / FOIA, forensics, automated audit alerts, and notify cations

Solution Alignment (Baked In) Services you will need…

Compliance and Governance

Microsoft 365Security and Identity Plug gaps specific to your use case with

Microsoft Partner Solutions

© 2021 IQBG Inc. 14

Some Considerations for Implementing Records Management on M365, In our experience…(Your approach may vary, depending on your needs)

Understand your “Iceberg”

© 2021 IQBG Inc. 15

12% of Data is Business Critical. This is the

information that we need to Document

37% of an organization’s data is useful, but only if it

is discoverable and analyzed

ROT Costs every organization money.

How much does yours cost? How much could

you save?

A surprising number of organizations have a

“save everything forever” policy

Understand the Evolving Compliance Landscape

© 2021 IQBG Inc. 16

Ensure that Records Schedules and Governance Collateral are Relevant and Up-To-Date

© 2021 IQBG Inc. 17

A Best-Practice Approach to Information Architecture and Knowledge Management in M365

© 2021 IQBG Inc. 18

Don’t try and organize your information by department alone… think about the information type, lifecycleand intent.

RET

AIN Records and Archiving

• Classify, Tag (metadata), and Manage as Records• Lifecycle and Retention Management• Audit, Discovery, and Compliance

PUB

LISH Public Site

• Company Info• Brochures• Promotion

Intranet Portal• Latest news and events• Latest policies, procedures, and forms• Access to Telephone Directory and Search• Links to other LOB systems

My Profile• Contact Info• Profile Pic• Expertise

Employee External

CO

LLAB

OR

ATE

Personal Space• Save and share

personal documents

• Files and information not necessarily for a team

• Ad-hoc sharing

Extranet Space• Securely share

and collaborate with external parties

• Audited and controlled

Communities• Suited for mass

collaboration initiatives

• Large group of users, cross dept or discipline

• Persistent knowledge collection

Team Space• Distinct group of

users, collaborating and storing common info

• Generally, part of organizational teams

Project Space• Dynamic Group• Spanning

different org hierarchies

• Exist only during life of project

• Typically follows a structure

Create a Governance Framework

© 2021 IQBG Inc. 19

(consider a 3rd Party Solution to fill gaps)

IT Governance(Broad, organization-wide)

Operational Governance(Application-specific, aligns with IT Governance goals)

Workspace Provisioning

Ongoing Management

& Enforcement

Lifecycle and EOL for

Workspaces

Data Governance(Content-specific, aligns with IT Governance goals)

Item-level Retention & Expiration

Records Management Classification DLP

Microsoft Information Governance

© 2021 IQBG Inc. 20

Intelligent and built-in information and records management

Manage high value content following the specialized workflows required to meet legal, business, or regulatory recordkeeping obligations

Manage risk and liability by only keeping what you need and deleting what you don’t across your entire digital estate

INFORMATION GOVERNANCE

Automatically retain,

delete, and storeinformation and

records In a compliant

manner

W

RECORDS MANAGEMENT

GOVERN YOUR DATA

Develop Information Architecture

© 2021 IQBG Inc. 21

(Taxonomies, Content Types and Managed Metadata)

Document

Enterprise Document

Financial Documents

Purchase Order

Invoice

Operational Documents

Bill of Materials

Manifest

Legal Documents

Policy

Contract

Departmental Documents

HR Documents

Employee Record

Training Request

Sales Documents

Proposal

Sales Meeting Notes

Claims

Personal

Group

Document your Critical Information Lifecycles

© 2021 IQBG Inc. 22

Critical Stages in the Life of a Document

Disposition

Retained Archived Published Approved

SharedEnrichedVersionedAuthoredCreated

Tenant

Departments

Sales

Opportunity Teams

Departmental Team

HR

Department Team

Payroll Business Unit

Employee Induction

Open Enrollment

IT

Department Team

Project Teams

Security Center of Excellence

Learning and Development

Departmental Team

Learning Experience

Business Unit

Learning Delivery

Business Unit

Course/Intake Teams

Legal

Department Team

Case Teams

Marketing

Department Team

Campaign Teams

Locations

Branch 1

Branch 2

Strategic Teams

COVID-19

Resources

ABC Inventory

Resource XYZ

Knowledge Teams

Topic Teams

Design your Microsoft Teams Collaboration Space

© 2021 IQBG Inc. 23

Understand how Team’s Lifecycles Influence Document Lifecycles

© 2021 IQBG Inc. 24

Critical Stages in the Life of a Document

Disposition

Retention Offboarding Closing Collaborating

OnboardingCreatingApprovingQualifyingNeeding

Implement Governance at Different Levels…

Example

© 2021 IQBG Inc. 26

DEPARTMENT A DEPARTMENT B DEPARTMENT CExternalsharing

No external sharing

XExternal sharing allowed in: External sharing only allowed in:

Expiration/retention 6 Months

after last accessed12 Monthsafter last accessed

9 Monthsafter last accessed

Allow these usersto create a workspace

All requests through Central IT

All requests throughDepartment IT

Only Joe, Sally, andHarold can create

Recertifymembers

after3 Months

after6 Months

after12 Months

Migrate with Vision, Purpose, and with a Plan…

© 2021 IQBG Inc. 27

Understand On-Premise Information Silos Catalog Information Use AI to identify

sensitive information Document

Compliance/Regulatory Landscape Organizational Policies

and Records Schedule

Analyze

Migration Digitization Information

Governance Compliance

Plan

Strategize

Retention Strategy Compliance Roadmap Migration Strategy Disaster Recovery Information Strategy

Implement

Information Architecture Content Ecosystem System Integrations COE and COP Policies and Processes Automation Migration

Operationalize

eDiscovery and PII Per BU Workspaces Disposition Training Change Management

Use Automation and Workflows for Efficiency and Cost Savings…

© 2021 IQBG Inc. 28

Well Governed M365 Tenant

Compliant Information Architecture

Well Governed M365 Groups, Files, Sites and Teams

Policies and Governance

Change Management, Adoption and Training…

© 2021 IQBG Inc. 29

Digital Enablement Kick

Off

Stakeholder & Champions

Identification

Key Stakeholder Interviews

Stakeholder Analysis

CommunicationWorkshop and

Plan

Campaign Theme and Branding

Implementation Scheduled Alignment

Champions Engagement

PLANNING

Process & Product Training

CRM


BI

KNOWLEDGE / ABILITY

Process & Product TrainingTeams

OneNote


OneDriveSharePoint


Apps & Flow

Process & Product TrainingYammer

GO-LIVE

USAGE DATA

ADOPTION DATA

SUCCESS MEASURED

Coach & TrainCoach & Train

ADOPTION DATACoach & Train

Coach & Train Coach & TrainCoach & Train

Product Tips & Tricks /Cheat Sheets x #

ProjectAnnouncement

“Did you know”

“What it means to me”

AWARENESS \ DESIRE \ KNOWLEDGE

PilotBrown Bag Sessions

Product Information

“Applied” x #

Enablement ChampionsAwareness

Digital Enablement Roadmap

Reinforcement

What does the Journey Look Like?

© 2021 IQBG Inc. 31

ECRM Survey

0-6 Weeks

3-9 Months

6 Months & Beyond

Quick Start Assessments

(3 Weeks)

PlanningBlueprint

O365 SetupHLA *

InformationArchitecture

Per BUTransformation

CurrentState

Adoption, Training & Change Management

Programof Transformation

Roadmap

Rollout Completed

ContinuousCompliance

Prioritization& ROI

Evaluation

* Enterprise and/or Departmental HLA’s

Evaluation, planning and prioritization

Another Way to Look at It…

© 2021 IQBG Inc. 32

Catalog Governance

Attributes

Repeatable & Consistent

Admin Efficiency

Provable Compliance

Taxonomy & Classification

Retention & Disposal

Physical RecordsAudit & Reporting

Data Governance Records ManagementData Discovery Data Migration

Business InformationScan the content

Identify ROT&

duplicates

Remove duplicate

Data

Identify business

critical data

The changing landscape

© 2021 IQBG Inc. 33

There has been a substantial move in the information governance space over the past years

Create /Collaborate /

Content Management

Records Management

MicrosoftGoogle Apps

Etc.

OpenTextFileNetAlfresco

Etc.

Create /Collaborate/ Content

Management

Records Management

Software Platforms

Create /Collaborate /

Content Management /

Records Management

Long Term Archive

? ?

ALL OF THIS IS DRIVING: Importance of assessments Selection of platforms/technology Correct configuration and maintenance of

environments

WHY IS THIS HAPPENING? Compliance requirements– not just about

documents Blurring of lines between what is content and

what are records

(R)evolution of software platforms Licensing models Change in work/delivery model Collaboration expectation

Thank you!