InfoTechWhitePapers

A Practical Guide For A Records And Information Management (RIM) Risk & Control Framework

Every professional association and analyst survey or benchmark report that measures the health of Records and Information Management (RIM) or Information Governance (IG) programs come to the same conclusion: organizations have ...


Records and Information Management (RIM) Risk & Control Framework
Published By - hitechnectar

PROVEN PRACTICES. NEW THINKING.
ALL IN ONE RESOURCE.

Every professional association and analyst survey or benchmark report that measures the health of Records and Information Management (RIM) or Information Governance (IG) programs come to the same conclusion:

Organizations have invested in RIM programs (95% of companies with more than 2,500 employees per the Cohasset/ARMA Benchmark Survey) yet only a handful can be confident that their lines of business are compliant with all aspects of RIM policy.

The burden of monitoring compliance has outgrown the capabilities of RIM staff; there is too much information created every day in myriad business units around the globe, the majority of it by technology, for them to be confident about its management. While this is true for all industries, it is especially problematic for highly-regulated industries because of the significant demands and scrutiny that you face.

The most pragmatic solution to the challenge of measuring compliance is to engage the lines of business in a self-assessment exercise. The RIM Risk & Control Framework presented in this guide suggests a set of RIM Controls that can be standardized to suit your organization’s risk profile for distribution to all of your lines of business. With guidance and instruction from your Records and Information Management team, a line of business managers must represent their ability to satisfy a control by ranking themselves.

While the tendency may be to overstate one’s capabilities, the respondents should be encouraged to be as accurate as possible to allow for remediation, with no repercussions, unless an egregious violation to policy is reported.
Take advantage of this guide to:

  • Institute the Framework as a self-rating tool
  • Use resulting RIM Risk scores to rate lines of businesses and geographies
  • Reconcile Controls with or map to, any existing corporate controls
  • Act as a second line of defence when working with both internal and external authorities
  • Update RIM Policy
  • Supplement key awareness sessions regarding audits

You May Also Like to Read-

KuppingerCole Report- LEADERSHIP COMPASS
5 Steps to Good Governance

Add Comment

Click here to post a comment

one × 2 =

Download the complete Resource:

I would like to receive communications from HiTechNectar and consent to the processing of the personal data provided above in accordance with and as described in the privacy policy.


Translate »
Social media & sharing icons powered by UltimatelySocial