This presentation, delivered virtually to the ARMA Chattanooga chapter on February 13, 2024, described the elements of a business assessment, a technical assessment, and a maturity assessment in support of an information management initiative.
20240213 ARMA GCAC Business and Technical Assessment for an Info Mgmt Initiative.pptx
1. How to Conduct a Business
and Technical Assessment for an
Information Management Initiative
Jesse Wilkins
President
Athro Consulting
ARMA Greater Chattanooga
Area Chapter
February 13, 2024
3. Agenda
Elements of a
Business Assessment
Next Steps
Elements of a
Technical Assessment
Elements of a
Maturity Assessment
4. “If you don’t know where you’re going, any road will take you there.”
-- Lewis Carroll (ish)
5. “If you don’t know where you’re
going, you might not get there.”
-- Yogi Berra
6. Agenda
Elements of a
Business Assessment
Next Steps
Elements of a
Technical Assessment
Elements of a
Maturity Assessment
7. What do you need to know before you can
begin a successful records management
initiative?
ⓘ Start presenting to display the poll results on this slide.
13. Complete Key
Assessments
• Document processes
• Review and document
key activities related to
IM processes
• Review and document
key activities related to
information-centric
business processes
• Deliverables - high level
process documents
reflecting current state
15. Complete Key
Assessments
• People skills and organizational
structure
• Determine if the team and
organizational structure is in place
to deliver or support the project
• Roles identified and built out
• People placed in those roles
• People trained to be able to
execute those responsibilities
• Deliverable - skills capacity
document or skills matrix
17. Where do you get all this information?
ⓘ Start presenting to display the poll results on this slide.
18. Information Gathering
• Review existing
documentation
• Governance
• Process
• Talk to stakeholders
• Talk to the people doing the
work
19. Agenda
Elements of a
Business Assessment
Next Steps
Elements of a
Technical Assessment
Elements of a
Maturity Assessment
20. Technical
Assessment
• Current state
• Identifies any limitations,
assumptions, or dependencies
• Example: moving everything to cloud
• Example: multinational with data
sovereignty concerns
21. What do you need to know about your
existing technology environment?
ⓘ Start presenting to display the poll results on this slide.
22. Review Applications
• Identify all technology solutions
in the organization that create,
store, or manage records and
information
• Enterprise
• Business unit
• Departmental
• Stand-alone/end-user
• Integrations
23. Review Application
Functionality
• Which systems create, store,
or manage information
• What types of information
they store, e.g., personal,
sensitive, records
• What functionality they
provide, e.g., retention, legal
holds
• The stage of the system
lifecycle
• Ownership
• Deliverable - current-state
application portfolio
24. Other Considerations
• Data structures and formats
• Usability issues
• Stage in technology lifecycle
• Vendor/channel support
• Costs to maintain vs. replace
25. Complete The Technical Assessment
Document the major technology
risks and constraints
Identify:
Impact to the project or organization
How to mitigate the risk
Probability of occurring
Technical risk
Probable cost
26. Complete The
Technical
Assessment
• Outline the business and
technology capability
timeline for deployment
• Can a portion of the
project be begun
now?
• Is an RFP to be issued
to address missing
functionality?
27. Agenda
Elements of a
Business Assessment
Next Steps
Elements of a
Technical Assessment
Elements of a
Maturity Assessment
28. The Maturity Assessment
• A maturity model can be a useful tool
• Help you determine where you are now
• Provide a framework to prioritize actions
• Define what improvement means to the
organization
• Based on industry best practices
• Often developed/delivered by trusted
third parties
• Numerous maturity models available
29. NARA Maturity Model
• 5 domains:
• Management Support and
Resourcing
• Policies
• Systems
• Access
• Disposition
• Questionnaire available at
https://www.archives.gov/records-
mgmt/resources/reporting
30. ARMA’s The Principles® Maturity Model
• Eight domains:
• Principle of Accountability
• Principle of Transparency
• Principle of Integrity
• Principle of Protection
• Principle of Compliance
• Principle of Availability
• Principle of Retention
• Principle of Disposition
• Available from ARMA bookstore; see also
https://www.arma.org/general/custom.asp?page=Prin
ciplesMaturityModel
31. Agenda
Elements of a
Business Assessment
Next Steps
Elements of a
Technical Assessment
Elements of a
Maturity Assessment
32.
33. IG/IM/RM Maturity Models
• State Records of South Australia Self-Assessment Tool
• Western Australia Information Management Maturity Model
• Queensland Government Recordkeeping Maturity Assessment Tool
• PROV Information Management Maturity Measurement Tool
• New South Wales Information Governance Agency Self-Assessment
Tools
34. IG/IM/RM Maturity Models
• Archives New Zealand Information Management Maturity
Assessment
• UK National Archives Information Management Assessment
Programme
• Scottish Parliament Records Management Maturity Model
35. IG/IM/RM Maturity Models
• Many consultants and vendors have their own models
• IBM CGOG Information Governance Process Maturity Model
• Gartner Enterprise Records Management Maturity Model (clients only)
• Gartner Enterprise Information Management Maturity Model (clients only)
• ACC Records Management Maturity Model (members only)
36. For More
Information
Jesse Wilkins CIP, CIPP/US, CIPM, IGP, CRM, ICE-CCP, AIIM Fellow
President and Principal Consultant
Athro Consulting
jesse.wilkins@athroconsulting.com
@jessewilkins
https://www.athroconsulting.com
Editor's Notes
Why this – why now?
- Urgency caused by legal or regulatory issue?
- New leaders or personnel in place that “get it”?
Balance the needs of users with needs for information management across organization
Prioritize needs and align with overall business objectives
- How will the program support better business outcomes, not just compliance and risk?
Type of organization
- Public vs. private sector
- Publicly traded vs. privately held
- Geographic and jurisdictional scope
- Size – revenues, number of locations, number of employees
Organizational culture
- Tolerance for risk
- Command and control vs. decentralized
- Willingness or resistance to change
- In-person vs. hybrid vs. remote
- Adaptability and approach to technology
Statutes, regulations and case law
Voluntary codes of conduct/ethics
Organizational rules and procedures
Community expectations
Example: Privacy
How does information come into the organization?
How is it created?
How does it flow through the organization?