NewsDude

A recent study presents a new framework for records managers to assess risks in two dimensions -- risk probability and risk impact -- and offers guidance for risk-treatment measures. Traditionally, assessing risks applicable to records management has not been perceived as a priority for managers. These risks can vary, ranging from minor human error or system failure to more systemic problems and major natural disasters that can lead to heavy loss and even corporate failure.
Natural disasters are probably the most neglected environmental threat to records, despite the fact that organizations that suffer major natural disasters frequently don't recover. However, the most common source of threat to records is people -- especially employees who are unaware of which records need protection or how they should be protected.
With the move to electronic records, different kinds of man-made risks have emerged: passive and active intrusion and sabotage. As in the case of natural disasters, many organizations that are sabotaged never recover.
A June 2006 Inside Counsel article, "The Meta Monster," provides some examples of other potential disasters stemming from human error. One is the unintentional release of privileged information contained in the metadata of distributed or shared electronic files created in commonly used software, such as Microsoft Word. Unless a Word document, for example, is "scrubbed" to remove metadata (through steps detailed on Microsoft's Web site), anyone who has access to it potentially can discover embedded comments, revisions, and "hidden" data with just a few mouse clicks.
Further, an article in the April 2005 Records Management Journal, "Management of e-mails as official records in Singapore: a case study," focused on risk management in e-mail communication and pointed out that many senior executives were unaware that e-mail presented liability risks to a company when not properly stored and archived.
Meanwhile, the increasing pace of technological change poses...

More...