January 5, 2016

ARMA Recommends Federal Information Governance Rules Changes

5 minute read

A recent post from ARMA espouses the importance of the U.S. federal agencies properly addressing records and information governance rules concerns earlier in the development process. As we've written before, a proactive approach to information governance is critical. ARMA International President Peter Kurilecz wrote a letter in fact, to the U.S. Office of Management and Budget (OMB). This was in response to proposed revisions to the government's rules concerning information governance rules.

An excerpt from the letter reads: "RIM has a very important role to play in helping agencies impose discipline and holistic information governance within agency information resources in order to ensure transparency, accountability, and accessibility, and to ultimately preserve government records and our national heritage." This statement helps to clarify ARMA's stance on the necessity of proper information governance rules within all areas of the federal government.

Additionally, President Kurilecz proposed the following 9 recommendations to strengthening section 5 of Circular No. A-130:

  • Consider the addition of a safeguard within paragraph (d) of “Strategic Planning” (line 299) that includes records accessibility, availability, and transfer when a system is upgraded, replaced, and disposed of. An ever-expanding challenge of data governance is to ensure that information assets are not inadvertently lost or made inaccessible as technology and systems evolve. Federal information should not be put at risk as a result of a change in information technology.
  • After paragraph (d) of the “Strategic Planning” part of “Planning and Budget” (line 302), ARMA proposes the addition of a paragraph ensuring that all resource planning and management activities consider RIM requirements throughout the system development life cycle.
  • Within paragraph (b) of “Planning, Programming, and Budgeting” on line 327, ARMA proposes that the senior agency official for records management (SAORM) be included in the list of agency leaders responsible for the planning, programming, and budgeting stages for programs that includes IT resources. This is consistent with private sector best practices in the information management business process because it rightfully establishes records management as a major stakeholder and key player to help manage information.
  • Add the word “records” on line 376 after “data” so that the sentence reads “d) Data, records, and information needs are met through agency-wide data governance policies…” In order to ensure accessibility, transparency, and privacy, it should be a best practice to include records management responsibilities within agency policies at this strategic level. Information and records needs and assessments should not be isolated from each other.
  • Under “Leadership and Workforce,” ARMA recommends adding a paragraph requiring the assignment of clear and documented roles and responsibilities to qualified personnel for the conduct of RIM processes, which include the inclusion of information governance responsibilities in written job descriptions and in policies and procedures setting forth responsibilities and reporting chains, appropriate delegation of authority for transparency, and other records and information governance processes.
  • Regarding the acquisition strategies or acquisition plans (f) within “IT Investment Management,” ARMA recommends an addition to item vi, line 465 in order to highlight the importance of the accessibility of information and records when software and systems are replaced, migrated, or retired. Such a safeguard might include a statement that compels the “consideration of the records management and archival needs of agency information contained in such systems” within acquisition strategies and plans.
  • Within paragraph (n) of the “Investment Planning and Control” part of “IT Investment Management” (beginning on line 537), ARMA recommends that the RIM functions and retention requirements be incorporated “as early as practical” in systems development. In addition, ARMA urges that recordkeeping shortcomings also be identified early in system development, and that RIM concerns be addressed before old systems are discontinued. This can reduce the cost of implementation and ensure that records on legacy systems are preserved.
  • Under Records Management (g), in the paragraph beginning on line 618, ARMA recommends that responsibility for the success of an agency’s RIM program should be written into the job description of the SAORM. Further, the SAORM should be compelled through such a requirement to be actively engaged in the agency’s RIM program and its promotion and enforcement. In addition, the SAORM should have direct knowledge and awareness of potential risks to the organization related to records and information governance issues.
  • Under Records Management (g) of “Planning, Programming, and Budgeting” after line 629, ARMA proposes an additional paragraph that would ensure involvement of the SAORM early in system development and would formalize inclusion in the agency systems development lifecycle process review by requiring the SAORM’s approval prior to implementation of new systems or information management services. Such a paragraph could help an agency ensure that all requirements for the governance of information are being met before lifecycle processes are put into place.

The OMB is now taking these and all recommendations under consideration and will revise the policy as they deem necessary.

Receive News Updates As Soon As They Happen