Meeting NARA Compliance with Your ERM System

In August of 2017, National Archives and Records Administration (NARA) took the next leap in its Federal Electronic Records Modernization Initiative (FERMI), designed to proactively develop policies and improve processes for the transition to a fully digitized government, by releasing its Universal Electronic Record Management (UERM) requirements. Whether your firm has a current electronic record management (ERM) system in place or has yet to digitize, a thorough evaluation of your current enterprise content management tools and procedures may be in order to ensure they are not only secure, cost-effective and efficient, but also NARA compliant.

Intended to give federal agencies standards by which records management staff and IT departments can design a compliant ERM process, the UERM requirements offer high-level guidance for procuring system tools and services and for managing documents throughout their lifecycle. NARA’s goal is to ensure all federal agencies are prepared for the Managing Government Records Directive 2019 timeline for electronic conversion, while making the transition as user-friendly and cost-efficient as possible.

While the Universal ERM Requirements are intended for government agencies, NARA’s guidelines can help organizations in any sector evaluate and identify the best ERM strategies and can assist vendors in developing capabilities for their tools. The document lays out a total of ninety-four requirements in two categories: lifecycle and transfer format. “Lifecycle” guidelines provide firms with both necessary and suggested process requirements that enable ease of document capture, efficient maintenance and use, compliant disposal, legal record transfer, accurate metadata inclusion and accessible reporting for analysis. “Transfer” regulations then dictate the proper format for a variety of file types including digital audio recording, photographs, text records and more.

While the UERM document simply offers a high-level overview and does not dictate the necessary level of automation, the requirements can be effective in guiding businesses and federal agencies in the development a customized ECM strategy that is right for individual operational needs and meets unique industry regulations. Agency record officers and IT departments can determine what combination of manual process and automation technology they will utilize for success.

When implementing a new ERM process or evaluating an existing one based on NARA compliance, taking the following steps into account to develop a reliable method for organizing content and leveraging available tools and features:

  1. Simplify: Review the UERM requirements and define a simplified list based on your unique agency requirements.
  2. Analyze: Familiarize yourself with the environment and capabilities of your existing platform.  Take into account not only current features, but also future upgrades. Microsoft Office 365, for example, constantly adds new tools such as Governance features. Analyze your business’s use of these features to make sure they are utilized properly by all staff and to their full potential.
  3. Prioritize:  Once you have evaluated your current systems abilities and shortcomings, develop a list of priorities for improvement. NARA’s UERM document has included “must have” and “should have” tags on each process or capability, which should make identifying your priorities an easier task. Then address these systems in order of importance taking into account cost, risk and benefit.
  4. Integrate and Enhance: Incorporate new requirements as needed throughout the systems development life cycle. These implementations can be achieved with the addition of native components and add-ons or though integration with third-party repositories.To enhance and customize system functionality, consider out-of-box add-on apps, such as those found in Office 365 AppSource.

    Evaluate the benefits of client side versus provider hosted apps. When utilizing O365 and SharePoint, integration and information management experts such as Gimmal and Avepoint can work with your business to ensure your customizations are secure and scalable.

    Weigh the pros and cons when considering the integration of a third-party ECM solution. Many third-party systems come pre-configured and have more intuitive user interfaces designed with records managers in mind.  They can provide additional functionality including retention schedules, plan development, additional security layers, enhanced audit capabilities, robust reporting, disposition workflows, rules engines and more. But, keep in mind third-party ERM systems require additional costs for implementation, maintenance, training and support.

  5. Monitor: Define a specific set of criteria to evaluate the success of your implementations and audit for improvement.
  6. Decommission: Develop a plan to decommission legacy systems to facilitate a smoother transition to your new system and ensure no data is lost.
  7. Repeat: As you continue to add, upgrade or replace systems, repeat these steps to monitor functionality and compliance.

While there is still much progress to be made in the transition to a fully digital government landscape with standardized ERM policies, NARA’s UERM document provides a good place to begin. With the proper evaluation, tools, implementation and training, agencies can not only enforce policies and develop systems for compliant records management, but also implement flexible, customized ECM solutions to achieve business success.