Is How Your Organization Is Storing Content Causing Operational, IG, Audit, Regulatory, & Litigation Risk?

Is How Your Organization Is Storing Content Causing Operational, IG, Audit, Regulatory, & Litigation Risk?

This year an area of focus for operational improvement, information governance, legal departments, auditors, regulators, and, yes, those bringing lawsuits against your organization is how and where your employees are storing company information and unstructured content (emails, documents, photos, videos, spreadsheets, presentations, blueprints, maps, texts, voice mails, etc.) in their corporate email, personal email, network drives, data systems, ECM systems, collaboration platforms, cell phones, handheld devices, copy machines, and paper files. We find most organizations have 12 to over 25 different systems to store content, with each system’s ability to index, tag, search, associate, integrate, workflow, store, and retain/dispose of content being different – due to improper configuration (setup) or gaps in functionality.

Why should this concern you?

It will only take one major breach, lawsuit, penalty, audit finding, letter from the regulators, or court order to get the attention of your board, legal department, owners/shareholders, and the press.

What is at the root of the content management problem? In regards to physical records, organizations lost 2,000 years of records management strategies overnight when the PC was introduced. Before the PC, paper files were indexed and controlled; if you didn’t return the file, the records manager would hunt you down. Once closed, files were disposed of in accordance with their retention schedules. There was a process, rules, and governance in place for most organizations.

Today, with the explosion of the different types of electronic content, volume (5,000 to 60,000+ per user – content created, inherited, and received), the number of systems storing content, and the lack of consistent governance across platforms, there is a lot to worry about. (See Why should this concern you above).

Today, for the most part, individual employees are free to delete unstructured content as they wish, use naming/index conventions they like (e.g., smif.doc-890), and write over old versions. Compounding this problem are the 2 to 30 versions of content stored in shared network drives, the tens of thousands of emails saved per user, and the content stored in collaboration platforms. Add in, for good measure, the duplicate records held in the email archive and ECM/data systems (which many times may not be deleted in accordance with records retention/disposition schedules), and that’s a lot of unmanaged content.

Efficiency studies also show that employees will spend between 5 to 15% of their time finding, sorting, routing, and tracking documents. Hundreds of thousands – to millions of dollars are wasted each year.

How should your organization respond? Here is a 6-step plan.

1. Inventory your organization’s content management systems (email, external email, electronic content management systems/platforms, systems (including data systems) that store content, digital signature tools, workflow systems, collaboration platforms, and electronic records management systems.

2. Assess your organization’s readiness to respond to a content-requested internal or external search, audit, litigation, disclosure requests, and breach. Conduct a risk assessment. Review past situations that have occurred to your company and other organizations. Why? History repeats itself. Project what could happen in the future.

3. Identify the need to update, better coordinate, re-configure, and manage your content management system(s)/ platforms. Review current IG/records management program, policies, procedures, and retention/disposition schedules; and identify need to update.

4. Assess how to better use/configure your current content management systems/platform in place (e.g., M365, Google, Shared Drives, data systems, and other CM platforms) to improve efficiency, quality, and governance. We find many of these systems and platforms have historically been been rolled out incompletely, inconsistently, and do not fully support organizational and IG needs. Update your electronic IG/records content management program, policies, procedures, and schedules.

5. Conduct an enterprise-wide study to support the development of a well-thought-out electronic content management (ECM) and IG/RIM plan, including a deployment plan for workflow to improve efficiencies, policies on how to manage data systems in place, and proper use of compliance/records management retention/disposition modules. The plan should include the identification of priorities, costs, ROI, roadmap, stakeholders, and staff responsible for rolling out changes and ongoing tasks.

6. Get started ASAP. If you would like ideas on how to move forward, feel free to reach out to me. I am happy to discuss your organization’s current situation and provide feedback and assistance. Since 1995, we at CRE8 Independent Consultants have assisted hundreds of organizations with assessment of their existing content management systems, workflow deployment, digital transformation, and IG records/content management programs. We provide specific recommendations and actions for improvement. Best George Dunn, President CRE8 Independent Consultants.

I can be reached here through our contact form, by email at, or phone at 206-556-5958. Look forward to speaking.

Comments are closed.