Summary of MGI Policy Renewal Consultations, August 30, 2006

Managing IM in the Context of Program Delivery

Senior management must provide three elements to support IM policy implementation: clear direction and objectives, tools and resources, and incentives.

Much greater direction is needed from the Treasury Board Secretariat (TBS), with Deputy Ministers (DMs) involved. Program Heads must understand the program's business needs and IM's benefits for the business. They need to know how to determine which records to keep, work from an IM perspective, and comply with legal and policy requirements. They should also be mindful of issues such as storage space, migration, and access to information.

Resource requirements and availability are key issues for Program Heads, in terms of upgrading infrastructure as well as implementing IM policy. Other issues are ability and guidance to manage information and the new technology. Therefore, tools must be user-friendly and meet user needs, new obligations must come with the necessary resources, and IM and Information Technology (IT) must emphasize relationship building with one another.

Incentives include value added to the business process; greater communication, education and training for all managers and staff on IM technology and policy as well as how to incorporate IM in the business process; and realistic implementation in terms of the behavioural and cultural change involved. Performance-based evaluation should allow room for growth, improvement, and continual evolution, monitoring, and auditing.

Management of E-records

Automation has often fallen short of expectations. Without first automating IM program requirements, departments often prematurely eliminated secretarial and other support staff positions that were handling those requirements. At the same time automation eliminated existing robust records managements systems. Managers and program delivery officers were then expected to manage information without proper tools or a good understanding of their obligations. As a result, there is currently a great deal of information stored in emails, hardcopy files, shared folders, and personal folders, making it very difficult to find information.

Programs now recognize the need to return to fundamentals, and the importance of ensuring that automation gives value added to business processes. With respect to the management of e-records, the program level must do the implementation, with the enterprise level providing technical support. However, guidance and direction must come from a higher level.

Every department is facing the challenge of having to scan numerous hardcopy documents. One suggestion is to keep records that only include titles and references to indicate where the documents can be found.

Risk Management

Programs must prioritize IM needs with other requirements. Legal requirements come first, followed by policy requirements, then operational requirements. Program Heads must clearly understand the policy and direction. They also need tools, an accountability framework, and consequences. Departing staff should be required to remove all personal information and leave behind corporate records.

Risk management relates to how to market or "sell" IM to an organization. Organizations should present IM as part of their business and as an integrated solution that helps managers fulfill operational requirements more effectively as well as meet policy and legal objectives. IM needs to be a visible part of the corporate profile. It must continue to fulfill requirements and undergo ongoing assessment

IM solutions must become more user-friendly. Managers must see their value added, how they help people do their jobs better and use information better, facilitate information exchange for collaborative work, etc.

Behavioural and cultural change is needed. Employees need training on both the software and its use in the context of the program's business. IM staff who know the business are better positioned to find IM solutions. Business and process owners should also know how to solve problems via IM.

Duty to Document

Organizations need clear implementation-level guidelines. TBS must provide basic guidelines on what to document, and organizations must make organization-specific decisions, incorporating legal requirements and risk management up front. The ability to recover a document is critical. Organizations must also consider the risk of abuse in delivering the programs.

Documents that explain a significant decision, including online consultations and BlackBerry messages, must be kept, especially those involving impact on the public. However, a draft sent out for comments may later be shredded or so dramatically changed that keeping it poses a risk of potential damage. To avoid information overflow but ensure needed information is retained, the cut-off must be clear.

Organizations need ongoing assessment of the decision to document and the context of that decision. Senior management must identify the level of responsibility. All levels require clear guidance, communication, and assessment methods.

The five-year plan should be an aggressive plan that is done intelligently, without overreacting to the recommendations of the Gomery report. Managers must ask whether automation is necessary and how best to automate each task.

Program Heads asked whether the government archival mechanism should be done collectively via joint partnerships.

Consequences for Non-compliance

Consequences should be clear and specific at every level, and applicable to TBS as well.

TBS must give departments sufficient implementation time before applying consequences, and it should be aware of the risk of overreaction to avoid consequences.

Departments need a clear implementation plan. It should specify a point in time to begin retaining records, provide instructions for dealing with older records, and consider the cost and usefulness of different types of information when determining which records to retain and their retention schedules.

All departments should use a performance-based approach with clear guidance and standards on applying consequences. Tying compliance to employee performance evaluations may not be effective. An effective consequence would be to remove the responsibility and authority for IM from the non-complying department. TBS should bring in an outside body to manage IM and the department should bear the entire cost. TBS should also provide the department with a more prescriptive approach on staff training and other IM-related functions.

Departments should review item 7.2 in the Draft Policy. The issue of taking action to "suspend Disposition Authorities" needs further discussion.

Also emphasize incentives and rewards, such as showcasing, documenting best practices, and offering opportunities for training and sharing. Look to human resources and financial management for additional ideas.