How should you build a strategy to address corporate archiving?
Here’s a task checklist I propose, to ensure you have all bases covered.
Setting Archiving Strategy: A Nine-Step Plan
Industry. What industry is your organization in and what regulations ( Fed, state, local) have impact? Here you can rely on inside experts (legal or compliance) or hire outside experts. Also talk with colleagues in similar industries.
Scope of Information. Determine the types of information to be archived, taking inventory of all the data types that are managed. Organize by the information by application type, data format, amount of data, location of data, etc.
Business Records. Identify your business records. These are likely to become apparent during the preceding two steps.
Retention Period. Determine how long each type of data should be kept.
Data Collection. This step begins the actionable piece of data archiving. Key questions that should be addressed are:
- How do we capture data with minimal disruption to the source?
- Do we move the data or make a copy?
- At what rate do we capture data? Continuous or periodic?
- In what format do we store data? Original format or something else?
Repository Design. How is the archive repository designed? Is it centralized or distributed? General disk storage or specialized disk (e.g. WORM, Encrypted) storage? How much storage do we need? Can the storage be easily expanded for future growth?
The End User. Important issues to consider are training, compliance, security and self-service access.
Legal Discovery. Legal will be the key user of the archive repository. How do they access the information, self service? How fast? What controls do they have for legal holds, adding metadata, tags, etc. Do they have sophisticated tools to gather all data for a single employee (custodian). What are the search tools? Fuzzy search, or simple Boolean? How do they receive the results? Can they package in a container for upload to other legal systems?
Audits and Security. What measures should be put in place to ensure no one is misusing the archive? How can people searching confidential information be identified?