• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

Manage your records – Manage your risks

November 8, 2013 by Secure360 and UMSA

Composition of documentsWith new types of media, formats and locations to store information and technology, records management is no simple task, and it gets more complicated all the time. Text messages, wikis, blogs, instant messages, emails and social media are all types of records that need to be managed in today’s changing workplace.

With the volume and variety of records ever-increasing and budgets staying the same, records managers need to find a model of records management execution that can meet legal and regulatory demands while keeping costs down. Many companies are overwhelmed, but setting boundaries about what can reasonably be managed on a small budget is a risky way to handle records management without a solid plan.

A risk based approach

Records managers need a simple and clear way to identify areas where more risk is probable based on critical factors that affect the company and put an emphasis on effort levels in those areas first. With an overwhelming ocean of records, prioritization is key to keeping them all managed on a budget.

Step one: Define risk

To get the best effect, records managers need to make sure they understand overall company risks and defining their own risks based on the overall objective for the larger organization. Records managers should consider legal risks, regulatory risks, financial risks, operational risks and reputational risks.

Step two: Prioritize

Put your risks in order of priority. Seems obvious, but it’s an important step in deciding where to focus the most energy and money. What is the probability that each risk will come to fruition, and if they do, how detrimental the outcome?

Step three: Mitigate risk

Each identified risk needs to have a mitigation plan in place. Understand which set of records corresponds with each listed risk and create a plan with specific procedures to follow in order to mitigate that risk. Create controls around each risk that may be in the form of policies or automated system. What controls you put in place for each risk and how you implement them will depend on where it falls on the priority list and your available resources. Don’t create an unrealistic plan, airtight in a perfect world but impossible to actually follow through with.

Step four: Assess and reevaluate

Steps one through three represent a lot of work, but that’s just the planning phase. Records managers need to measure the effectiveness of the plan, make sure it’s working and adjust policies and procedures along the way. Putting tracking mechanisms in place as you go will help to measure overall effectiveness of the program as well as show results to executives who have control over the records management budget!

Taking a risk-based approach to records management will help prioritize workflow and manage resources. The records management industry is growing and changing quickly; it may feel like the Wild West, but our approach to the changes must be systematic and thoughtful.

Filed Under: Business Continuity Management, Physical Security, Cybersecurity, Professional Development, Risk and Compliance

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Secure360 Conference
    Secure360 Conference: Spots are filling fast & you don't want to miss these benefits! Register as a #Secure360 sponsor to show off the la… https://t.co/aqNcbZ25Ek
    about 2 days ago

  2. Secure360 Conference
    Secure360 Conference: Really interesting read from our Diamond #sponsor, @Cisco! Learn how to build #resiliency through a year of change https://t.co/GTWe6a0W3A
    about 2 days ago

  3. Secure360 Conference
    Secure360 Conference: We are partnering with @cioreview for #Sec360 coming up on May 11-12, 2021. #CIOReview is a technology magazine tha… https://t.co/RD0vKU5Vrn
    about 2 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.