the principles
Download
Skip this Video
Download Presentation
THE PRINCIPLES:

Loading in 2 Seconds...

play fullscreen
1 / 24

THE PRINCIPLES: - PowerPoint PPT Presentation


  • 119 Views
  • Uploaded on

THE PRINCIPLES:. Compliance. Presented by: Marty McNulty, ARMA Board Member. One Reason to use The Principles.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' THE PRINCIPLES:' - huslu


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
the principles

THE PRINCIPLES:

Compliance

Presented by:

Marty McNulty, ARMA Board Member

one reason to use the principles
One Reason to use The Principles
  • New regulation of Dodd-Frank mandate new enforcement for financial, credit, investment and other organizations such as Energy Companies, Electric and Gas utilities, Chemical, Mining and Mineral, Airlines, Agribusiness, and Consumer Products.
  • Information Management, Pulzello, Fred and Bhavsar, Sonali, November 2011.
dodd frank act
Dodd-Frank Act
  • Focus on Information Governance
  • ECM Capabilities
  • Management Tools

“Dodd-Frank’s “Title VII-Wall Street Transparency and Accountability” emphasizes the principles of accountability and transparency for recordkeeping”.

  • Information Management, Pulzello, Fred and Bhavsar, Sonali, November 2011.
the principles1
The Principles
  • ARMA International’s Governance Maturity Model
  • Purpose: Provide a solid foundation for an Information Governance Structure
  • Objective: Ensure companies are meeting their operating needs, legal and regulatory obligations.
the principles2
The Principles
  • 1. Accountability
  • 2. Integrity
  • 3. Protection
  • 4. Compliance
  • 5. Availability
  • 6. Retention
  • 7. Disposition
  • 8. Transparency
how can adopting garp principles help an organization in legal matters
How can adopting GARP principles help an organization in Legal matters?
  • Adherence to the PRINCIPLES indicate how an organization is on top of its statutory and regulatory recordkeeping requirements. Overarching all this is the Principle of Compliance, which means that organizations must be sure that they are complying with recordkeeping and overall information governance requirements. In terms of “Legal matters,” compliance with The Principles should mean that the organization has a RIM program that is legally defensible, including the all-important Legal Holds policy and procedures to avoid sanctions for spoliation (i.e., the wrongful destruction of documents or evidence).
  • John Isaza is a California-based attorney and founding partner of the HowettIsaza Law Group, a law firm that specializes in electronic information governance, records management and overall corporate compliance.
compliance
Compliance:

The recordkeeping program shall be constructed to comply with applicable laws and other binding authorities, as well as, the organization’s policies.

compliance1
Compliance
  • It is the duty of every organization to comply with applicable laws, including those maintaining records. An organization’s credibility and legal standing rest upon its ability to demonstrate that it conducts its activities in a lawful manner.
  • The absence of and/or the poor quality of records may impair or jeopardize a business’s right to conduct business.
compliance2
Compliance

Duty:

  • 1. The recordkeeping system must contain information documenting that the organization’s activities are conducted in a lawful manner.
  • 2. The recordkeeping system is subject to legal requirements (i.e. tax, environmental, engineering, etc.).
steps to achieve compliance
Steps to Achieve Compliance
  • Step One: Identify the Key Stakeholders
    • Compliance – Legal and regulatory agencies and their associated staff members.
    • Legal – understand the firm’s litigation profile
    • Information Technology – understand technology infrastructure of the firm.
    • Risk Management
    • Business Unit Line Managers
steps to achieve compliance1
Steps to Achieve Compliance
  • Step Two: Gather Existing Information
    • Policies and Procedures
    • Data Maps
    • Functional Workflows
steps to achieve compliance2
Steps to Achieve Compliance
  • Step Three: Define Desired Compliance Outcome and Criteria
    • Use five level grading criteria
      • Substandard
      • Indevelopment
      • Essential
      • Proactive
      • Transformational
steps to achieve compliance3
Steps to Achieve Compliance
  • Step Four: Identify Gaps between Current and Desired Compliance Criteria-Practices
    • Use the Principles Assessment Tool
    • Conduct a Gap Analysis
    • Establish Benchmarks and/or Set Criteria
steps to achieve compliance4
Steps to Achieve Compliance
  • Step Five: Prioritize Gaps to be addressed
    • List Gaps and set priorities
    • Make them simple and clear
steps to achieve compliance5
Steps to Achieve Compliance
  • Step Six: Develop a Roadmap to the Desired Compliance Criteria/Practices
    • Determine the actions to take along a timeline to reach the desired Compliance State with the new Criteria/Practices
    • Identify/assign resources to deliver action items.
steps to achieve compliance6
Steps to Achieve Compliance
  • Step Seven: Develop a Roadmap to the Desired Compliance Criteria/Practices
    • Determine the actions to take along a timeline to reach the desired Compliance State with the new Criteria/Practices
    • Identify/assign resources to deliver action items.
steps to achieve compliance7
Steps to Achieve Compliance
  • Step Eight: Deliver New Criteria and Audit Reporting
    • Setup a Compliance auditing tool with the new criteria
    • Schedule an audit annually and measure against previous year’s compliance.
    • Report Compliance Grade and Findings
    • Submit Recommendations to close gaps and address findings.
maturity model for information governance
Maturity Model for Information Governance
  • Level 1 – Substandard
  • Level 2 – In Development
  • Level 3 – Essential
  • Level 4 – Proactive
  • Level 5 - Transformational
  • Maturity Model can be found on ARMA website at: http://www.arma.org/r2/generally-accepted-br-recordkeeping-principles/metrics/metrics-compliance
maturity model
Maturity Model
  • Level 1 (Sub-standard): This level describes an environment where recordkeeping concerns are either not addressed at all, or are addressed in a very ad hoc manner. Organizations that identify primarily with these descriptions should be concerned that their programs will not meet legal or regulatory scrutiny.
maturity model1
Maturity Model
  • Level 2 (In Development): This level describes an environment where there is a developing recognition that recordkeeping has an impact on the organization, and that the organization may benefit from a more defined information governance program. However, in Level 2, the organization is still vulnerable to legal or regulatory scrutiny since practices are ill-defined and still largely ad hoc in nature.
maturity model2
Maturity Model
  • Level 3 (Essential): This level describes the essential or minimum requirements that must be addressed in order to meet the organization\'s legal and regulatory requirements. Level 3 is characterized by defined policies and procedures, and more specific decisions taken to improve recordkeeping. However, organizations that identify primarily with Level 3 descriptions may still be missing significant opportunities for streamlining business and controlling costs.
maturity model3
Maturity Model
  • Level 4 (Proactive): This level describes an organization that is initiating information governance program improvements throughout its business operations. Information governance issues and considerations are integrated into business decisions on a routine basis, and the organization easily meets its legal and regulatory requirements. Organizations that identify primarily with these descriptions should begin to consider the business benefits of information availability in transforming their organizations globally.
maturity model4
Maturity Model
  • Level 5 (Transformational): This level describes an organization that has integrated information governance into its overall corporate infrastructure and business processes to such an extent that compliance with the program requirements is routine. These organizations have recognized that effective information governance plays a critical role in cost containment, competitive advantage, and client service.
in summary

In Summary

Compliance is the umbrella of all of The Principles. All firms are legally responsible to perform recordkeeping practices that are legally defensible and responsible. This level of compliance can be achieved by using

The Principles.

ad