Challenges in digital information management
Taking a proactive approach can improve the accessibility, authenticity, accuracy, and efficiency of information management.
Challenges in digital information management
Information Management (IM) is the ‘planning, collection, control, distribution and exploitation of information resources within an organisation, including systems development, and disposal or long-term preservation’.
AS ISO 5127:2017, section 3.2.1.23
Information management (IM) is the process of planning, collecting, controlling, distributing, and using information resources within an organisation. This includes developing systems and deciding how to dispose of or preserve information long-term.
Effective information management means planning, designing, and putting in place processes and structures to handle information from its creation to its destruction or preservation. However, the world of digital information management is always changing, so it’s important to keep adapting.
Digital information can be stored on-site, outsourced, or is cloud-based, and it comes in different formats and uses various applications and systems. Over time, some of these formats and systems can become outdated. Therefore, ongoing monitoring, evaluation, and upgrades are necessary to tackle information challenges.
Taking a proactive approach can improve the accessibility, authenticity, accuracy, and efficiency of information and data.
Common issues
Common issues associated with managing digital information include:
- Outdated systems: Regularly update systems and applications to keep them current.
- Data accessibility: Ensure that information is easy to access for those who need it while keeping it secure.
- Data accuracy: Use checks to verify the accuracy of information regularly.
- Overload of information: Develop clear guidelines on what information to keep and what to discard to avoid retaining unnecessary information.
- Integration issues: Ensure that new systems work well with existing ones to improve workflow.
- Cultural resistance: Foster an organisational culture that values effective information management and encourages training.
A combination of these solutions may be needed, or perhaps only 1 or 2 will suffice.
Consider how these strategies will impact:
- the organisation’s culture
- the systems and technology in place
- financial limitations
- potential risks and implications for the organisation
By addressing these challenges, organisations can enhance their information management practices and improve overall efficiency.
Tips for identifying inefficient information management practices
Some users are still using old systems to double-check information. This might be because they don’t trust the new systems, or because some of the data didn’t fully move over from the old system.
There hasn’t been a clear decision about when to stop using the old systems. When tasks or responsibilities shift from one agency to another, it’s considered an administrative change.
Suggested solutions:
Review how users are using the old system: Look at how users are interacting with the old system to figure out what information they still need. This can help when talking with the business about when to stop using the system.
Before moving to a new system: Before switching to a new system, make sure you know what records, information, and data are necessary for ongoing business operations. Include enough details about the data (called metadata) when planning the migration and making decisions about the new system. This will help make sure that the data is trustworthy and properly transferred.
If the old system can’t be stopped yet: If the old system can’t be turned off, create a plan to manage it. This should include how to monitor and review it. Regularly get rid of outdated records or send them to Museums of History NSW, as required by law. Remove any unnecessary duplicates of records following normal administrative procedures (NAP) under the State Records Regulation. Also, create policies to guide staff on when and how to use the old system.
If the system is no longer being used: If the old system is inactive or no longer being used, check with legal, governance, ICT, and business units to see if it's possible to officially turn it off. If the data is still needed, look for ways to move it to new storage, either online or offline.
Example: The growing use of different business platforms and apps is making it harder to track, monitor, share, and store information properly.
Staff use various systems, like Microsoft 365, Jira, Confluence, Slack, social media, and email. They save information on different places, such as their desktop, shared drives, or cloud systems like SharePoint.
Suggested solutions:
Know what information is needed and where it is stored: Understand what information is important for delivering services and where it is located. Be clear about how long you need to keep the information and when it should be thrown away.
Make sure everyone understands important business processes: Make sure the team knows what information is needed for high-risk or high-value (HRHV) business tasks. Set up strong rules for managing this important information.
Create a list of where information is stored: Keep a record of where all information is saved, as part of your information asset register. This helps you stay organised.
Stay updated on system changes: Keep an eye on any updates or changes to systems so you know how they might affect business and information flow. Monitor the use of new systems or apps and make sure you manage any changes that affect information.
Use tools to bring information together: Set up tools or processes that collect the information needed for decision-making or client management. This will help reduce duplication of work and information. If possible, try to combine information from different systems.
Avoid separate data silos: Don’t let data get stuck in different systems where it can’t be easily accessed or shared.
Create clear rules for using different platforms: Set rules for how to use different platforms and store information. Teach users the best ways to label and organise records so information is easy to find and manage.
Example: Staff can’t find the information they need because too much data is stored in different places and not well organised.
Suggested solutions:
Look at the data in storage: Review the data stored in different places and check requests for information (like GIPA) to understand what makes it hard to find and get the right information. Then, create solutions to fix these problems and keep checking to see if they are working.
Use good metadata practices: Set up clear rules for managing data with metadata (information about the data) so it can be tracked and organised better.
Choose the right systems when buying new ones: When choosing new systems, make sure they can protect important information and manage it properly. The system should be able to automatically delete data that is no longer needed, following rules about how long data should be kept.
Get rid of unnecessary data regularly: Dispose of data that’s no longer needed for business purposes, and that is allowed to be destroyed using the right rules. Keep checking the data to make sure the right rules have been applied and use tools to help find and remove duplicate files.
Use search tools to find information easily: Use search technology to make it easier to find and access information across different systems.
Set clear rules for managing data: Create clear policies about how data should be created, stored, and deleted. Train staff on how to capture and manage records correctly, following the rules for each system. For example, explain where files should be saved (on shared drives or content management systems) and how to name them.
Example: Staff don’t always understand the need to keep some high-risk or high-value (HRHV) information after it’s no longer actively used in the business.
Suggested solutions:
Create strong information management plans: Develop clear strategies for managing HRHV records, data, and information to make sure it stays useful and easy to access.
Include retention rules in system migration plans: Make sure there are rules about how to keep HRHV information when moving to a new system. This ensures the important data is handled properly during the switch.
Document important information and its connections: List the critical information and data across the organisation, along with any systems or technology that depend on this information.
Raise awareness about the importance of HRHV records: Make sure staff and stakeholders understand that HRHV records are vital for meeting business, legal, and community needs, even after they are no longer actively used.
Understand the systems used across the organisation: Identify the different systems used in the organisation, especially the core ones, and understand that losing information or access in one system can affect other systems and operations.
Follow retention and disposal rules for HRHV data: Make sure the organisation applies the correct rules for keeping and disposing of HRHV information. This will help the organisation meet business, client, legal, and community needs.
Suggested solutions:
Limit access to authorised personnel: Make sure only authorised people can access important data. Regularly check and update access controls to prevent mistakes, like accidental changes or deletions.
Monitor data regularly: Keep track of data to make sure it’s being kept, disposed of, and secured correctly. Get rid of information that is no longer needed for business and is allowed to be destroyed.
Review business systems: Check if there are any old systems (legacy systems) that could be turned off. These systems can be a security risk, making the organisation vulnerable to data breaches or leaks.
Review cloud services for data security:
Look at how records and data are stored in cloud services. Make sure extra security measures are put in place if needed.
Set up a governance framework for security: Create a framework that helps manage and control information security across the organisation.
Work with ICT and cybersecurity teams: Collaborate with the ICT (Information and Communications Technology) and cybersecurity teams to ensure that the right policies, procedures, and monitoring systems are in place to stop data breaches or leaks.
Train staff on cybersecurity: Make sure staff are trained on how to protect data, understand security threats, and follow the organisation’s security policies and privacy laws.
Suggested solutions:
Identify and manage important business information: Find and protect the business information that adds long-term value. Set up systems that help manage both short-term and long-term important information.
Use the Records Management Assessment Tool (RMAT): Complete the RMAT to help plan and justify the way information is managed in the long term.
Work with corporate governance to address information requests: Engage with corporate governance teams to understand the challenges in meeting information requests (such as GIPA or standing orders) and how to handle them.
Regularly get rid of unnecessary information: Remove information that is no longer needed for business and is allowed to be destroyed.
Promote understanding of high-risk, high-value information: Encourage the whole organisation to understand the importance of high-risk or high-value information that is essential for the business.
Use change management strategies: Introduce strategies and training that help create a company culture that values good information management practices.
Don’t use backup systems for long-term storage: Avoid using backup systems to store records or information long-term. Backup systems are meant for short-term use to restore data, not for storing information for a long time.