Learning How To Trust …

Before my digression last posting into a perspective on ECM systems integrators … I was describing the characteristics of trusted ECM repositories (see Step 1 – Can You Trust Your Repository?).  Picking up from there …

Since choosing the right repository or content storage location is so important, how can we objectively evaluate the repositories we have?  Use this scoring model to assess and designate your content storage options (including ECM repositories) as Trusted Content Repositories (TCRs)


Level 0 – is missing key capabilities like security, basic content services and APIs.  This category represents file shares, CDs and other relatively unsecure locations.  These environments are flexible and useful but the missing capabilities cause us to lose confidence (or trust) in the content we keep there.  Imagine building an application that delivers critical documents only to have an end-user delete the underlying files.

Level 1 – Missing key capabilities like repository governance and lineage.  This category represents SharePoint, wikis and blogs and other environments with user controlled governance.  These environments are fantastic for collaboration and are easy to deploy but are missing essential capabilities when the environment itself can’t be properly governed and secured in accordance with IT standards (including the ability to meet SLAs).  Imagine building an application that depends on critical documents only to have an end-user retire the SharePoint site that used to content the needed documents or records.

Level 2 – Missing a few key capabilities to instrument and automate workflows like event management and content federation.  This category represents most ECM repositories from major vendors like IBM, EMC, OpenText and selected others.  The missing capabilities enable us to have confidence the right documents are designed as “trusted” so they can be found, automated and consumed with confidence.

Level 3 – Has all of the key capabilities.  This is the optimal level for trusted content applications.  Only IBM FileNet P8 has all of these characteristics today.

Remember … if you can’t trust your repository you can’t trust what is in it, can you?  Critical content must be stored in Trusted Content Repositories … it’s that simple.  Next time we’ll explore what it takes to create and maintain trusted content.  In the mean time, leave me your feedback on the model.

3 thoughts on “Learning How To Trust …

  1. I could not agree more with your approach. This is what we are being asked by our customers. We are getting a lot of our customers asking us to validate their archives and develop a Information Governance plan for maintaining them. We have found that many of our customer’s archives lack the controls and are not managing the life-cycle for their content. We are finding archives with duplicates,wrong versions, and out dated content as an example. We have been working with our customers to first build a governance plan and then clean up and validated their archives based on the plan. Customers are also wanting us to build a GRC (Governance, Risk , and Compliance) plan around their content allowing them to better control and lowering risk. With that my answer to your question is that many companies out there do not trust their archives or worst they do not find out until some type of litigation and eDiscovery hits them.

  2. Concise model and excellent description, Craig. If I added anything to it, it would be a column for ‘degree of difficulty to implement.’. It doesn’t pertain to the veracity of your model, but it would highlight the effort, cost, and even liklihood of being able to address the problem within a company’s constraints. I do believe the benefits outweigh the costs, particularly when litigation is involved, but there is an order of magnitude difference between the effort required at each of the levels.

Leave a Reply

%d bloggers like this: