Though digital transformation has solved many document issues, eradicating risk hasn't been a natural consequence of the migration to paperless. In fact, digital documents present many of the same risks as their predecessors, when they aren't managed correctly. Furthermore, mismanaged workflows around digital documents can lead to significant costs — essentially, the panic-inducing sight of teetering stacks of paper around the office is replaced by the panic-inducing knowledge that your organization’s documents are stuck in a nasty workflow in an unwieldy system.
What are the risks?
Document management takes a remarkable amount of IT workers' time, which translates to dollars lost.
Poor version control — which allows for lost or changed clauses and brand inconsistency — creates both legal and brand risk.
Compliance and security risks, including audit failure, ransomware and data theft, abound.
Each type of risk — from legal to reputational to financial — bleeds into the next. Reputational risks are financial risks, financial risks may be legal risks, and so on. So how can you combat the many document-related risks still present within your organization despite those shorter paper stacks? It's not just about finding the right software to assist you; you have to change your processes and your organization's collective state of mind. Fortunately, there's no better change agent than an informed IT team.
Following these four steps should allow you to create a better representation of your organization's document hierarchies and workflows over time, to fill the gaps and work toward reduced risk.
Version control demands viewing access: every internal team member who touches a document should be able to see the current version and revisions, on all appropriate devices (within reason). Your legal department, for example, will need to be able to revert to a previous version when necessary. Ideally, information about that reversion would be displayed to the next team member involved in the workflow.
Create strict policies around version control, including naming convention, the number of revisions allowed within a given workflow, role-based access rules and final signoff requirements. To do this properly, consider getting input from every team member involved in document workflows, as well as from key stakeholders like legal teams, even if they're not involved in the movement of a particular document type.
With a document structure that reflects your org chart and workflows in addition to strict naming conventions, your colleagues will be able to locate documents on their own, without wasting their time or yours.
Again, work with every stakeholder to define this structure. Then outline the structure and naming conventions in accessible, widely distributed, well-written policies and SLAs. Also bear in mind that any file system or document structure you create should be based on UX. Especially for an increasingly mobile workforce, a positive user experience has a major impact on adoption.
Finally, be sure to build out a way to measure outcomes. Track current time spent, then set goals and measure against them once your system is in play.
The security of constant sync to the cloud can’t be paralleled with an on-premise solution. Because you need to spend time maintaining an actual infrastructure, you may not have time to monitor and remediate when issues arise. With guaranteed cloud backups, you have a helping hand and a form of protection against ransomware. If you aren't ready to migrate to the cloud, though, you should still work toward enacting extensive security policies regarding your data. Consider a detailed vulnerability assessment that includes information about document access in order to get started.
The last best practice to institute as you embark on a risk mitigation effort is to make audits easy. Create (or oversee the creation of) a checklist with the documents required for compliance at the top. Include document location information for each. Detail who has access to what, and test those details. Detail how they access the information. Detail naming conventions, and the version control through a workflow (if any) that is associated with each document.
Make the checklist completely accessible to all teams, so everyone knows how to pass an audit. Finally, ensure your audit plan recommends running through the checklist on a regular basis, at one month intervals.
Mitigating risks that are caused by poor document management means replacing the bad with the good. Start from the beginning — with a conversation with key stakeholders in your biggest revenue generating document workflows. From there, use the best practices outlined above. You'll be well on your way to helping every department achieve its goals, from compliance to closed deals, all through IT management.
About the Author
Dr. Antonis Papatsaras takes tech to new levels at SpringCM. He's translated his 15 years of experience in massive cloud infrastructure, highly available and scalable architectures, very high volume ingestion, and Artificial Intelligence into smart strategies and projects that put the SpringCM cloud platform in a class by itself. Before he joined SpringCM, Antonis was Director of Software Engineering at Autonomy and Interwoven, as well as VP of Software Engineering at Discovery Mining. You can follow Antonis on Twitter at @anton1s.