top of page
  • Writer's pictureCraigRhinehart

Step 1 – Can You Trust Your Repository?

Updated: Feb 20, 2022

Imagine building an application that delivers critical information (including documents or images) only to have an end-user delete the underlying files. This can easily happen if your reference documents live on file systems or in improperly governed environments. Unlike structured applications and databases, the users have a large majority of the control over content storage environments. 

Imagine an end-user decommissioning a SharePoint team room only to have applications “break” that need to access the content that was residing in the now missing environment. This can happen when important content is stored on file systems, wikis and other systems with inadequate governance and security controls. Critical content must be stored in Trusted Content Repositories.

Some Key Actions to Take:

  1. Evaluate your candidate content repositories to determine viability for use as a repository of record or Trusted Content Repository (TCR)

  2. Designate Trusted Content Repositories for use in essential applications and only store critical content in TCRs.

  3. Update operational practices to increase confidence and assurance of trusted information including a Trusted Content strategy supported by TCRs.

But how do we define what a Trusted Content Repository (TCR) is?  

The following are characteristics of TCRs:

 Performance, Scalability and HA/DR

  1. Support for billions of objects and thousands of users across the enterprise.

  2. Support for SLA levels of disaster recovery and business continuity.

Preservation and Lineage Capabilities

  1. Confident and assured immutability of content, structure, lineage and context over time.

Interoperability and Extensibility

  1. Support for industry leading RDBMSs, application servers and operating systems.

  2. Open and robust APIs including support for CMIS.

Content Capabilities

  1. Basic ECM capabilities include versioning, metadata management, classification, content-based retrieval, content transformation, etc.

Repository Governance

  1. Deployments can be managed and controlled to protect against information supply chain breakdowns.

Information Lifecycle Governance

  1. Support for all lifecycle events and processes including eDiscovery and records disposition.

Security, Access and Monitoring

  1. Controls to promote access to authorized users and controls to prevent unauthorized access.

  2. Auditing and monitoring for all related activities.

Physical Capabilities

  1. Ability to support references to physical objects and entities.

Federation and Replication

  1. Federation capabilities to provide a common meta data catalog across multiple repositories.

Business Process Management

  1. Integrated business process management.

Events Based Architecture

  1. Internal and external event support with trigger and subscription model.

All of these capaabilities are required to enable content participation to meet Information Governance requirements.  Next, we’ll explore what it takes to create and maintain trusted content. In the meantime, do you agree with these characteristics?


Post: Blog2_Post
bottom of page