Step 1 – Can You Trust Your Repository?
Updated: Feb 21
Imagine building an application that delivers critical information (including documents or images) only to have an end-user delete the underlying files. This can easily happen if your reference documents live on file systems or in improperly governed environments. Unlike structured applications and databases, the users have a large majority of the control over content storage environments.
Imagine an end-user decommissioning a SharePoint team room only to have applications “break” that need to access the content that was residing in the now missing environment. This can happen when important content is stored on file systems, wikis and other systems with inadequate governance and security controls. Critical content must be stored in Trusted Content Repositories.
Some Key Actions to Take:
Evaluate your candidate content repositories to determine viability for use as a repository of record or Trusted Content Repository (TCR)
Designate Trusted Content Repositories for use in essential applications and only store critical content in TCRs.
Update operational practices to increase confidence and assurance of trusted information including a Trusted Content strategy supported by TCRs.
But how do we define what a Trusted Content Repository (TCR) is?
The following are characteristics of TCRs:
Performance, Scalability and HA/DR
Support for billions of objects and thousands of users across the enterprise.
Support for SLA levels of disaster recovery and business continuity.
Preservation and Lineage Capabilities
Confident and assured immutability of content, structure, lineage and context over time.
Interoperability and Extensibility
Support for industry leading RDBMSs, application servers and operating systems.
Open and robust APIs including support for CMIS.
Basic ECM capabilities include versioning, metadata management, classification, content-based retrieval, content transformation, etc.
Deployments can be managed and controlled to protect against information supply chain breakdowns.
Information Lifecycle Governance
Support for all lifecycle events and processes including eDiscovery and records disposition.
Security, Access and Monitoring
Controls to promote access to authorized users and controls to prevent unauthorized access.
Auditing and monitoring for all related activities.
Ability to support references to physical objects and entities.
Federation and Replication
Federation capabilities to provide a common meta data catalog across multiple repositories.
Business Process Management
Integrated business process management.
Events Based Architecture
Internal and external event support with trigger and subscription model.
All of these capaabilities are required to enable content participation to meet Information Governance requirements. Next, we’ll explore what it takes to create and maintain trusted content. In the meantime, do you agree with these characteristics?