Respondents of ARMA International's April 2009 Records Management survey (ARMA International members and information professionals) were asked to analyze their organizations' total information management landscape in order to get a snapshot of current information practices as they relate to general management, policies and procedures, information management training, information technology and legal and compliance.

Organizations see proper information management, including data security and data privacy, as important aspects of the organization's core function. Key policies and procedures are being created to address these issues. Organizations are also increasingly turning to ARMA International's standards and best practices as they develop these policies.

It's also encouraging to note that 73% of boards or comparable high-level executive teams have approved an information management policy statement that obligates all employees to create and maintain records in accordance with the organization's stated requirements.

But the News Isn't All Good
Organizations seem slow to adopt enterprise-wide training programs that are at the heart of ensuring compliance with information management policies and procedures. Managing and protecting information is a crucial part of business as it helps to keep costs and risks low and competitiveness and compliance as priorities.

It is an organization's responsibility to provide the training necessary to ensure employees are aware of policies and procedures related to the information they manage. Still, only 25% of organizations train their employees on individual roles and responsibilities for managing records and information. More than one-fifth of respondents said their organizations do not train employees about data security or protection of sensitive data, even though 87% of those same organizations rate data security as an important issue, with 91% placing a high priority on securing client data and personally identifiable information.

For those organizations that do offer training, a majority do not cover many of the important and legally discoverable issues, including instant messaging (78% not covering), voicemail (72%), removable storage devices (58%), wireless hand-held devices (69%) and text messages (77%).

Legal Discovery Still an Issue
High-profile judgments against well-known companies have punctuated the notion that companies have an obligation to preserve email and other records that may be necessary for litigation.

Only 25% of organizations feel very confident that they could respond appropriately to a legal discovery request. Not surprising, given that 61% of respondents say their organizations do not monitor employee adoption and adherence to records and information management policies and procedures.

The evidence is clear; it's time for organizations to step up and tackle the information management challenge. Paying lip service to the importance of information management isn't enough. It's time to monitor adoption and educate and train employees for information management excellence.

Marilyn Bier is the executive director at ARMA International (, a not-for-profit professional association and an authority on managing records and information. Formed in 1955, ARMA International is the oldest and largest association for the records and information management profession with a current international membership of more than 11,000.