What is document management? It seems pretty straight-forward, but many people have looked at me cross-eyed when I’ve used the term, and some have come right out and said “What do you mean, document management?”
There are many document management systems out there, both proprietary and open-source. Before I talk about systems we need to understand the process.
Document management isn’t just storing documents, its a process of reviews, approvals, storage and communication . So lets dissect these processes.
Reviews: Reviewing documentation is a key step in ensuring it’s accuracy of the content. You may not always be an expert with topic you are writing about. So when writing documentation its important to obtain feedback from the reading audience or intended users. Feedback could be someone stating that there is a step missing or could event be the document was not written in enough detail or to detailed.
Approvals: Most organizations require that policies, standards and sometimes procedures be approved. Approval is also very important, because it will help in enforcement from the top down. If an employee writes up a new procedure on how to do something and just sends it to the team, it is very unlikely that it will be implemented across all members. However if the procedure is approved by management its more likely to be implemented and used by all members of the team.
Communication: This step is where a lot of organizations struggle. How in the world can an organization expect someone to follow policies if they don’t notify the user base when one is created, modified or retired? You must communicate to the users in order to ensure that they are aware of the documents.
Storage: Last but also very important to the integrity of the documentation is how we store these documents securely, but also allow availability to the appropriate user communities. When storing company policy documents you should have a source file (normally a word document) and then a published version (normally a pdf document). The source files should be stored in a secure location restricted so that only the author and document owner have access and then the pdf should be made public to the user community that needs to read the documents.Now that you have the process, I will share some products that will help your implementation for a sound document management program.
Storing the source files can be as simple as file shares on your network with proper security controls restricting access to the shares. Microsoft’s SharePoint is also a very good solution for documentation management with a lot of features that may or may not be used. With SharePoint you can perform the entire process from reviews, approvals, communication and storing both source files and public files.
Microsoft has different version of SharePoint including a free version called WSS. With WSS you loose some features, but the entire document management process can still be performed with WSS. Another solution depending on your organization, could be utilizing your development team to develop an online document repository with a database back-end with a web front end.
There are many many systems for document management, so just do your research on the system to ensure that it supports your processes. So many times organizations buy a solution before they understand their own processes. That’s a whole other topic to blog about, but “Solutions are not always resolved with Technology”.
Cross Posted from The Securty Pub.
