Information Management
Abstract
This chapter lists the most important topics of an information management plan covering the objectives of the plan, documents, authority, security, information distribution and acknowledgement, disaster recovery, configuration control, distribution schedule, risks, standards, reports, and legal requirements.
Keywords
Information management; distribution schedule; disaster recovery; information management plan; security
Chapter Outline
Storing Information and Virus Protection
Retrieving Information and Acquisition/Modification Permits
Information, together with communication, are the very lifeblood of project management. From the very beginning of a project, information is required to enable someone to prepare a cost and time estimate, and it is the accuracy and ease of acquisition of this information that determine the quality of the estimate.
The success of a project depends greatly on the smooth and timely acquisition, preparation, exchange, dissemination, storage, and retrieval of information, and to enable all these functions to be carried out efficiently, an information system enshrined in an information policy plan is an essential ingredient of the project management plan.
As with many procedures, a policy document issued by management is the starting point of an information system. If issued at a corporate level, such an information policy document ensures not only that certain defined procedures are followed for a particular project, but that every project carried out by the organization follows the same procedures and uses the same systems.
The following list indicates the most important topics to be set out in an information policy plan:
1 Objectives and purpose for having an information management plan
2 Types of documents to be covered by the plan
3 Authority for producing certain documents
4 Methods of distribution of information
5 Methods for storing information and virus protection
6 Methods for retrieving information and acquisition/modification permits
7 Methods for acknowledging receipt of information
8 Security arrangements for information, especially classified documents
10 Configuration control for different types of information
11 Distribution schedule for different documents
13 Legal requirements regarding time period for information retention
This information management plan sets out the basic principles, but the actual details of some of the topics must then be tailored to a particular project. For example, the document distribution schedule, which sets out which document is produced by whom and who receives it, must clearly be project-specific. Similarly, the method of distribution depends on the availability of an IT system compatible with the types of information to be disseminated and the types and styles of documents produced.
Objectives and Purpose
The purpose of explaining the objectives of the policy document is to convince the readers that it is not bureaucratic red tape, but an essential aid to a smooth-running project. There is no doubt that there are numerous projects being run that do not have such a document, but in these cases the procedures are either part of another document or are well known and understood by all parties due to company custom and practice.
Types of Documents
The types of documents covered include correspondence with clients and suppliers, specifications, data sheets, drawings, technical and financial reports, minutes of meetings, records of telephone conversations, and other selected data. All these data will be subject to configuration management to ensure correct distribution and storage.
Authority
Certain types of documents can only be issued by specified personnel. This covers mainly financial and commercial documents such as purchase orders, invoices, and cheques.
Distribution of Information
Distribution of information can be done electronically or by hard copy. While in most cases the sender has the option of which one to use, certain documents may only be sent by a specified method. For example, in some organizations legal documents may be faxed but must also be followed up with hard copies by mail. Generally nowadays, most data are available electronically and can be accessed by selected stakeholders using appropriate access codes or passwords.
Storing Information and Virus Protection
Most data can be stored electronically either by the sender or the receiver, but where special measures have to be taken, suitable instructions must be given. Data must be protected against viruses and hackers and must be arranged and filed in a structured manner according to a predetermined hierarchy based on departmental or operational structures such as work breakdown structures or work areas. In some cases hard copies of documents and drawings will have to be filed physically where electronic means are not available, as, for example, on remote construction sites. Important documents such as building leases, official purchase orders, and contracts require storage space that must be both easily accessible and safe from natural disasters and theft. Special fire and waterproof storage facilities may have to be installed.
Retrieving Information and Acquisition/Modification Permits
Retrieving data electronically will generally not be a problem provided a good configuration management system and effective indexing and identification methods are in place. In many cases only certain personnel will be able to access the file and of these only a proportion will have the authority to make changes. Appropriate software will have to be installed to convert data from external sources, in the form of e-mails, faxes, spreadsheets, or other computerized data transmission processes, into a format compatible with the database in use. When handling hard copies, the method of filing documents in a central filing system must be firmly established and an order of search agreed upon. For example, the filing could be by suppliers’ names (alphabetically), by product type, by order number, by requisition number, or by date. Again, some organizations have a corporate system while others file by project. Whatever system is used, an enormous amount of time will be wasted searching for documents if the filing system is badly designed and, equally importantly, not kept up to date regularly.
Acknowledging Receipt of Information
In many cases it may be necessary to ensure that the information sent has been received and read. The policy of acknowledging certain documents must therefore be set down. A recipient may glance at a letter or scan an e-mail without appreciating its importance. To ensure that the receiver has understood the message, a request must be made to reply either electronically or, in the case of a hard copy, by asking for the return of an attached ‘confirmation of receipt’ slip. This is particularly important where documents such as drawings go to a number of different recipients. Only by counting the return slips can the sender be sure all the documents have been received.
Security Arrangements
Classified or commercially sensitive documents usually have a restricted circulation. Special measures must therefore be put in place to ensure the documents do not fall into the wrong hands. In some government departments all desks must be cleared every evening and all documents locked away. Electronic data in this category requires special passwords that may have to be changed periodically. Documents no longer required must be shredded and where necessary incinerated. It has been known that some private investigators have retrieved the wastepaper bags from the outside of offices and reassembled the paper shreds!
Disaster Recovery Systems
In light of both major natural disasters such as earthquakes and hurricanes and terrorist attacks, disaster recovery, also known as business continuity, is now a real necessity. Arrangements must be made to download important data regularly (usually daily) on disk, tape, or even film and store them in a location far enough removed from the office to ensure that they can be retrieved if the base data has been destroyed. It will also be necessary to make arrangements for the replacement of any hardware and software systems that may have been destroyed or corrupted.
Configuration Control
Configuration management is an integral part of information management. Version control, change control, and distribution control are vital to ensure that everybody works to the latest issue and is aware of the latest decisions, instructions, or actions. The subject is discussed in more detail in the chapter on configuration management, but the information policy plan must draw attention to the configuration management procedures and systems being employed.
Distribution Schedule
The distribution of documents can be controlled either by a central computerized data distribution system activated by the originator of the document or by a special department charged with operating the agreed configuration management system. One of the key sections of the project management plan is the document distribution schedule, which sets out in tabular form who originates a document and who receives it. If hard copies have to be sent, especially in the case of drawings, the number of copies for each recipient must also be stated. If this schedule is lodged with the project office or the distribution clerk, the right persons will receive the right number of copies of latest version of a document at the right time. While most document distribution will be done electronically, hard copies may still be required for remote locations or unsophisticated contractors, suppliers, or even clients.
Standards to Be Followed
Standard procedures relating to information management must be followed wherever possible. These standards may be company standards or guidelines, codes of practice, or recommendations issued by national or international institutions. The British Standards Institution has issued guides or codes of practice for configuration management, project management, risk management, and design management, all of which impact on information management. An International Standard BS ISO 15489-I-2001 ‘Information and Documentation – Records Management – Part 1 – General’ is of particular importance.
Legal Requirements
Every project is constrained by the laws, statutory instruments, and other legal requirements of the host country. It is important that stakeholders are aware of these constraints and it is part of the information management process to disseminate these standards to all the appropriate personnel. The Freedom of Information Act and Data Protection Act are just two such legal statutes that have to be observed. There may also be legal requirements for storing documents (usually for about seven years) before they can be destroyed.
Forseeable Risks
All projects carry a certain amount of risk and it is vital that warnings of these risks are disseminated in a timely fashion to all the relevant stakeholders. Apart from issuing the usual risk register, which lists the perceived risks and the appropriate mitigation strategies, warnings of unexpected or serious risks, imminent political upheaval, or potential climatic disasters must be issued immediately to enable effective countermeasures to be taken. This requires a preplanned and rehearsed set of procedures to be set up that can be implemented very rapidly. The appointment of an information risk manager will be part of such a procedure.
An important part of information management is issuing reports. A project manager has to receive reports from other members of the organization to enable him to assess the status of the project and in turn produce his own reports to higher management. Systems must be set up to ensure that these reports are produced accurately, regularly, and timely. The usual reports required by a project manager cover progress, cost, quality, exceptions, risks, earned value, trends, variances, and procurement or production status. These data will then be condensed into the regular (usually monthly) progress report to the programme manager, sponsor, or client as the case may be. Templates and standard formats greatly assist in the production of these reports and modern technology enables much of these data to be converted into graphs, charts, and diagrams, but presentation can never be a substitute for accuracy.