The types of documents covered include correspondence with clients and suppliers, specifications, data sheets, drawings, technical and financial reports, minutes of meetings, records of telephone conversations and other selected data. All these data will be subject to configuration management to ensure correct distribution and storage.

Certain types of documents can only be issued by specified personnel. This covers mainly financial and commercial documents such as purchase orders, invoices and cheques.

Distribution of information can be done electronically or by hard copy. While in most cases, the sender has the option of which one to use, certain documents may only be sent by a specified method. For example, in some organizations legal documents may be e-mailed or faxed but must also be followed up with hard copies by mail. Generally nowadays, most data are available electronically and can be accessed by selected stakeholders using appropriate access codes or passwords.

Most data can be stored electronically either by the sender or the receiver, but where special measures have to be taken, suitable instructions must be given. Data must be protected against viruses and hackers, and must be arranged and filed in a structured manner according to a predetermined hierarchy based on departmental or operational structures such as work breakdown structures or work areas. In some cases, hard copies of documents and drawings will have to be filed physically where electronic means are not available, as, for example, on remote construction sites. Important documents such as building leases, official purchase orders and contracts require storage space that must be both easily accessible and safe from natural disasters and theft. Special fire and waterproof storage facilities may have to be installed.

Retrieving data electronically will generally not be a problem provided a good configuration-management system and effective indexing and identification methods are in place. In many cases, only certain personnel will be able to access the file and of these only a proportion will have the authority to make changes. Appropriate software will have to be installed to convert data from external sources, in the form of e-mails, faxes, spread sheets or other computerized data transmission processes, into a format compatible with the database in use. When handling hard copies, the method of filing documents in a central filing system must be firmly established and an order of search agreed upon. For example, the filing could be by suppliers’ names (alphabetically), by product type, by order number, by requisition number or by date. Again, some organizations have a corporate system, while others file by project. Whatever system is used, an enormous amount of time will be wasted searching for documents if the filing system is badly designed and, equally importantly, not kept up to date regularly.

In many cases, it may be necessary to ensure that the information sent is received and read. The policy of acknowledging certain documents must therefore be set down. A recipient may glance at a letter or scan an e-mail without appreciating its importance. To ensure that the receiver has understood the message, a request must be made to reply either electronically or, in the case of a hard copy, by asking for the return of an attached ‘confirmation of receipt’ slip. This is particularly important when documents such as drawings go to a number of different recipients. Only by counting the return slips can the sender be sure that all the documents are received.

Classified or commercially sensitive documents usually have a restricted circulation. Special measures must therefore be put in place to ensure the documents do not fall into the wrong hands. In some government departments, all desks must be cleared every evening and all documents locked away. Electronic data in this category requires special passwords that may have to be changed periodically. Documents no longer required must be shredded and where necessary incinerated. It is known that some private investigators have retrieved the wastepaper bags from the outside of offices and reassembled the paper shreds.

In light of both major natural disasters, such as earthquakes and hurricanes, and terrorist attacks, disaster recovery, also known as business continuity, is now a real necessity. Arrangements must be made to download important data regularly (usually daily) on disk, tape or even film and store them in a location far enough removed from the office to ensure that they can be retrieved if the base data has been destroyed. It will also be necessary to make arrangements for the replacement of any hardware and software systems that may have been destroyed or corrupted.

Configuration management is an integral part of information management. Version control, change control and distribution control are vital to ensure that everybody works to the latest issue and is aware of the latest decisions, instructions or actions. The subject is discussed in more detail in the chapter on configuration management, but the information policy plan must draw attention to the configuration-management procedures and systems being employed.

The distribution of documents can be controlled either by a central computerized data distribution system activated by the originator of the document or by a special department charged with operating the agreed configuration-management system. One of the key sections of the project-management plan is the document distribution schedule, which sets out who originates a document and who receives it in tabular form. If hard copies have to be sent, especially in the case of drawings, the number of copies for each recipient must also be stated. If this schedule is lodged with the project office or the distribution clerk, the right persons will receive the right number of copies of latest version of a document at the right time. While most document distribution will be done electronically, hard copies may still be required for remote locations or unsophisticated contractors, suppliers or even clients.

Standard procedures relating to information management must be followed wherever possible. These standards may be company standards or guidelines, codes of practice or recommendations issued by national or international institutions. The British Standards Institution has issued guides or codes of practice for configuration management, project management, risk management and design management, all of which impact on information management. An International Standard BS ISO 15489-I-2001 ‘Information and Documentation – Records Management – Part 1 – General’ is of particular importance.

Every project is constrained by the laws, statutory instruments and other legal requirements of the host country. It is important that stakeholders are aware of these constraints and it is a part of the information-management process to disseminate these standards to all the appropriate personnel. The Freedom of Information Act and Data Protection Act are just two such legal statutes that have to be observed. There may also be legal requirements for storing documents (usually for about 7 years) before they can be destroyed.

All projects carry a certain amount of risk, and it is vital that warnings of these risks are disseminated in a timely fashion to all the relevant stakeholders. In addition to issuing the usual risk register, which lists the perceived risks and the appropriate mitigation strategies, warnings of unexpected or serious risks, imminent political upheaval or potential climatic disasters must be issued immediately to enable effective countermeasures to be taken. This requires a preplanned and rehearsed set of procedures to be set up that can be implemented very rapidly. The appointment of an information risk manager will be part of such a procedure.

This method includes such techniques as structured interviews, direct observation, discussion groups. Much depends on the skills of the interviewer or discussion leader who must retain an open mind and not ask leading questions. Advantages include high-response rates and the ability to explore in greater depth after an initial analysis.

This covers questionnaires sent by mail or e-mail, telephone surveys, sample surveys based on a large number of participants, etc. Such surveys, which take into account age, ethnicity, income bracket and geographical location are often used by governments, academic researchers, retail businesses and manufacturers. The results of such surveys can affect policies and marketing strategies.