THIS ARTICLE WAS ORIGINALLY PUBLISHED IN QUALITY MAGAZINE IN JULY 2015
So, let’s say you’re headhunted by a tier one oil company to lead their upstream business process in a new territory where, amongst many other demanding strategic and operational responsibilities, you will need to procure and commission a new production rig. It’s a great opportunity and you’re not going to turn it down, but how will you tackle it? Where do you start?
The answer will involve a prime contractor, layers of sub-contractors, supply chain, hundreds of engineers, specialist consultants, in house experts, great managers and some of the best people you’ve ever worked with, terrifying budgets, powerful business processes and systems and … documents. Lots and lots of documents: legal documents, regulatory documents, engineering design specifications and plans, operating instructions and processes, commercial agreements and contracts … and on and on. And on that day when the prime contractor turns up at your office and says, “We’re finished. Can we get paid?” he will need to present you with a document attesting that your rig is operational, safe and good to go.
You buy an oil rig the same way you buy a second hand car. There’s just more documents than a certificate of ownership.
Document management is a core function in many business processes from policing and social work to the oil industry, from aviation to food and beverage, from clinical laboratory management to the military. It is essential for compliance with standards and regulations from ISO 9001 to performance based regulation. In this article we’re going to take a look at the basics and the latest thinking in document management:
- Core functions of a document management system;
- Latest technologies;
- If you’re thinking of implementing a document management system, what you should consider and how to go about it.
Core Features and Functions
Document control is fundamental to compliance and quality management. But not only that, document control underpins higher GRC capabilities including safety and risk management, brand and reputation management, and the risk based model for high performance operations. Any organization that wants to pursue ambitious objectives (Governance) while avoid bumps in the road (Risk management) and acting with integrity (Compliance) needs to have a robust document control system baked into its operations.
Policies, procedures and standards, for example, need to be created, reviewed, revised, distributed, used and eventually retired effectively and safely. The right version of the document needs to be available at point of need. I came across an example recently of a large food manufacturer who regularly alters the ingredients for sauces, ready meals and sandwich fillings. If an operator uses the wrong document (recipe) the resultant wastage can be worth tens of thousands of pounds.
To be effective, your document management system needs to be able to store documents in four vaults or registers:
- Active – these documents are operational and must be distributed and available at point of need;
- Draft – these documents are work in progress and are not operational;
- Inactive – documents that are temporarily withdrawn from operational use;
- Obsolete – documents that are no longer relevant or that have been superseded.
The system must have functions to cover the entire document lifecycle:
- Change requests – the user can ask for an amendment;
- Drafting and revising – collaborative document authoring;
- Acknowledgement – the user must acknowledge receipt of an important document;
- Publishing – makes the document available to users;
- Distribution – makes the document available at point of need;
- History or associated audit trail – essential for audit.
When you think more deeply about how these functions can be implemented, you begin to see that document management cannot exist in isolation. For example, it’s not enough simply to have somewhere safe to store the document if you have no notification system to manage acknowledgements or change requests.
A modern document management system should, therefore, be seen in the context of the following essential GRC functions:
- Audit management (the auditor will need to see the correct management of policies and procedures);
- 3rd party management including competencies, suppliers and assets where relevant.
If your document management system can do this, then that is sufficient to manage basic compliance and quality. You may of course want to go further and integrate it with higher GRC capabilities such as risk management to implement an environmental or safety management system. ISO 9001 is also moving towards the risk based model for performance management.
This is 2015. We’ve been using smartphones for a decade, we’ve had the World Wide Web for more than two decades, and the Internet is nearly fifty! Surely all that has a bearing on document management? It certainly does: in particular, four big trends are very important for your document management system (and your broader GRC capability too, of course). These technology trends are often collectively referred to as SMAC:
- Social media
The impact of social media (Facebook, Twitter, LinkedIn, blogs, corporate internal social network, messaging, presence, etc.) is still indirect in relation to document management. However, users are more likely to embrace systems that reflect the effortless, enjoyable user experience that they are increasingly used to elsewhere. That means easier interactions, integrated notifications, features and space for discussions and collaboration.
Mobile is about mobilizing document management processes (i.e. document-centered business processes) so that users can access policies and standards wherever they themselves might be located. This is essential to the development of a high performance working culture and pushes the document control functions out of the office and onto the front line. For example, the employees of an airline or train operator can access and work with policies and report templates via smartphone or tablet.
Analytics is about near and real time insight for decision making, resource planning and risk management. It’s about monitoring KPIs and trends. In the context of document management, it is about monitoring and managing outstanding actions via real time dashboards. How long does it take us on average to acknowledge and implement a new safety standard? Why so slow? Which documents are most actively used? Which are the most revised? Why is that?
Cloud is possibly the most significant technology trend to impact on document management in recent years. Cloud is about scalable enterprise applications with outstanding user experience. To scale across corporate divisions or geographies you only need to distribute login credentials. This circumvents local IT costs and logistics, for example. The model used by high profile enterprise software applications such as Salesforce CRM also lends itself to document management and the benefits are similar:
- Reduced cost of IT
- Elimination of silos
- Rapid deployment and reduced time to benefit
- Increased user adoption
Aside from SMAC options and capabilities, you should seek out software that offers a great, easy, intuitive experience for users of all levels. For the system administrator this often means configurability. For example, the presence of a drag and drop forms designer. In the past, if you wanted a new report template created you probably had to go to the IT department or the software vendor and request it. Nowadays a modern document management system will include a drag and drop “forms designer” that lets you create documents and workflows quickly and easily.
What should you consider when implementing or procuring a document management system?
- Have you covered all the basics?
- Is it properly integrated with other GRC functions?
- Does your system offer modern functionality? If it doesn’t then the cost of ownership might become very high and you might not see an ROI.
- The basics are the essential functions listed above that let you manage the document lifecycle from creation to withdrawal. Essential GRC integrations are action management and probably audit (but you may also need to consider integrating third party management, asset management and competency management).
- And lastly, question the modernity of the system. Is it sufficiently interactive and collaborative? Does it offer an excellent user experience? How will you scale it across your organization? Does it offer native applications for the popular mobile operating systems iOS, Android and Windows Mobile? Does it offer good analytics and management intelligence? Is it easy to configure (e.g. does it have a drag and drop forms designer?) Is there a genuine cloud deployment option (i.e. not hosted or installed)?
Context is everything
Document management is a GRC function and, as such, is a mature technology. It is unlikely that you would procure a document management system in isolation from a more extensive compliance and risk management capability, so you should research the market for GRC technologies.
There are niche solutions for document management in engineering, financial services, banking, information security, quality, health and safety, legal, compliance and ethics, and business operations to name but a few. You will also find solutions that are modular (you buy specific capabilities separately and bolt them together) and solutions that are seamlessly integrated (you get everything at once and grow into it).
Above all it is important to think deeply about your needs, carry out internal and external research, develop a strong statement of requirements, and select the solution that is right for your organization now and in the decade ahead.