Enterprise content management (ECM) has evolved from an obscure pursuit to a mainstream concern. This growing interest in the concept, along with the steady evolution of its accompanying tools, has made significant contributions in moving forward the information governance initiatives of many IT shops. But, as with most things in the technology world, the advantages created by some of these tools can create disadvantages as well.
Modern-day ECM is a holistic strategy designed to manage unstructured data. Structured data largely resides in databases and is managed through classic business intelligence and data warehousing strategies. Unstructured data, commonly contained in Web content, emails and contracts, has long presented management problems because it's inherently fluid and random. The good news is compliance executives are finding enterprise content management tools and strategies to be effective solutions for many of these problems.
According to Stamford, Conn.-based consultancy Gartner Inc., ECM suites must have the following core components: document management, document imaging, records management, workflow, Web content management and document-centric collaboration.
The early days of enterprise content management
From a compliance perspective, the roots of modern-day ECM grew from document management systems like FileNet, a company eventually acquired by IBM. Popular in the late 1980s and early 1990s, document management systems fell into one of a handful of categories: imaging, workflow, change management or archival. The promise of the paperless office drove the development of technologies around document imaging and workflow management. Point-in-time requirements and collaborative content creation brought solutions around version control and change management, although compliance has always been a driver for such things as archiving and retrieving corporate records. In the beginning, these were all separate software offerings that the compliance officer needed to integrate manually in order to realize their full potential.
Eventually, FileNet and others integrated these separate components into product suites, largely for marketing purposes. At first there was no true integration of functionality, only separate software products packaged as one. This offered the compliance officer one competitive price point and one point of contact, but he still had several individual software components to manage. The need for bundled solutions became more apparent over time as vendors increasingly integrated individual components.
The forces that created enterprise content management
Almost 10 years ago, three factors emerged that would push corporate compliance initiatives and products to new levels: egregious scandals causing increased oversight, an information explosion and merger mania.
Starting with the corporate scandals at Enron, Tyco, WorldCom and others, which brought about the Sarbanes-Oxley Act and the creation of the Public Company Accounting Oversight Board (PCAOB), the rules of compliance changed forever. With Sarbanes-Oxley's emphasis on internal control, compliance requirements took an increased interest in workflow and business process management (BPM).
Although existing document management solutions had workflow offerings, the industry needed something more robust, and so proper business process management resurged as a major concern. It was clear that standalone products were no longer adequate. To meet those concerns, BPM had to be tightly coupled with records management and imaging in order to establish proper evidence management.
The information explosion exacerbated the existing compliance pressures caused by the scandals. Corporations were not only dealing with increased oversight, but they were also tackling the flood of unstructured information pouring into their shops through emails and, more recently, instant messages.
This explosion posed new challenges for lawyers, and e-discovery became a critical focus of compliance functions. Trying to harness the sheer volume of data also continued to create major challenges for the IT department, which further highlighted the importance of tighter integration among technology and compliance professionals.
Last, but not least, was the flurry of merger mania that ensued among enterprise content management vendors. Medium-sized companies acquired smaller companies, and larger companies acquired medium-sized companies. The aftermath of this acquisition frenzy has left only megacorporations on the ECM playing field, including Microsoft, with its SharePoint solutions; Oracle Corp., with its Universal Content Management; EMC, which now owns Documentum; and IBM, with its handful of ECM-related acquisitions during the past several years.
Compliance officer as trusted advisor
The evolution from document management system to ECM suite involved the inclusion of Web content management and documentcentric collaboration, two critically important elements as compliance concerns increase in complexity. These two elements had a positive impact on most corporate compliance initiatives because they helped elevate them to the enterprise level. This gave upper management the reason it needed to apply enterprise-level resources to the problem. They also guaranteed that compliance officers would be involved with selecting the best overall solution.
The downside to this evolution is that ECM software has generally become less "niche" and more mainstream. This means no longer are there vertical solutions that cater to specific compliance needs. In order to accommodate a more mainstream approach, some of today's ECM suites can actually include some core functional requirements. Do not allow this to happen.
The best course to follow is to create win-win situations. While control of your software may be surrendered to a higher echelon, there's no reason to sacrifice your functionality for the greater good of the company. It's easy to have both, but you must know your basic requirements. In all likelihood, you will need an ECM suite that is strong in records management, imaging and workflow. If you cover these needs, you should end up with an effective compliance solution -- with the added bonus of someone in the C-level suite picking up the tab.
John Weathington is president and CEO of Excellent Management Systems Inc., a San Francisco-based management consultancy. His clients include Fortune 100 firms such as Sun Microsystems Inc., Cisco Systems Inc. and eBay Inc.