Chapter 7. The Purpose of Policies and Procedures
Laying the Foundation of IMC
[T]he Court concludes that Bank One breached its duty to preserve documents by failing to establish a comprehensive document retention policy with the appropriate scope and by failing to properly disseminate the policy to its employees.
Larson v. Bank One Corp., 2005 U.S. Dist. LEXIS 42131 (N.D. Ill. Aug. 18, 2005)
In the case mentioned above, the company failed to create adequate policies for the preservation of evidence related to litigation, and as a result, the jury was specifically instructed about its wrongdoing. There have been countless other cases where organizations paid a price simply because they did not invest the time and money required to create a set of policies and procedures adequate to address their Information Management needs. Policies and procedures don't need to be complex—in fact, often the simpler they are, the better.
Policies and procedures are the management tools that an organization uses to codify and communicate its approach to Information Management. They serve a variety of legal, compliance, operational, and business purposes. And, in the context of IMC, they provide the criteria that the program itself must comply with.
The Difference between Policies and Procedures
Policies and procedures work together to provide a two-tiered set of directives and guidelines. While policies provide a high-level articulation of an organization's position on particular issues, procedures bring ...
Get Information Nation: Seven Keys to Information Management Compliance, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.