I was at a client yesterday that was struggling in regards to a strategy of SharePoint or Documentum for a compliance application. Complaince is an application that involves control of many documents to insure that the correct approved documents are used at the correct time and can be confirmed during an internal or regulatory audit. For this client, one user group had already implemented a SharePoint solution, complete with Wiki’s and scanned signature pages while the enterprise standard for ECM is Documentum. TSG has a long history implementing compliance solutions for multiple clients in regulated industries. This post will debrief the discussion, present some best practices and highlight a hybrid rather than either/or approach.
Collaboration Tools are Easy, ECM is Hard
As we have discussed in other posts, giving users access to unstructured tools like SharePoint or Eroom is a great way to enable unstructured collaboration. Users feel enabled to create “sites” or “rooms”, post documents and potentially version those documents. Too often, users with small wins can generalize that “SharePoint is easy, Documentum is hard”. The real answer is that Collaboration is easy and ECM is hard. Before SharePoint, we constantly heard from users “why can’t Documentum be as easy as email” – another unstructured collaboration tool. As discussed in a previous post, using SharePoint for compliance involves moving away from a user driven collaboration application to more of a structured approach that would reduce some of the user driven perception that “SharePoint is easy”. Some points in the client discussion included:
- Search and Retrieval – When a compliance document is complete (ex: SOP), how is it distributed to the users? What consistent and key meta-data is attached to the document so that users can easily search for approved/released documents and the company can be sure that only the approved copies are relied upon? How can the company prove this in an audit situation?
- Collaboration to a Record – How does a DRAFT document become a record? How can the user initiate some action that results in the ending of collaboration and now beginning of the lifecycle of a corporate record? How can the system make sure that the appropriate record is being used and no one is relying on an unapproved copy?
- Viewing – How can users be assured that they are looking at the right copy? How can the system allow documents to be printed but ensure that those documents are only used for that day?
Documentum and SharePoint – A Hybrid Approach
With the group, we discussed ways to leverage SharePoint or other collaboration solutions with Documentum serving as the record repository. With this approach, users got the benefit of leveraging their collaborative development of documents while the overall corporation benefited from a consistent way of storing and distributing records. The approach is outlined below:
- Document is created in SharePoint or other collaborative tools. We are hoping that a standard template is used for consistency.
- When the document is ready to be approved, the user initiates an action in SharePoint to copy the document to Documentum. The user could also initiate a simple import or bulk load for multiple documents (LAN drive example) from any Documentum interface. Once in Documentum, the document is a compliance record and managed according to defined lifecycles, business processes and security.
- Documentum Index and Workflow screen is launched from SharePoint to capture structured components (index values) as well as collect workflow approval values.
- SharePoint users have access to Documentum approval from either SharePoint inbox or other interfaces. Documents receive consistent electronic signatures via Documentum Trusted Content Services.
- Once Document is approved, a PDF version is published into consistent Compliance/Regulatory Vault. As we have discussed in other posts, the vault might be outside of Documentum for business continuity, performance and licensing reasons.
- Users can search the Vault from a variety of tools including SharePoint.
- Documents include PDF Headers and footers, signature pages and real-time Watermarks (ex: use only on XX/XX/XX) for compliance, security and printed document control.
With the approach above, the company would get the benefit of multiple user created collaboration space within SharePoint or other tools but the consistency and reliability of an ECM approach for Compliance. While the team didn’t want to force the SharePoint users to leverage Documentum, they thought a best practice example with other non-SharePoint documents would help them see the benefits.