Compliance Oriented Architectures

Both James Governor and James McGovern -- or is it the other way around? -- have been chatting about compliance-oriented architectures... or a way to add records management and retention management as a service to the enterprise as a whole. It should be an infrastructure component, and not require your records to be migrated to your monolithic records management system.

All I can say is, been there, done that, yawn.

I'd advise them both to check out Oracle Records Management Agents. Stellent's Records Management Team envisioned those three years ago, made them two years ago, and they are a big part of Oracle's Universal Records Management strategy.

You don't need to put your data into a records management repository to manage it like a record! You just need an "agent" that runs in your remote system -- email archiving server, file system, 3rd party CMS -- that "calls back" to the content server via SOA when specific events occur.

For example, Oracle's URM will block somebody from deleting an email from the archive if the retention policy won't allow it. Likewise, it will force a delete, if the retention policy enforces it.

If you don't want to move all your content into one single repository, fine! But you do need a single-point for defining retention policies... especially for large organizations with multiple email archiving systems.

Of course, innovative architectures are nothing new for the Stellent crew... we had SOA about eight years before there was a name for it. I guess we likewise had "COA" at least three years before anybody else knew it was important... and then there's the stuff I'm not allowed to talk about.

But, big snaps to the Stellent Records Management team... your architecture is finally being dubbed as the standard for others to follow. The names of the developers I'll protect so they don't get spammed, but they know who they are ;-)