Session 17 - Joint Expedition: Information Security and Records Management Discovering and Mapping the Unknown Together

In this session, we will provide an overview of a joint Information Security and Records Management inventory project we are undertaking at the Washington State Department of Enterprise Services. This project is an extensive effort to identify and document where information is located in our agency, along with its retention requirements, privacy/data classifications, essential/vital records and disaster recovery needs, and security requirements.

While this began as a Records Management effort, it quickly became apparent that Information Security could add valuable insight and information to the inventory, and, in turn, could benefit from the information Records Management was gathering. The resulting joint project is a prime example of how records management, information security, and IT, need to work together in order to fully understand and grapple with the complete universe of information within our organization, while still accomplishing our own individual responsibilities around information control.

We will discuss the project background and how it morphed into the encompassing scope it has now, our approach and lessons learned, the intended outcome(s), the tools we are using, and the overlap between information security and records management goals.

This session will provide a real-world example(s) of how our organization dealt with the ever-overlapping worlds of privacy/information security/records management, as well as how we used an off-the-shelf tool to do so.

Target Audiences: Federal, State/Tribal, Local, Public Institutions of Higher Learning

Focus Areas: Records Management, Technology/Tools

Presenters: Rachel Thompson, Records Manager/Officer, Washington State Department of Enterprise Services, and Paula Leap, Information Security Operations Specialist, Washington State Department of Enterprise Services