Here's a 350 word explanation of the premise behind Assured Federated Records Management. I am working on a longer, more explicit description.

The promise of federated records management is the ability to manage all of the records in your enterprise from within a single system, BUT, Federated Records Management solutions are destined to fail for one primary reason…

In a federated environment the master records system needs to make content in the remote systems immutable. In 95% of cases, the remote systems do not support the ability for an external system to make their content immutable, in fact most of them do not even understand the concept of immutability – take the ubiquitous file system for example. The net result is that while the master records system thinks it has made the remote content immutable there is often nothing to stop a privileged user from changing or deleting that content – without your knowledge. You are potentially losing records and you have no way of knowing that it happened – the courts are very unsympathetic if a company cannot show that they are retaining records across all systems.

The “FRM Assurance Integrity” engine accepts these inherent problems as being unavoidable. The engine runs as a background process and periodically checks the integrity of the objects in the remote systems. It is able to tell whether the remote content has been changed or deleted and notify the appropriate parties. How does this knowledge help us? We get a chance to discover and deal with the root cause – was it the intentional destruction of records, a rogue process or an over zealous system admin? We can then stop the problem re-occurring and restore records from backup if necessary. More importantly we have a rolling audit trail that shows auditors or the courts that our federated systems are working correctly.

An additional benefit of the integrity assurance engine is the ability to use not just technology for your federated records solution; you can also use manual processes. You can now use training and change control processes to stop people from changing records in systems and then reply on the assurance engine to monitor adherence to those policies.