Case study: SharePoint 2010 implementation at the Police Integrity Commission

Background

The Police Integrity Commission (PIC) had a document management system that was built in-house approximately 10 years ago. As part of an IT strategic planning exercise in 2012, a number of PIC managers identified a range of limitations with the system:

The search functionality was poor so users found it difficult to locate documents of interest.
Capturing a document was a manual process, requiring a user to enter information into a significant number of metadata fields and choose a document type (each of which was mapped to relevant classes in retention and disposal authorities). The varying quality of information entered and the difficulty users found in identifying an appropriate document type impeded the PIC’s ability to automate the sentencing and disposal of documents.
Much of the metadata captured did not have a 1:1 relation to the document, resulting in inaccuracies or lack of detail.
The system had no version control. A process was implemented to enable users to manage different versions of a document together under a single document description, however as a manual process it was prone to error.
The system was initially configured with drag and drop functionality for email messages. After an upgrade of Microsoft Office in 2010 this functionality ceased working, and users were required to first save a message locally and then drag and drop it into the system. This process discouraged users from capturing messages appropriately.
The system had generally poor capabilities for tracking internal physical dissemination of documents.

Why SharePoint?

In choosing a replacement document management system, the PIC considered SharePoint 2010 alongside two electronic document and records management systems (EDRMS). Ultimately the PIC chose to implement SharePoint for a range of reasons:

Cost – The two EDRMS considered were significantly more expensive to implement than SharePoint in terms of their licensing costs as well as development and maintenance costs.
Compatibility – The PIC uses a variety of other Microsoft products and software, including a custom case management system (CMS) based on Microsoft CRM. It was a requirement that the replacement document management system integrate with the CMS. Because both the CMS and SharePoint are Microsoft products, integration is straightforward. As part of its research into replacement systems the PIC learnt that other organisations using the same CMS had experienced difficulties integrating it with non-Microsoft systems.
Functionality – Collaboration and search functionality were identified as key attributes of the replacement system. The PIC researched the ways in which the two EDRMS had been implemented by agencies with similar functions and responsibilities, and concluded that SharePoint provided superior collaboration and search functionality.
Usability – The PIC does not want to burden users with onerous records management responsibilities. SharePoint can be configured to automate many recordkeeping tasks, such as creation of metadata. The two EDRMS considered required significant manual metadata entry by users.
Maintenance – The PIC wishes to manage its document management system in-house, rather than relying on external contractors. The PIC has two employees with experience in Microsoft development. The PIC has no in-house expertise with either of the two EDRMS considered.

SharePoint implementation

The PIC is implementing SharePoint 2010 together with RecordPoint (for records management), OnePlaceMail (for email capture) and Ontolica Enterprise Search (for enhancements to search).

SharePoint architecture

The SharePoint architecture was designed around addressing the key concerns with the existing EDRMS whilst retaining as many of the familiar concepts as possible. The core requirements of each business unit, with a particular focus on the Registry as the system owner, were identified during planning sessions at the beginning of the project, and then refined further during user testing.

The implementation consists of a single Site containing Document Libraries (which are largely hidden from users). Each document library contains Document Sets. This structure was chosen to minimise the administration of the implementation and to maximise its performance.

A new Document Set will be created for each project or piece of work commenced by the PIC (referred to as ‘matters’). For example, a Document Set will be created for an investigation into a police officer, a project to implement a replacement document management system and the management of the employment of a PIC employee.

SharePoint governance and functionality

Content Types

The PIC has defined 12 Content Types, each of which is mapped to a retention period and disposal action. The PIC decided to ‘roll up’ retention periods instead of defining a Content Type for each class of records in relevant retention and disposal authorities.

Templates

A user generally creates a new document using a template that is associated with a Content Type. Most of the metadata for a document is automatically generated, based on the information a user enters into a small number of fields in the template (e.g. the document title will be generated by the information entered into a title field) and the user’s role within the organisation.

Security

Security is generally managed at the Document Set or ‘matter’ level. By default, all matters can be accessed by all users. However, a user can request for a matter to be restricted to particular users.

It is possible to restrict access to an individual document within a matter, if required, although this is avoided wherever possible in order to simplify administration and encourage proper sharing and collaboration.

In order to support the use of search during an investigation, PIC has configured the search functionality so that a search will return all relevant documents, including ‘hits’ on documents that a user does not have access to. The search results will return a document ID for restricted documents and a user can then request access to a document if appropriate and necessary.

The PIC has also expanded the audit functionality available in SharePoint ‘out of the box’ to log data about a range of actions performed on documents. Due to the sensitive nature of many of the documents created and kept by the PIC, these logs include the details of searches performed by users.

Protection of records

The PIC has configured its SharePoint implementation so that users cannot delete documents after they have been captured in SharePoint.

If a user wishes for a document to be deleted (e.g. because it was created in error or is a duplicate) they can request the Registry to delete the document. An audit log stores data about the deleted document, including the user’s reasons for deleting the document.

Paper and physical records

The PIC operates in a hybrid environment, with both paper and digital records. SharePoint is also used to control all physical records.

A physical record is represented by a generic document that informs a user that a paper record is available and can be accessed through the Registry. If a paper record is subsequently scanned, the image will be added to the document as Version 2.

Wiki

Users will be able to use the wiki functionality of SharePoint for collaboration and discussion purposes. However documents will be captured in the relevant Document Set, not in the wiki.

Integration with email system

The PIC has implemented OnePlaceMail to facilitate the capture of email messages into SharePoint:

Users can configure their mailbox with folders which map to particular Document Sets or ‘matters’ in SharePoint. Users can then drag and drop messages into these folders and they will be captured in the relevant matter in SharePoint. Users can choose whether to copy messages (in which case a copy remains in their mailbox) or move messages (in which case the message is deleted from their mailbox).
Each time a user sends an email message, a pop up box appears asking the user whether they would like to save the message in SharePoint. If the user chooses ‘yes’, they can nominate a relevant matter number and the sent message will be captured in that matter. The PIC is currently using this functionality to promote email capture by employees. It is likely that this prompt will be disabled when the new capture method becomes an established practice within the PIC.

Integration with case management system (CMS)

The PIC’s CMS is used to track and manage complaints and investigations:

Metadata about events that have occurred in regard to a particular case (e.g. allegation received, correspondence sent to complainant etc.) is stored in the CMS. This enables users to track the progress of a case through its lifecycle within the CMS.
Documents related to a case are stored in SharePoint but accessible from within the CMS.
Search results, by default, include relevant data f

Migration of content from previous system

The PIC migrated all documents from the previous document management system to SharePoint (approximately 700,000 documents). Because the PIC designed the previous system it was able to program the migration to also include all the available metadata for each document.

The previous document management system will be retained for a period of time to ensure that the migration was successful – only IT employees will have access to the system during this time.

Change management and training

The SharePoint implementation went live in early 2013, with selected users across the organisation using it for testing purposes. This provided an opportunity for the PIC to make adjustments to the implementation in response to issues identified by users prior to the final migration.

The PIC rolled out SharePoint to all users in July 2013 at which point the previous system was decommissioned. The PIC trained all users on the basic functionality of the implementation shortly before the rollout to maximise the effectiveness of the training. This training was mandatory, with the PIC’s Chief Information Officer directing that all employees must attend. More detailed training is planned via optional sessions that target specific areas such as advanced searching and email management.

Published August 2013

Recordkeeping Advice

Case Studies

Recordkeeping A-Z