Yet another aspect of compliance is about to loom large on the chief information officer (CIO) agenda.

Recent changes to Federal rules of civil procedure governing lawsuits in the US will have big implications for UK CIOs who also operate Stateside.

The procedure raises questions about how an organisation handles electronic evidence and ­ alongside other legislation ­ requires companies to be able to locate relevant information wherever it is stored.

Software that is used to automate the so-called e-discovery process is starting to arrive on the market.

Eventually CIOs will be able to look to a single system capable of automating the whole spectrum of consolidated archiving, analytics and real-time policy management.

E-discovery software could best be described as being a linguistics engine with specialist tools that analyse words and the construction of phrases and sentences in stored, unstructured text files.

Such applications are fronted by a deliberately simple user interface, so that any business user could carry out searches in natural language. E-discovery software is ultimately capable of searching and discovering information held, not only in documents and applications, but in voice and video records as well.

Regulatory and judicial bodies recognise the area is enormously complex. The unique characteristics of electronic data, compared with paper records, present unprecedented challenges for the CIO.

But start to examine electronic information and records management from the three different perspectives of legal, records management and IT, and it quickly becomes clear that software tools are only part of the issue.

Obligations of the litigation process ­ such as the duty to preserve information that is, or may become, discoverable ­ differ greatly from the operational needs of data storage, where data deletion and destruction is a real and acceptable stage in the information lifecycle.

The Sedona Guidelines, Best Practice and Commentary for Managing Information and Records in the Electronic Age, is a good starting point for anyone wanting to familiarise themselves with the extent of the problem.

CIOs will require a practical, flexible and scalable approach to address the differences in an organisation’s business needs, its operations, the IT infrastructure and emerging regulatory and legal responsibilities.

For some, such an approach could favour a centralised function for compliance, while others may opt to delegate significant responsibilities to individual employees, before turning on automation to identify and maintain records.

But for now it is clear that no single standard or model will fully meet an organisation’s information and records management policies and procedures.

Nick Kirkland is managing director of CIO Connect, a leading forum for chief information officers and chief executives

The debate over whether or not IT departments should hand over more control to users seems to be a thorny issue for many technology leaders.

While the rapid evolution of consumer and internet technologies is undoubtedly opening up new opportunities for people to work more flexibly, productively and collaboratively, it is presenting IT departments with big challenges in terms of security and systems management.

Nevertheless, in most organisations the positive argument is winning the day.

In a recent CIO Connect members’ poll, almost seven out of 10 members agreed that IT departments should pass more control to users.

The word control, of course, could imply a number of things. It could mean that individual users are allowed to choose, own or manage the devices with which they connect to the corporate network, whether physically or virtually.

Control could mean users are able to use the software and online tools
of their choice, or it could mean they are given the ability to develop their own systems, services or processes, largely independent of the IT department.

Among businesses that rely on knowledge workers, IT should be doing all it can to provide staff with the flexibility to carry out their jobs as productively and efficiently as possible, without compromising security, performance or resilience.

The problem is that giving up entral control inevitably means accepting a higher level of risk for the organisation.

Of course, there are steps you can take to minimise that risk ­ such as having clearly defined security policies, effective training and good governance.

But, however you cut it, giving over more control to users means accepting you will have less control within the IT department.

CIO Connect members are fairly clear about the nature of the issues: “Retaining IT function control is too often a job creation scheme for the IT function and distracts from other uses of resource that add value to the organisation,” said one member.

Another commented: “Given the right level of training, the best systems and a culture of empowerment, it should be possible to give a high level of control back to users. What seems to happen, though, is that one of those variables is missing and the opportunity is lost.”

The biggest factor likely to exacerbate the debate over the next few years will be the influx into the workforce of a young, tech-literate and web-savvy generation who have grown up using consumer technologies.

If companies are to attract the most talented people in future, they will have to be able to demonstrate they understand this new world by giving those users the freedom to work effectively ­and collaboratively ­within it.

Nick Kirkland is managing director of CIO Connect, the leading forum for chief information officers and IT executives.