The environment for many organizations today is increasingly statute- and regulation-heavy and prone to litigation. How exposed an organization is to the risk of legal sanctions and its ability to respond to audits or lawsuits is very dependent on how well the organization’s records and information are managed. This guideline provides a four-quadrant framework for understanding and assessing an organization’s risk with respect to records and information management (RIM). An organization can use this guideline and the assessment tool to identify the most critical areas of risk and where specific risk mitigation strategies are warranted.
