EXECUTIVE OFFICE OF THE PRESIDENT

ROUTING AND REMARKS TRANSMITTAL

NAME OF ORIGINATOR Steve McDevitt

CODES

A-Action

C - Concurrence O-Other

R -- Review

S -- Signature

PHONE 56403

. 1

TO

Concur. No.

-

DATE 1/24/2003

OFFICE EOP/ONCIO/CR&SE

Subject

Electronic Communications Records Management System

Deadline Date

CODE DATE IN DATE INITIALS REMARKS
OUT (Use back of form for continuation)
C u/IIJ /;/lb
z.tJ.:r~ 'f""v t-lb ~ "_JA.., l-A.&,_£'
R
C ~1;
It t; 6cs ['7
. ')
R 1,1/V7 ''/
\ ".v;, R

- R
?/r/01
R
Z/o/o, ~~3
- C S

A

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047809

Executive Project Tracker Project Justification

10 159

Project Title ~RMS Re-design

Group ICR&SE

O&M

I

CIP

I

Other

I

Emergency

I

Total

Organization Group: Concepts, Requirements & Systems Engineering Directorate

Project Manager_

Support Area: Messaging and Scheduling

Project Description: ~ Funded The Automated Record Managment System (ARMS) is the EOP automated method for capture, formatting, and storage of presidential and federal record email. As part of the Armstrong consent decree, EOP committed to replacing ARMS with a more robust system that would improve and streamline EOP record management processes and provide compliance with Armstrong strictures.

Cost Detail:

O&M

CIP _. software and services; ~ardware

Other

Carry-over from FY02 CIP

Emergency

Customer Need I Mandate:

In Order to comply with the Armstrong consent decree, the EOP needs a state of the art electronic record management system to enable controlled, automated electronic mail records managent.

Result:

The delivered system will provide automated compliance with Armstrong guidelines and facilitate controlled, record managed e-mail services within the EOP. Additionally, improved e-mail search, indexing, and formatting for archival storage should be enabled.

Benefit! Return on Investment:

Improved e-mail management, capture, search, storage, and control should result from this effort. Compliance with legal mandates will also result.

Impact if not funded:

If not funded, existing issues with electronic mail record management will go unresolved. This could open the door to additional legal proceeding for the EOP.

FY03 Printed: 1/27/03 10:18:52 AM

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047810

EXECUTIVE CORRESPONDENCE

EXECUTIVE OFFICE OF THE PRESIDENT

OFFICE OF ADMINISTRATION WASHINGTON, D.C. 20503

January 24, 2003

MEMORANDUM FOR SPECIAL ASSIST ANT TO THE PRESIDENT AND

DIRECTOR, OFFICE OF ADMINISTRATION

FROM:

SUBJECT:

APPROVAL FOR OBLIGATION OF FUNDS FOR THE IMPLEMENTATION OF THE EOP ELECTRONIC COMMUNICATIONS RECORDS MANAGEMENT SYSTEM

Purpose: To obtain approval for of the development and implementation of the EOP Electronic Communications Records Management System.

Background: The purpose of this project is to replace the existing Automated Records Management System (ARMS) system with a new system that significantly improves the functionality, performance and capacity and reduces operational overhead.

The ARMS system was implemented in 1994 to meet an urgent requirement for the capture and management of E-mail records within the EOP. The system was never intended to be the longterm strategic solution. Because of the changes in technology, the increasing use of E-mail and other forms of electronic communication and other operational risk factors, it is becoming increasingly necessary to replace the system.

The EOP Electronic Communications Records Management System (ECRMS) project will be divided into two phases. Phase I will include analysis and requirements specification, an analysis of Cornmercial-Off- The-Shelf (COTS) products to identify existing products and solutions that can satisfy the requirements and constraints, a build-verses-buy analysis, and a recommendation and high level design on the selected solution. Phase II will include the

. detailed system design, system engineering and development, system testing and deployment and user and operator training.

The contractor for Phase I will be selected with a limited competition negotiated procurement process where at least three but not more than six vendors are selected to participate. The participating vendors will be selected based on their known capabilities in implementing electronic records management systems. The basis of selection will be vendor experience, past performance and price. The procurement process for Phase II will be similar to Phase I, except that the vendors may be different. The participating vendor decisions for Phase II will be dependent on the decisions and high-level design of Phase I. These decisions will determine whether or not the implementation is a COTS integration effort or a custom development effort. The procurement for Phase II will be adjusted appropriately.

DO NOT WRITE ON THIS COVER AS IT IS INTENDED FOR RE-USE RETURN IT WITH THE FILE COPIES TO ORIGINATING OFFICE

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047811

The Concept of Operations (CONOPS) for the EOP Electronic Communications Records Management System has been completed by the Office of the CIO. This document describes the current ARMS system implementation, the operational risks of the existing environment, the justification for a strategic solution, the high-level requirements for the new system and the operational and organizational impacts of the new system.

Related Acquisitions/Projects: None

Recommendation: I recommend your approval for the obligation o~n FY02 CIP for the initiation of Phase I. Any remaining funds will be used for the Phase II.

Approved __;Disapproved Date _

Comments:

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047812

EOP ELECTRONIC COMMUNICATIONS RECORDS MANAGEMENT SYSTEM

CONCEPT OF OPERATIONS

THE EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF ADMINISTRATION

OFFICE OF THE CHIEF INFORMATION OFFICER

FEBRUARY 11,2003

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047813

Records Management System

Date: Februa

Table of Contents

1.0 Scope 1

1.1 Identification '" 1

1.2 Document Overview '" 1

1.3 System Overview 1

1.4 Reference Documents : 2

2.0 Current System 3

2.1 Background, Objectives, and Scope 3

2.2 Operational Policies and Constraints 4

2.3 Description of the Current System 5

3.0 Justification For and Nature of Changes 10

3.1 Justification for Changes 10

3.2 Description of Desired Features 11

3.3 Changes Considered But Not Included 12

4.0 Concepts for the Proposed System 13

4.1 Background, Objectives, and Scope 13

4.2 Operational Policies and Constraints 13

4.3 Description of Proposed System 14

4.4 Modes ofOperation 16

4.5 User Classes 17

4.6 Support Environment 17

5.0 Summary of Impacts 18

5.1 Operational Impacts 18

5.2 Organizational Impacts 18

5.3 Impact During Development 18

6.0 Analysis of the Proposed System 20

6.1 Summary of Improvements , 20

6.2 Disadvantages and Limitations 20

7.0 Glossary 21

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047814

Records Management System

Date: Februa

1.0 Scope

1.1 Identification

This document is the Concept of Operations (CONOPS) for the Electronic Communications Records Management System for the Executive Office of the President (EOP). This is sometimes referred to as the E-Communications Records Management System or ECRMS.

1.2 Document Overview

This document provides the following:

• Description of the current EOP electronic communications records management operational situation

• Analysis and determination of the necessity of improvements or replacement of the

current system

• Identification of the risks and issues associated with the continued use the current system

• Justification of the necessity of the implementation of a new system

• High-level requirements necessary to support the operational, regulatory and legal requirements for the retention, retrieval, delivery and disposition of electronic records.

1.3 System Overview

The current system in use for the management of electronic records in the EOP is the Automated Records Management System (ARMS). This system was implemented in 1994 as a solution for the retention and management of electronic communications for the EOP. It is important to note that ARMS is the records management system that is only a part ofthe overall electronic records management approach of the EOP. Other systems and system components (i.e. ARMSMON, ARMSSCAN, etc.) have been created to provide the transport and interface mechanisms from other record producing systems (e.g. Lotus Note Email) to ARMS.

The complete EOP electronic records management environment includes components for the capture of E-mail records, mechanisms for the transfer of records between systems, the online storage of these records, a facility for searching and retrieving the stored data, a process for responding to requests for information (i.e. Freedom of Information Act (FOIA) Request, subpoenas), and a process and facility for extracting, formatting and delivering records to the National Archives and Records Administration (NARA).

The system is currently used by the EOP for the collection, retention and processing of Lotus Notes based E-mail messages, and any other form of electronic communication that uses Lotus Notes as the E-mail transport mechanism.

The current implementation allows the users on the Lotus Notes E-mail platform to designate whether or not a message is a record. This activity is performed by the user when the E-mail is created. If it is designated as a record, it is determined to be federal record or presidential record based on the originator and addressee of the message. A single message can be both a presidential record and a federal record; this determination is based on the organization of the originator and the addressees. If the message is designated as a non-record by the originator, an additional review of a statistical sample occurs to verify that messages are appropriately designated as non-record. This review process is conducted by designated personnel in each EOP component.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047815

Records Management System

Date: Febru

The ARMS and the supporting systems were developed to meet an urgent need to preserve E-mail records. These systems were implemented quickly and it was never the intention that the initial implementation of the systems was to be the strategic long-term solution for the management of specific types of electronic records. The system was implemented using resources and technologies that were present-at-hand. The system uses the operating system utilities for the management, access, search and retrieval of data and the file system for the storage and access control of the data. The current implementation does not utilize any special search tools or database management system. The current implementation processes more than 1 million E-mails per month.

Over the past few years the EOP has experienced a number of significant problems with ARMS and the associated supporting systems. These problems or anomalies (Mail2, Letter D and Multi-Host) have resulted in various situations where E-mail was not being appropriately captured and archived by the system. The system has been repaired and corrective actions have been completed to restore, to the greatest extent possible, the E-mails that were not captured.

At the present time, E-mail from Microsoft Outlook / Exchange based environment used within the EOP is not stored in the ARMS environment. This E-mail is collected and is currently retained in the Legato EmailXtender environment. A project is currently underway to provide a delivery mechanism for all Outlook / Exchange E-mails into the ARMS environment.

1.4 Reference Documents

Automated Records Management System (ARMS) Standard Interface Document, updated November 2001, prepared by Tony Barry

DOD 5015.2-STD, Design Criteria Standard for Electronic Records Management Software Applications, June 19,2002

Disposition of Federal Records, a Records Management Handbook, National Archives and Records Administration, Office of Records Administration, Washington, DC, 1992

Electronic Records - Clinton Administration Management of Executive Office of the President E-mail System, Report to the Chairman, Committee on Government Reform, House of Representative, prepared by the United States General Accounting Office, April 2001

Executive Office of the President, Office of Administration, Electronic Records Management Team, "Review of Document Management and Electronic Records Management," Memorandum (April 19, 2001) for Leanne Terrell, Associate Director for Information Systems and Technology, Office of Administration, Executive Office of the President

Lotus Notes / ARMS Interface Agreement, prepared for the Office of Administration, 'Information Systems and Technology Division by Northrop Grumman, February 2, 1999

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047816

Records Management System

Date: Februa

2.0 Current System

The current ARMS system was implemented in 1994 to meet an urgent and immediate need to retain and manage E-mail records for the EOP. The system was designed and developed in-house using systems, technologies and expertise that were present-at-hand. Since that time, the system has evolved-in-place to support various E-mail system upgrades and other technical changes that have occurred in the environment and to support a greater volume of E-mail.

2.1 Background, Objectives, and Scope

The EOP ARMS system was designed to manage, store, search, monitor, retrieve and dispose of electronic records, primarily E-mail messages and attachments. Separate system components have been designed to capture all inbound E-mail messages received by EOP staff and to capture all E-mail messages originated by EOP staff in specific E-mail environments. In some cases, these E-mail messages are categorized as Presidential records or Federal records by the originator.

The purpose of the current ARMS system was to meet the requirements set forth in the Presidential Records Act (PRA), the Federal Records Act (FRA) and various Federal court decisions (e.g. Armstrong). The motivation behind the creation of the current system was to get it operational as quickly as possible. Many technology and design decisions were made based on the technical expertise, tools and systems that were present-at-hand within the EOP and the interpretation of various Federal court rulings.

The system is intended to support the storage of the retained records for an extended period of time (e.g. a two-term administration) and to support the physical separation in the storage of Presidential and Federal records.

ARMS and its associated systems are installed on various servers within the EOP E-mail systems environment and data center server environment. The current functions of these systems (ARMS and the associated supporting systems) include:

• Retention of all in-bound E-mail messages that are received by EOP users from sources external to the EOP

• Retention of all EOP staff originated E-mails messages (created in the Lotus Notes Email environment and other E-mail environments that include an interface for ARMS)

• Collecting and reformatting of retained E-mail messages for storage in the system

• Cataloging and separation of the retained E-mail messages by EOP component or office

(This allows for the effective separation of presidential records from federal records)

• Long-term storage of the retained records

• Monitoring of the records in the system

• Retrieval of records stored in the system to satisfy various types of search and retrieval requests (FOIA, subpoena, congressional)

• Creation of magnetic tapes for the transfer of records to NARA

Currently ARMS only supports the retention and processing of E-mail records from the Lotus Notes Email environment. It is capable of supporting other environments, such as Microsoft Outlook/Exchange, but the implementation of other interfaces has not yet been completed.

The current ARMS system is managed and maintained by staff members of the Office of the Chief Information Officer (OCIO) with the day-to-day operations support provided by data center operations contract personnel. The system users in the OCIO are the only users that have access and ability to perform search and retrieval requests.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047817

Records Management System

Date: Februa

Staff members from each EOP component are assigned and tasked with the monitoring and review of the non-record data associated with their EOP component. The purpose of their activity is to review a percentage of EOP staff originated E-mails that have been designated as non-record to ensure that it is appropriately designated.

2.2 Operational Policies and Constraints

Because the nature of the system and the organization of the EOP, there are a number of operational processes and policies that govern use of the system and access to the system data. These policies include:

• All search and retrieval requests of the ARMS records originate from the Office of Administration (OA) Counsel, the OA Director or the Counsel of other EOP components.

• All search and retrieval requests of the ARMS records are coordinated through the OA Counsel.

• All search and retrieval requests of the ARMS records are handled and processed by the Data Center and Operations staff of the ocro. There is no direct access to records by the staff of the EOP component.

• Each EOP component has a designated monitor that has the responsibility of reviewing and monitoring E-mail records that have been designated as non-record to ensure that the designation is appropriate.

• Daily monitoring of activity and performance of regular system functions is performed by the Data Center and Operations staff.

• Deletion of records from the system that have been transferred to NARA occurs through a manual process after the appropriate review and verification of the transferred records has been completed.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047818

Records Management System

Date: Februa

2.3 Description of the Current System

The current electronic records management system includes ARMS and a number of ancillary systems to provide 'data to ARMS. These are installed on servers within the EOP E-mail and data center server environment.

External

!&mail for:

Er@component.eop.gov

§J

Destinations

-

G.:I

NARA

Subpoena

Notes Mail Maill

Environment ~

ARMSSCAN

H-H---'

. .

.................................. __ ., .

Requester

Other Agency Request

Current EOP E-mail Records Management Environment Context Model - November 2002

ARMS Operational ARMS Monitoring ARMS Search

Suppott

Figure 1 - Current System Context Model

The major components include:

• ARMS - A set of processes for the processing, cataloguing and arranging of electronic records (e.g. E-mail messages) in the ARMS directory structure. This process creates the directory structure and moves that files to the appropriate location.

• ARMSSCAN - A Lotus Notes Server Add-In Process that is installed on each of the EOP Lotus Notes E-mail servers. This process periodically scans all internal user E-mail databases to identify unprocessed E-mail messages. Processed E-mail messages are identified as those that contain a "$Record" field. A copy of those E-mail messages that do not contain the field are forwarded to the ARMS Mail-In Lotus Notes database in the ARMS collection environment for later processing.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047819

Records Management System

Date: Februa

• ARMSMON - An application that extracts the ARMSSCAN captured E-mail messages from the Lotus Notes database and converts the records into the EOP records management format (i.e. ARMS Format). This format is composed of a set of two or more files for each E-mail message. The file types are: Header, Message and Attachment. At a minimum, Header and Message files are created. Attachment files are created if the E-mail message includes attachments. When created, these files are transferred to the file system of the ARMS Server.

• Lotus Notes E-mail Templates - A custom Lotus Notes template is installed and configured for all Lotus Notes E-mail users. This template provides a mechanism for a user to designate the E-mail message as 'Record' or 'Non-Record' and forwards a copy of the E-mail message to the ARMS Mail-In Lotus Notes database using the blind carbon-copy (bee) mechanism. This mechanism assures that copies of all E-mail messages are retained for processing by ARMS.

• ARMS Search Command Utilities - A set of Open VMS utilities and custom command files to facilitate search and retrieval of ARMS data.

• Records Management Monitoring System (RMMS) - A system that provides designated EOP staff with a facility for the review of records that have been recently processed by ARMS. The primary purpose of this system is to allow for the review ofEmail messages that have been designated as Non-Record by the originator of the message, to verify that it has been designated correctly.

• External E-Mail Gateway (whitehouse.gov) - A special process is included to collect and aggregate in-bound E-mail that is addressed to the President, Vice-President, First Lady or Mrs. Cheney. These E-mail messages are aggregated into a single file for each addressee per day. This file is forwarded to ARMS once a day.

2.3.1 Operational Environment

In 1994, ARMS was originally developed and deployed on the Digital Equipment Corporation VAX hardware platform running the VMS operating system. The systems were originally created to support the EOP ALL-IN-ONE environment. The system has since been ported and upgraded to an Alpha processor-based hardware platform running the Open VMS operating system.

The current platform for ARMS and the critical supporting systems includes:

• ARMS- ..........

,

o ARMS programs, combination of C language programs and Digital Command

Language (DCL) procedures

o File system based ARMS data store

o A two node VMS Cluster

o

o

o Disk Storage: 7.7 TB (216 x 36 gigabytes) - RAID 5 Configuration - Yields 6 terabytes of usable storage

o Compaq StorageWorks TL891 Automated DLT Tape Library Solution - 16 Drives

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047820

Records Management System

Date: Febru

o Digital TA90E Tape Drive (support for IBM 3480 tapes) - 10 Drives

• ARMSMON - SREOPOI

o ARMSMON, a C++ language application

o Intel Based Compaq Server

o Windows NT Server

o Lotus Notes

• ARMS Mail-In - SREOP02

o Intel Based Compaq Server

o Windows NT Server

o Lotus Notes

2.3.2 Interfaces to External Systems and Procedures

Various components of the current ARMS system interface with the Lotus Notes E-mail environment. ARMSMON uses an interface to Lotus Notes to extract E-mail messages that are to be processed by ARMS. ARMS also uses an interface to the Lotus Notes Name and Address Book (NAB) to retrieve the organization information of users for the proper categorization of records as Presidential or Federal. This determination is based on the organization of a particular user.

The ARMS system does not have any direct outbound external system interfaces. The records contained in the ARMS system are manually sent to NARA on magnetic tape using the pre-defined format that has been approved by NARA.

2.3.3 Operational Risk Factors

The ARMS environment was developed and deployed to meet an urgent need to preserve E-mail records. The system was never intended to be the long-term strategic solution. Because it was not the ultimate system, decisions were made to accept additional operational risks recognizing that these risks would be addressed in the implementation of the ultimate system. The operational risk factors associated with the current ARMS system include:

• Performance Risk - The performance of the current system for search operations is unacceptable. Potential Impact: A large number of search requests cannot be completed in a reasonable amount of time.

• Inappropriate Use Risk - The system lacks generally accepted access control and authorization features that limit user access to appropriate data and functions based on the role and organization of the user. Potential Impact: The data in the system is not secured.

• Incomplete Search Risk - The search and retrieval operations of the system are accomplished through the creation and execution of DCL Procedures. The search process also requires a detailed understanding of the physical arrangement of the data in the system. The erroneous or incorrect definition of the data to be search may result in incorrect or incomplete search results. Potential Impact: Search results may be incomplete because of errors on the part of the search analyst.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047821

2.3.4

Records Management System

Date: Februa

Brittle System Risk - The current system is composed of components developed in different technologies on various server platform environments. In the past, what were perceived to be minor changes have had a significant impact on the functions and performance of the system. Potential Impact: The underlying systems or system components cannot be reliably upgraded.

Platform Life-Cycle Risk - The current system is implemented on a platform that is not a strategic platform for the EOP. The platform manufacturer will begin to phase out the current platform in 2005. Potential Impact: Support for platform or system components may become scarce.

Custom Software Risk - The current system is an amalgam of custom software components developed using a number of different technologies (C, C++, and DCL). Ongoing support to ensure compatibility with other components in the environment and to provide enhancements to the existing system requires the continuous active participation of development resources in the organization. Potential Impact: Changing environment may cause incompatibilities to occur which may impact the performance of the system.

Public Perception Risk - Additional system problems or "Anomalies" will support the public perception that the organization is unwilling or unable to support and manage the basic systems for the effective operations of government. Potential Impact: Negative perception and additional expense to make corrections.

Operations Personnel Risk - A limited number of personnel have a working knowledge of the system. Potential Impact: Loss of key personnel will have an impact on the operations of the system.

Performance Characteristics

There are two significant aspects of performance of ARMS. The performance of processing new ARMS records (the initial processing of E-mail messaged) and the performance of search and retrieval activities against the ARMS data.

ARMS currently processes an average of 1.1 million (average volume of the first 9 months of 2002) Email messages per month. The volume of E-mail processed by ARMS has increased by over 61 % in the last year (from about 667,000 to over 1.1 million E-mails per month). The current system is able to adequately support this current volume of E-mail.

The performance of searches of the ARMS data is unsatisfactory. The current ARMS search process requires hours and sometimes days of system processing time.

2.3.5 Security Characteristics

The ARMS hardware environment is located in the EOP data center. Physical access to the systems is limited to authorized personnel. The system level security features rely on the OpenVMS security access control mechanism. ARMS does not utilize any other fine-grained system access control and authorization mechanisms.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047822

Records Management System

Date: Februa

2.3.6 Quality Attributes

Generally, the current ARMS implementation fails to meet the generally accepted system quality attributes of data integrity, expandability, flexibility, interoperability, maintainability, portability, and reliability. The Operational Risk Factors (listed above) describe the current issues with the system. These factors provide ample information regarding the current ARMS implementation and provide evidence that the generally accepted system quality attributes are not met.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047823

Records Management System

Date: Februa

3.0 Justification For and Nature of Changes

3.1 Justification for Changes

The motivating factors that have caused this examination of the current electronic records management capabilities of the EOP are numerous. The most significant of these include:

• A more focused awareness of the operating risks of the current system (described above in section 2.3.3)

• The need for greater flexibility in supporting other types of electronic records

• New requirements and procedures that have been promulgated by NARA and the need to have the ability and flexibility to support their future requirements

• Increase availability of Commercial-Off- The-Shelf (COTS) products that may meet many of the electronic records management requirements of the EOP

• Desired alignment with the new EOP IT Strategy and Enterprise Architecture (EA)

The EOP is required (by regulation and by Federal court decisions) to support a complex and unique set of electronic records management requirements. Although the current EOP electronic records management environment may provide support for many of these requirements, it does not support them in an efficient and effective manner or in a manner that is consistent with current systems engineering principles and practice. This situation, along with new requirements and the increasing use of electronic communications and electronic documents within the EOP requires action to be taken to ensure that adequate support is provided to meet the electronic management needs of the EOP. It has become necessary to significantly improve the electronic records management capabilities of the EOP.

Given the current situation, there are three possible alternatives:

• Stabilization of Current Systems and Incremental Improvement to Incorporate Additional Functionality

The stabilization of the current environment would require a significant development effort to correct the current system deficiencies and to upgrade the system components to support the current versions of the E-mail infrastructure of the EOP. An additional development effort would be required to implement some advanced features to support new NARA regulations, an improve system security architecture and increased system performance. This solution would also require continued development resources to provide support and enhancements to the environment.

• Replacement of Current Systems with Custom Developed Environment

This alternative is the custom development of a completely new system to support the EOP electronic records management requirements. This alternative would include the use of state-of-the-art database, search and retrieval tools and current systems development technologies. It would also include system interface capabilities for the efficient use of the system. This solution would require continued development resources to provide support and additional enhancements to the environment.

• Replacement of Current Environment with COTS or COTS Component Integration This alternative requires the selection of a single COTS product or a set of integrated COTS products to support the EOP electronic records management requirements. The core of this solution would be COTS products. An integration development effort would still be required.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047824

Records Management System

Date: Februa

The COTS solution is the preferred solution. The reasons for this position include:

• Custom developed solutions are used only when warranted and justified (or when COTS solutions are not available)

COTS solutions provide wider platform support and increase platform stability

COTS vendors provide better and more timely support of changes and upgrades to underlying server, operating system and database platforms

COTS vendors specialize in application development and provide more thorough testing of the products and tend to provide better support for industry standard technologies, and interface and integration mechanisms

The selection of certified COTS products (e.g. DoD 5015.2) often times enables us to be compliant with regulatory requirements.

The use of COTS products, which comply with the EOP Enterprise Architecture and the technical direction of the EOP, may significantly reduce the effort required to develop, test, and deploy the system.

If it is determined that COTS products cannot provide the all functionality necessary to address the necessary requirements, then additional analysis, requirements and product review and system design may be necessary to address the deficiencies. If possible obtaining vendor support for the incorporation of new functions into the released COTS product is a viable option.

The selection of a COTS solution does not eliminate the need for development and testing resources. Careful consideration must be given to the time and skills needed to integrate COTS components into the environment. The development staff must specify, design, implement, test and document the software that will support COTS integration. When constructing COTS integration software, it may be necessary to verify COTS specifications and performance through unit testing or with prototypes.

3.2 Description of Desired Features

The goal of the implementation of the electronic records management system is to provide an integrated, flexible and robust system that supports the EOP legal, regulatory and policy requirements. The system should include the following features:

• Flexible environment that allows for the addition of new types of electronic records

• Use of industry standard data mechanisms (e.g. XML)

• Flexible integration with various types of systems that are the source of the electronic records

• Support for various types of electronic records (E-mail, E-mail with attachments, electronic document, instant messaging, image, audio and video, etc.)

• Support for various types of electronic formats including all word processor, spreadsheet, presentation and other widely used document formats (Microsoft Word, Excel, PowerPoint, Adobe PDF, Postscript, etc.)

• Flexible web-based user interface

• Efficient search mechanism for simple and advanced searches, including the searching of attachments

• Acceptable performance for processing retrieval requests

• Management reporting capabilities

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047825

Records Management System

Date: Februa

Robust production quality operational model that provides effective operations support mechanisms and processes to ensure the completeness of the retained records

Security architecture that is compliant with the EOP Information Assurance Security Policy and industry best practices

Policy and role bases system access and authorization support to provide fine-grained access support to users and user groups

A standard platform that is consistent with the EOP Enterprise Architecture activities and the strategy of the Office of the CIO

Complete data and activity audit trail support

Extraction and electronic data transfer features that allow for the delivery of specific records to satisfy retrieval requests

Scalable platform that will support the increasing volume of electronic records Efficient support of FOIA requests

DoD 5015.2 Certified platform

Integrated system recovery and rollback capabilities

Support for a high-availability, fault-tolerant and intrusion-tolerant environments. Support for the business resumption and disaster recovery environment of the EOP

These high-level features are only a representative set of the features, requirements and constraints of the electronic records management environment for the EOP. The detailed definition and analysis of the legal, regulatory and business requirements of the system, as well as the assignment of priorities for these requirements will be determined during the requirements analysis process.

3.3 Changes Considered But Not Included

Other options were considered but have not been included in this analysis since they failed to provide an effective solution to meet the goals and direction of the electronic records management solution. These options included:

• Revert to a Manual Paper-Based Records Management Process - Although this is an option, it is not a viable option. It would be a large burden on EOP personnel, it would require additional personnel to manage the large volume of printed E-mail and the mechanism used to print each E-mail would have to include all the necessary information. It would also make responding to subpoenas and FOIA requested extremely difficult.

• Do Nothing - Leaving the current ARMS system in place and simply providing the necessary system maintenance (e.g. add additional disk storage capacity) is an option. However, following this path would not address any of the significant operations risk, policy and regulatory issues that exist with the current system.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047826

Records Management System

Date: Febru

4.0 Concepts for the Proposed System

4.1 Background, Objectives, and Scope

The new Electronic Communications Records Management Systems (ECRMS) will be implemented to support the legal, regulatory and policy requirements regarding the collection, management and use, and disposal of electronic records within the EOP.

One of the primary goals of this effort is to provide an efficient and effective solution to meet the current Electronic Records Management needs and a solution with the flexibility to support the future needs of the EOP.

4.2 Operational Policies and Constraints

The system shall be designed and implemented to support appropriate EOP operational policies and constraints. These include:

• Designed and implemented in accordance with the strategic technology and architecture decisions of the EOP Enterprise Architecture

• Implementation consistent with the EOP Information Assurance Security Policy, with special consideration given to the operational access to system data to various EOP personnel

• Operated in the EOP Data Center with minimal oversight and system management

• Support for Office of Administration Directives for the processing of E-mail search and retrieval request and for the removal of electronic records data from systems

• Platform, technology and system design decisions that allow for the implementation of future NARA requirements for the management and transfer of electronic records.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047827

Records Management System

Date: Februa

4.3 Description of Proposed System

The following is a high level description of the significant functions of the system. It is not intended to be an exhaustive list of the system functions and requirements. A complete requirements analysis will occur as part of the system implementation process.

E-mail FROM External Sources and

TO External Destinations

Proposed EOP Electronic Communication Records Management System Context Model - December 2002

10-01 ~
XML NARA
T

External
Requester
(subpoena)
*
FOIA
Requester
T
Other Agency
Requester Notes Mail Environment

OuUook I Exchange Mail Environment

Enterprise Messaging Environment (Future)

Electronic Document Collaboration (Future)

....................................

· .

· .

· .

Other Electronic Records System {To Be Determined}

Operational Support

Records Manager

Search &. Retrieval

Figure 2 - Proposed System Context Model

The initial list of critical non-functional requirements includes:

• Implemented on a commercially-trusted platform

o Hardware platform

o Operating System

o Database System

o Web and Application Server (if necessary) • Security

o Robust user identification and authentication and data access controls

o Support for a complex data access strategy where authorized users have access to appropriate subset of data.

o Support for role-based authorization to system functions

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047828

EOP Electronic Communications Records Management System t of 0 erations

Date: Februa

o Completed audit and user activity logging • Stability and Performance

o Stable system capable of maintaining an uptime of near 100%

o Support for the complete electronic records storage requirements for a complete administration (up to 10 years minus 1 day)

o Ability to perform searches in a reasonable amount of time, minutes rather than hours or days (The detailed performance requirements will be determined later).

o Support for complete system reporting while the system is in normal operating mode.

The initial list of critical functional requirements includes: • Capture / Collection Interface

o An integration mechanism for each source records system (e.g. each E-mail environment) will have to be implemented to support the transfer of records to the records management system.

o Well-defined interface for the capture / collection / transfer of electronic records from the source system to the records management system

o Support for various record types, including Esmailc E ... mail with attachments, instant/enterprise messaging, and electronic documents.

o Use of standard data structure mechanisms (XML)

o Include mechanism for the reconciliation of record data with the source system.

A reporting process or automatic reconciliation function to verify that all records have been received by the system.

• Categorization of Records

o Presidential or Federal based on the person and organization of the author / originator and addressee(s)

o Record or Non-Record (This may not be implemented in the initial implementation due to the constraints of some of the E-mail systems)

o Mechanism for the evaluation and re-evaluation of records to provide better categorization. This is for future categorization of records that have been previously captured. An example of this function would be to categorize administrative messages (i.e. announcements about new members of the staff or retirements) appropriately.

• Search and Retrieval

o Efficient search mechanism that does not require programmatic development in

order to execute a search

o Simple and advanced search capabilities

o Search header, message, attachments or meta-data individually or in combination

o Search a specific subset of the data (by EOP component or office)

o Search a specific data range

o Search for a particular originator or addressee

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047829

Records Management System

Date: Februa

o Search the contents of attachments (this may only work for unencrypted content in standard recognizable file formats)

o Boolean searches (use of the Boolean operators AND, OR, and NOT)

o Wildcard searches (use the wildcard symbols "*,, and "?" where the "*,, replaces

multiple characters and "1" replaces a single character) .

o Searching for phrases (multiple words adjacent to each other in the text)

o Fuzzy searching (when the exact spelling is not known)

o Searching in a specific Field

o Numeric searches (on numeric fields, use of the numeric comparison operators >,

<, =, >=, <=, <»

o Proximity searches (the ability to locate two words or phrases occurring within a specified proximity (words, lines, sentences and paragraphs) of one another along with option modifiers (before, after, on-either-side-of, in the same word, line, sentence, paragraph)

o Date searches (on date fields, evaluation of date value in various date formats)

o Ability to save the search request and the corresponding result set

o Flexibility in the format of the search results

o Ability to order search results based on certain fields

o Save results in formats that support the easy distribution and use of the results • Extraction and Disposition

o Facilities for the extraction of records (Federal and Presidential) for transfer to NARA

o Facilities for the regular disposition of non-records according to the guidelines and record schedule of the EOP

4.4 Modes of Operation

The Electronic Communications Records Management System shall support the following modes of operation:

• Record Acceptance and Collection - The system shall provide the necessary functions for the continuous, secure, complete and efficient collection of all appropriate electronic records. In this mode the system shall be in an "always-on" mode available to receive electronic records from various source systems.

• Records Search and Retrieval - The system shall also provide the functions for the execution of searches on all or a subset of the records stored in the system.

• Record Extraction and Disposition - The system shall support an efficient mechanism for the extraction and transmittal of electronic records (Presidential and Federal) to NARA.

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047830

Records Management System

Date: Februa

5.0 Summary of Impacts

The implementation of the proposed system improves the operational situation related to the management of electronic records within the EOP. One of the primary goals of this new system is the reduction of the operational risk factors that exist with the current system. Through the elimination of the existing operational risk factors, the EOP will be able to reduce the poor public perception risk that exists because of our past performance in the management of electronic records. Also, through the implementation of a solution on a commercially trusted platform using commercial-off-the-shelf (COTS) product, the EOP may be able to reduce the life-cycle costs of the system.

5.1 Operational Impacts

The operational impacts of the new Electronic Communications Records Management System include:

• Improved operational stability by using commercially-trusted platform components (operating system, database, application server)

• Increased efficiency in the execution of search and retrieval requests (FOIA, subpoena, internal search requests)

• Efficient system management process

• Improved user efficiency through the use of accepted standard system user interface mechanism

• Compliance with EOP Information Assurance policy, standards and procedures

5.2 Organizational Impacts

The organization impact of the implementation of the new Electronic Communications Records Management System will include:

• Greater accessibility to electronic records for other agencies within the EOP

• Alignment of responsibilities that allows for the records management staff to have access to the system without the need of technical resources. The current system requires a high level of technical knowledge

• Reduction in the support of the system by technical staff within the Office of Administration. The goal is to eliminate the need for technical staff to perform all search and retrieval operations

• Training for the new system must be provided, especially for the search and retrieval' and reporting capabilities ofthe system

• Operations training will be required for the training on the daily operations and troubleshooting of the system and training on the periodic maintenance activities that are necessary for the continued use of the system

5.3 Impact During Development

During the initial analysis and design phases of the project, appropriate review and approval by various parties will be required. This is due in part to the complex legal and regulatory nature of the system, as well as the awareness of some of the operational risks of the current system. The design of the system must be reviewed and approved by the Office of Administration General Counsel, Director of Information Assurance, Director of Concepts, Requirements and Systems Engineering and the Director ofIS&T.

FOR OFFICIAL USE ONLY

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047831

Records Management System

Date: Februa

The operational impact during development and implementation phases should be minimal. The current electronic records management environment will continue to operate and collect records. Once the new system is in place a data migration and conversion process will be necessary to move the existing ARMS records into the new systems environment.

It may be necessary for the parallel operation of new and existing system to occur to ensure that all appropriate testing and evaluation is completed prior to the termination of the processing of the current system.

FOR OFFICIAL USE ONLY

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047832

Records Management System

Date: Februa

6.0 Analysis of the Proposed System

6.1 Summary of Improvements

A brief summary of the benefits of the proposed system includes:

• Greater accessibility to the records stored in the system. If desired, each EOP component or office could have access to their record data.

• Stable operations platform

• Operational efficiency from the use of commercially-trusted and stable system infrastructure and components. Less technical expertise will be required to operate and maintain the system

• Improved performance in search and retrieval activities because the platform will be designed to support the searching and retrieval of records from a large records data store

• Improved ease of development and system enhancements with the use of" standard interface

mechanisms and protocols such as XML and HTTP

• Greater flexibility in the extractions of records to meet the specific needs of requesters

• Improved system security

• Improved user and system activity auditing

• Greater ability to support new electronic record types

• Greater flexibility to support the changing NARA requirements as they define new rules for the transfer of records

• Requires less EOP personnel to support and maintain the system

• Hardware and software platform that is consistent with the EOP Enterprise Architecture

6.2 Disadvantages and Limitations

In the analysis of the proposed new system, no significant disadvantages have been identified.

FOR OFFICIAL USE ONLY

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047833

Records Management System

Date: Februa

7.0 Glossary

ARMS Acronym for Automated Records Management System

Concept of Operations

A user-oriented document that describes a system's operational characteristics.

CONOPS

Acronym for Concept of Operations

Constraint

An externally imposed limitation on system requirements, design, implementation, operations or on the process used to develop, implement or modify the system.

ECRMS

Acronym for Electronic Communications Records Management System

NARA

Acronym for National Archives and Records Administration

Nonrecord

Nonrecord materials are those Federally owned informational materials that do not meet the statutory definition of records (Section 3301 of reference Cd)) or that have been excluded from coverage by the definition. Excluded materials are extra copies of documents kept only for reference, stocks of publications and processed documents, and library or museum materials intended solely for reference or exhibit.

ORM

Acronym of the Office of Records Management

Presidential Record

The term "Presidential records" means documentary materials, or any reasonably segregable portion thereof, created or received by the President, his immediate staff, or a unit or individual of the Executive Office of the President whose function is to advise and assist the President, in the course of conducting activities which relate to or have an effect upon the carrying out of the constitutional, statutory, or other official or ceremonial duties of the President.

Record

Records include all books, papers, maps, photographs, machine-readable materials, and other documentary materials, regardless of physical form or characteristics, made or received by an Agency of the United States Government under Federal law or in connection with the transaction of public business and preserved or appropriate for preservation by that Agency or its legitimate successor as evidence of the organization, functions, policies, decisions, procedures, operations, or other activities of the Government or because of the informational value of the data in them. A record covers information in any medium, and includes operational logistics, support and other materials created or received by the agency.

FOR OFFICIAL USE ONLY

GEORGE W. BUSH PRESIDENTIAL RECORD

OAP00047834

Sign up to vote on this title
UsefulNot useful