Data and Records Management as a Service

Many organizations do not have the necessary professional resources to adequately address the topic of data and records management. Although the problems are often known (insufficient data quality, redundancies, uncertain legal compliance), responsibilities for these issues are unclear. These are neither typical IT nor specialist topics. Information governance is a leadership discipline that usually does not have a “caretaker”, unfortunately. Consequently, overarching issues are handled within individual departments, although they should be addressed organization-wide. In addition, the expertise is often lacking.


Why not buy a service?

KRM has been familiar with the aforementioned topics for years and has gained experience from projects with organizations from all industries and of different sizes. KRM offers services that support the customer in building up internal capabilities and to competently perform the necessary tasks. The benefits of a service provided by KRM are as follows:

Immediate access to KRM’s vast experience

Know-how transfer to your own organization

Development of the necessary capabilities in your organization

Experienced contact persons from the technical level up to the board of directors (Board)

Immediate availability of know-how

Profound knowledge of methodologies and standardized procedures (MATRIO Method®)

Cost-effective, as no need to build up internal personnel resources

Coverage of all themes, from technology up to strategic information governance topics

Product know-how (ECM/DMS, Cloud, Signatures, Workflows, Compliance Tech)


Services content

While we shape the services according to your needs, we offer the following packages as an initial setup:

Document and information management

The RM Service for “Document and Information Management” provides the following deliverables*.

  • Information lifecycle management for information objects. For records and information objects, lifecycles are designed and implemented for in coordination with a file plan/ordering system.
  • Digital Asset Management
  • Business analysis for document management incl. Requirements engineering tasks (gathering and documenting requirements using common methods such as use cases)
  • Development of migration concepts
  • General consultancy on information governance.

Records Management incl. electronic archiving

The RM Service for “Records Management incl. electronic archiving” provides the following deliverables*.

  • Consultancy services on records management systems and architectures in the OAIS standard
  • Process modeling and process documentation using common methods (UML or BPMN)
  • Provisioning of technical expertise on records management and archiving systems incl. digital long-term archiving systems according to OAIS
  • Provisioning of organizational know-how on records management (roles & responsibilities)
  • Development of guidelines and work instructions (policies) incl. Introduction
  • Development of working tools for lifecycle management (filing systems, taxonomies, classifications, retention schedules, file plans, registries)
  • Product evaluation and tenders
  • Operating concepts (with service partners)
  • Legal clarifications and compliance advice
  • Training and Awareness

Customer Enabling

This service includes the activities necessary for transformation and knowledge transfer. It should enable the customer to integrate the jointly acquired knowledge, the processes and the developed specifications into the internal organization*.

*The service description and detailed definition of the content takes place during the commissioning of the service.


Setup and operation of the services

The service setup and operation of the services are performed according to the following model:


Everything about data protection

Dealing with data risks: Data breach notification

Dealing with data risks: Data breach notification

A data breach notification or "data breach notification" refers to the process by which an organization or company is required to notify the relevant data protection authorities and, if applicable, data subjects of a data breach that is likely to result in a high risk...

read more

Dr. Philipp Dannacher, Lawyer


“Mastering personal data is a must for the data protection practitioner. The krm not only teaches the theory, but also impressively shows which state-of-the-art tools can be used to locate and delete personal data.”

Michael Rumpf

finform AG

“The event was characterized by many questions and an interesting exchange of opinions. The time flew by and there was a lively discussion at the subsequent reception. At the end of the event, a raffle was held among the participants to win an Information Governance Guide. I can only recommend the krm event and am already looking forward to the next one.”

Fabian Döbeli

Info Nova AG

“A lot of practical know-how was imparted in a compact form and the best part – not only was the presentation handed out on a USB stick, but even templates for DPAs ” (data processing agreements)


Call: +41 44 888 10 11

or by mail to