This chapter provides details about choices that must be made before setting up a retention system.
It also provides a broad overview of the tasks needed to set up a retention system. Use the information in this chapter as a reference to those tasks that need to be done. For detailed conceptual and reference information pertaining to these tasks, see the other chapters in this guide.
If you are unclear about any of the tasks in this chapter, consult the detailed task information in the later chapters in this guide.
Important:
You must configure all defaults, including any necessary categories, dispositions, and triggers, before checking in content that will use those defaults.This chapter covers the following topics:
Section 3.10, "Configuring Content Triggers, Dispositions, and Freezes"
Permissions:
Specific permissions are required to perform the tasks described here. For details about the required permissions, see the tasks outlined in later chapters of this manual. In general, users with the Record Administrator role should be able to perform the majority of these tasks. For details about rights and roles, see Chapter 5, "Security Overview".Before setting up the system, review Chapter 2, "Understanding Retention Management." It provides an essential overview to the concepts and vocabulary used in a retention management system.
Depending on the cache settings for your browser, you may need to either restart your browser or clear the cache settings in order to view changes that are made to the configuration. For example, if you enable Offsite Storage functionality, you may need to clear the cache settings and restart your browser for the appropriate options to appear on the Physical menu. The same is true if you disable functionality in order to remove the options.
When using Records with a Safari browser, menus can appear behind the icons for the Admin Applets. Therefore, if you select Administration then Admin Applets then select Records or Physical, the options on the Records or Physical menu appear behind the icons for the Admin Applets. This is a known problem and Oracle is working to solve this issue.
When using the IBM WebSphere Application Server (WAS) in a browser using tabs, the login/logout process performs differently than in browsers not using tabs. Authentication is not set at the "tab level" but rather at the "browser level." For example, consider this scenario:
Oracle WebCenter Content and Oracle WebCenter Content: Records are installed in the same cell on WAS.
A user logs in to Oracle WebCenter Content then opens a new tab and enters the Records system URL in the browser.
That user is automatically logged in to the Records system with the same permissions as when that user logged in to Oracle WebCenter Content. There is no need to re-authenticate.
If the user logs out of the Oracle WebCenter Content system, the user is also automatically logged out of the browser tab session for the Records system. This is reflected on the next action or when the tab is refreshed.
This section describes how to configure your Fusion Middleware product to handle authentication and authorization, and other aspects of application security.
Oracle WebCenter Content uses the Oracle WebLogic Server user store to manage user names and passwords, so most user management tasks must be performed with the Oracle WebLogic Server user management tools instead of Oracle WebCenter Content's User Admin applet. User logins must be created on Oracle WebLogic Server and the default Oracle WebLogic Server users should not be used for the Records system.
Oracle WebCenter Content and workflow services use Java Platform Security (JPS) and the User and Role API. Oracle Internet Directory stores user and group information. When Oracle WebCenter Content uses Oracle Internet Directory, the Oracle Internet Directory Authentication provider must be the first provider listed in the security realm configuration.
If the Oracle Internet Directory Authentication provider is not listed first (for example, it is listed below the Oracle WebLogic Server provider, DefaultAuthenticator), then login authentication fails. You can use the Oracle WebLogic Server Administration Console to change the order in which the configured Authentication providers are called.
When you use Oracle Internet Directory, all administrator and other users must be defined in Oracle Internet Directory.
Oracle WebCenter Content assigns an administrator role to users defined in the internal Oracle WebLogic Server user store. This is true regardless of whether Oracle Internet Directory is used or not used. However, if you use Oracle Internet Directory and if the OID Authentication provider is not listed first then any request by Oracle WebCenter Content to retrieve the roles of the Oracle WebLogic Server defined administrative users will fail.
See "Managing Security and User Access" in the Oracle WebCenter Content System Administrator's Guide for Content Server for more details about security and user accounts. See Oracle Fusion Middleware Securing Oracle WebLogic Server and Oracle Fusion Middleware Application Security Guide for details about LDAP providers.
For Windows Native Authentication through Kerberos to work, you must redeploy Oracle WebCenter Content: Records.
First create then save an .xml file for the Oracle WebCenter Content: Records domain type that includes the following information. Save the file as urm.xml:
<?xml version='1.0' encoding='UTF-8'?>
<deployment-plan
xmlns="http://xmlns.oracle.com/weblogic/deployment-plan"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.oracle.com/weblogic/deployment-plan
http://xmlns.oracle.com/weblogic/deployment-plan/1.0/deployment-plan.xsd"
global-variables="false">
<application-name>urm.ear</application-name>
<variable-definition>
<variable>
<name>url-pattern</name>
<value>/*</value>
</variable>
<variable>
<name>http-only</name>
<value>false</value>
</variable>
</variable-definition>
<module-override>
<module-name>urm.war</module-name>
<module-type>war</module-type>
<module-descriptor external="false">
<root-element>web-app</root-element>
<uri>WEB-INF/web.xml</uri>
<variable-assignment>
<name>url-pattern</name>
<xpath>/web-app/security-constraint/[display-name="UCMConstraint"]/web-resource-collection/[web-resource-name="idcauth"]/url-pattern</xpath>
<operation>replace</operation>
</variable-assignment>
</module-descriptor>
<module-descriptor external="false">
<root-element>weblogic-web-app</root-element>
<uri>WEB-INF/weblogic.xml</uri>
<variable-assignment>
<name>http-only</name>
<xpath>/weblogic-web-app/session-descriptor/cookie-http-only</xpath>
</variable-assignment>
</module-descriptor>
</module-override>
</deployment-plan>
As administrator, log in to the Oracle WebLogic Server Administration Console.
Click Deployments in the Domain Structure navigation tree.
Click the Control tab then Next until you see the Records Management deployment.
Select the checkbox to the left of that deployment.
Click Update.
Under the Deployment Plan Path, select Change Path.
Navigate to and select the urm.xml file just created.
Verify that Redeploy this application using the following deployment files is selected.
Click Next.
Click Finish.
In almost all cases, you want to reassociate the identity store with an external LDAP server rather than use the default embedded LDAP:
You can configure Oracle Fusion Middleware to secure communications between Oracle Fusion Middleware components using SSL, which is an industry standard for securing communications. Oracle Fusion Middleware supports SSL version 3, as well as TLS version 1:
| For Information On... | See The Following Guide... |
|---|---|
|
Configuring SSL with Oracle Fusion Middleware: Web Tier, Middle Tier, and Data Tier |
|
|
Configuring SSL with Oracle WebLogic Server |
Oracle Fusion Middleware Security Oracle WebLogic Server Guide: Chapter 12, Configuring SSL |
Oracle Access Manager (OAM), part of Oracle's enterprise class suite of products for identity management and security, provides a wide range of identity administration and security functions, including several single sign-on options for Fusion Middleware and custom Fusion Middleware applications. OAM is the recommended single sign-on solution for Oracle Fusion Middleware 11g installations.
If your enterprise uses Microsoft desktop logins that authenticate with a Microsoft domain controller with user accounts in Active Directory, then configuring SSO with Microsoft Clients may also be an option to consider.
The setup required for these SSO solutions is described in the following documents/sections:
Table 3-3 Single Sign-on Documentation
| For Information On... | See The Following Guide... |
|---|---|
|
Configuring OAM |
|
|
Using Windows Native Authentication for Single Sign-on |
Oracle WebLogic Server Admin Console Help: Configure Authentication and Identify Assertion Providers |
WebLogic Web Services are implemented according to the Web Services for Java EE 1.2 specification, which defines the standard Java EE runtime architecture for implementing Web Services in Java. The specification also describes a standard Java EE Web Service packaging format, deployment model, and runtime services, all of which are implemented by WebLogic Web Services.
Software configuration should be done before configuring any other aspects of the software. By choosing specific options, specific components are enabled and ready for use. To view details about the components that are installed and the disposition actions enabled with each option, click the i button next to the option.
The following options are available for installation:
Folders Retention: Enables functionality to apply retention rules for deletions of items stored together in a retention query folder. This functionality is described in detail in the Oracle WebCenter Content Application Administrator's Guide for Content Server. See Chapter 10, "Setting Up a Retention Schedule" for a summary of this feature.
Minimal: Enables the minimal amount of functionality and excludes some disposition actions and most of the product features. This is the default when the software is enabled.
Typical: Enables all disposition actions and all features except for DoD Configuration, Classified Topics, FOIA/PA tracking (Freedom of Information Act/Privacy Act), and E-mail.
DoD Baseline: Enables the features from a Typical installation with the addition of DoD Configuration and E-mail.
DoD Classified: Enables all features except for FOIA/PA.
Custom: Enables the ability to choose a variety of features. Note that some disposition actions are dependent on other actions. If an action is selected, dependent actions are also automatically selected.
The only way to enable FOIA/PA tracking is by using the Custom configuration option. Note that if the FOIA/PA functionality is installed, fast index rebuilds may not be possible. Deselect the Fast Index Rebuild option when using FOIA/PA. If you install FOIA/PA after the system has been in use, you should rebuild the index.
Use this procedure to set the software configuration:
Permissions:
The Admin.RecordManager right is required to perform this action. This right is assigned by default to the Records Administrator role.Choose Records then Configure then Enabled Features from the Top menu.
The Enabled Features Page opens.
Select the type of configuration to perform. After selection, the feature and disposition options at the bottom of the page appear with the checkbox selected, indicating which choice is included. If Custom is selected, you can choose which features and dispositions to be enabled.
Click Submit.
Important:
You must configure all defaults, including any necessary categories, dispositions, and triggers, before checking in content that will use those defaults.Note that if DoD functionality is enabled by using either DoD option (or a customized option that enables DoD features), then some features will automatically be enabled as well. For example, when creating custom search templates, the Security Classification status of a content item will always be displayed whether or not the classification was chosen for inclusion in the template. It is a requirement of the DoD specification that the classification level always be displayed in a search result.
After making selections or changing options (for example, switching from Baseline to Classified), restart Content Server. Depending on the search options in use, the index may also need to be rebuilt. See the Oracle WebCenter Content System Administrator's Guide for Content Server for details about restarting the system and rebuilding the index from the Repository Manager.
If a component is disabled, the data used with that component is not deleted. If the component is enabled again, the old data can still be used.
After choosing the features to use, certain options must be configured in order for the system to work properly. If not done, a warning messages appears indicating that the setup is incomplete.
To complete the configuration, click the link in the warning message. The Setup Checklist Page opens. This page shows a series of links to other pages where configuration selections can be made. When done configuring, select the checkbox next to an option to indicate the completed task. Depending on the action, it may be necessary to refresh the frame in order to view the completed tasks.
You can also access the Setup Checklist Page by choosing Records then Configure then Setup Checklist from the Top menu.
You must configure all defaults, including any necessary categories, dispositions, and triggers, before checking in content that will use those defaults.
Important:
If File Store Provider is needed to check in templates, set up the File Store Provider first and then check in the templates. To install a file store provider, click Install Default Templates (Category Defaults, Reports, Dashboards, etc.) on the Setup Checklist Page. See the Oracle WebCenter Content System Administrator's Guide for Content Server for details about using File Store Provider.If the configuration of the system changes (for example, switch from DoD Baseline to Typical) reconfigure the options needed for the level of functionality that is enabled.
The required options include:
Set configuration variables: Several optional variables can be changed.
Define default metadata: Some content items are automatically checked in to the repository such as audit entries and screening reports. In order for them to check in properly, choose default metadata for the content. For example, if a DoD installation level is chosen then the default metadata must include the Category or Folders metadata field.
Configure the installation: Before using the system, complete the installation steps outlined in Section 3.3, "Software Configuration."
Configure the security settings: Determine the appropriate roles, rights, and user permissions to perform certain tasks. For details, see Chapter 5, "Security Overview."
The other configuration options on this page can be performed in any order. These options are discussed in the remainder of this chapter.
When finished setting configuration options, click Submit. To clear the options selected, click Reset.
The following list provides an overview of the steps needed to set up the retention software. The steps should be followed in the order given. For example, you must define triggers and periods before disposition rules, because when you define a category and its disposition rule, you include references to triggers and periods.
This checklist spans multiple sections of this guide. With the table of contents and index, this checklist also serves as a documentation road map for finding the information needed.
Tip:
To record your actions while setting up and configuring the system, you may want to configure the audit trail first. See the Oracle WebCenter Content Administrator's Guide for Records for details. All user actions are set to be recorded by default.Setup tasks include the following topics. Some of these tasks may be optional depending on your organization. The information is provided so you can determine if the step may be useful or not.
Determine additional security settings. For overview information, see Section 3.6.2, "Classification Security Settings" and for details, see Chapter 6, "Additional Security Settings."
Configure system settings. For an overview, see Section 3.7, "System-Wide Configuration" and the following sections for details:
For financial and accounting information, see Section 7.1.1, "Setting the Fiscal Calendar."
To define the time associated with retention or disposition of retained content, see Section 12.2, "Managing Time Periods."
To set up any custom fields required, see Section 13.1, "Managing Custom Metadata."
Set up the retention schedule. For an overview, see Section 3.9, "Setting Up a Retention Schedule" and the following sections for details about configuring the organization of content. This includes:
Managing the view of different retention schedule hierarchies. For details, see Section 10.2.1, "Managing a Series."
Defining security settings and disposition instructions for that category. For details, see Section 10.3.1, "Managing Retention Categories."
Defining folders used in the retention schedule. For details, see Section 10.4.2, "Managing Record Folders."
Determine how content will be handled. For overview information, see Section 3.10, "Configuring Content Triggers, Dispositions, and Freezes" and the following chapters for details:
Using triggers to initiate events affecting content. For details, see Section 11.2, "Managing Triggers."
Defining the sequence of actions to be performed on items during their life cycle. For details, see Chapter 14, "Defining Disposition Instructions."
Inhibiting disposition processing. For details, see Section 15.1, "Managing Freezes."
Establish relationships between content. See the Oracle WebCenter Content User's Guide for Records for details about establishing links between content items.
Additional tasks discussed in the Oracle WebCenter Content Administrator's Guide for Records include importing and exporting archives and configuring the audit trail, which tracks activities. In addition, workflows can be created to track requests made under the Freedom of Information Act (FOIA) and Privacy Act (PA) if that software is enabled. See the Oracle WebCenter Content Administrator's Guide for Records for details.
After configuring the software, users with the appropriate rights can file, search, and link content and generate retention schedule reports. For more information, see the Oracle WebCenter Content User's Guide for Records.
The core processing performed by records administrators during the use and maintenance phases of the content life cycle, such as screening and cycling content, is discussed in the Oracle WebCenter Content Administrator's Guide for Records.
Multiple layers of security are available to control access to content. System security combined with security permissions and privileges for users allow you to customize the security easily. The intersection of all security mechanisms in place are used to determine user privileges with the strictest setting prevailing. See Chapter 5, "Security Overview" for complete details.
This section discusses the following topics:
Overall security settings are configured on the Configure Retention Settings Page. The default values on that page are based on the installation level that was chosen. Security preferences set on that page are in addition to those provided with Oracle WebCenter Content. PCM security is set using the Records system security measures.
Important:
After your production environment is underway, we recommend you do not change the security settings for ACLs or the default Oracle WebCenter Content security. Doing so can cause unforeseen consequences.To configure what security settings are enabled, choose Records then Configure then Settings from the Top menu. The Configure Retention Settings Page opens.
To use Access Control List Security, select ACL-based security.
To activate the default security, select Default Content Server security on Categories, Folders, and Triggers.
(Required for DOD 5015.2 compliance): To use supplemental markings, select Supplemental Marking. For more information, see Section 6.4.1, "Supplemental Markings Details." To make users match all supplemental markings, select User must match all Supplemental Markings. To allow a user to match only one supplemental marking, deselect the checkbox.
To create custom security fields, select Custom Security Fields.
To use classified security, select Classified Security. For more information, see Section 6.1.1, "About Records Classification."
When done, click Submit Update.
Supplemental markings, classifications, and classification guides provide further security and are used to organize documents that are considered classified, for either government or corporate purposes.
See Chapter 6, "Additional Security Settings" for complete details about additional security settings. This section covers the following topics:
To disable use of supplemental markings as a security feature, deselect the Supplemental Markings box on the Configure Retention Settings Page and do not assign the markings to users.
When supplemental markings are assigned to users, even if a user has access to a specific record folder, the supplemental marking further restricts access to record folders and content. In circumstances where a record folder or item has multiple supplemental markings, it can be required that a user match all assigned supplemental markings to access the item. When Match All is disabled, if a user matches just one of the multiple supplemental markings, the user can access the object.
Two special supplemental markings, Restricted and Formerly Restricted, can be used to disable the following classification-related metadata fields on the content check-in and metadata update pages:
Declassify on event
Declassify on date
Downgrade instructions
Downgrade on event
Downgrade on date
You can enable and disable supplemental markings at any time. To enable markings, select Supplemental Markings on the Configure Retention Settings Page. See Chapter 6, "Additional Security Settings" for details.
Security classification can be an additional way to restrict access to content by using supplemental markings and custom security fields.
Several classification features are available to handle and process classified content in accordance with the Chapter 4 requirements of the DoD 5015.2 specification. Several built-in classifications (Top Secret, Secret, and Confidential) are available, but custom classifications can also be created. For details, see Section 6.1.2.2, "Creating or Editing a Custom Security Classification."
Content is either classified, unclassified, or declassified. Classified content has an initial classification and a current classification. Unclassified content is not and has never been classified. Declassified content was formerly classified.
The standard security categories (classification scheme), from highest to lowest, are Top Secret, Secret, Confidential, and No markings (that is, unclassified).
Like supplemental markings, classified security can be enabled or disabled at any time. After enabling, custom security classifications can be created. If any additional security classifications are created, indicate the classification place within the marking hierarchy. For further information, see Section 6.1.2.3, "Setting the Order of Security Classifications."
To enable security, select Classified Security on the Configure Retention Settings Page. Click Submit.
Caution:
Disabling classified security puts sensitive classified information at risk of being accessed by unauthorized people. After your classified security is in force, it is recommended that you do not disable it.Classification guides (and their associated topics) enable convenient implementation of multiple classification schemes. They are used to define default values for classification-related metadata fields on the content check-in page such as:
Initial Classification: (xInitial Classification)
Reason(s) for classification: (xClassificationReason)
Declassify exemption category: (xDeclassifyExemptionCategory)
Declassify on event: (xDeclassifyOnEventDescription)
Declassify on date: (xDeclassifyOnDate)
Using classification guides makes checking in classified content easier and more consistent, with similar content having the same classification metadata. Classification guides can be further refined by adding topics within a guide. For complete details, see Section 6.3.2.4, "Creating or Editing a Classification Topic."
The following security elements are used to define user roles and permissions:
Predefined user roles, discussed in detail in Section 5.2, "Roles." Each of these predefined roles comes with a default set of permissions and rights, but these can be modified to suit specific needs. These include the following roles:
rma, generally assigned to basic users. It allows them to perform basic management tasks. In this documentation, Records User is a term used to designate the person given this role.
rmalocalrecordsofficer, generally assigned to users who need access to additional functionality (for example, creating triggers or folders, and modifying content attributes). In this documentation, Records Officer is a term used to designate a person given this role. In previous versions of this product, this was the Records Privileged role.
rmaadmin, generally assigned to administrators who set up and maintain the infrastructure and environment. In this documentation, Records Administrator is a term used to designate the person given this role.
pcmrequestor, generally assigned to users who have all the permissions assigned to basic users without a PCM role but are also granted additional rights to perform some functions not allowed for basic users (for example, making reservations for physical items). Users with the pcmrequestor role have read and write permissions (RW) for the special RecordsGroup security group. In this documentation, PCM Requestor is a term used to designate a person given this role.
pcmadmin, generally assigned to administrators who are responsible for setting up and maintaining the physical content management infrastructure and environment. These users have the widest range of rights to perform physical content management tasks (for example, setting up the storage space, editing and deleting reservations, and printing user labels). Users with the PCM Administrator role have read, write, delete, and admin permissions (RWDA) for the special RecordsGroup security group. In this documentation, PCM Administrator is a term used to designate a person given this role.
Rights control access to functions assigned to user roles. The predefined roles have a default set of rights assigned to them, but the rights can be modified to restrict or expand their access to functions. For details, see Section 5.11, "Assigning Rights to User Roles."
Security groups define security on a group of content. This software comes with a predefined security group called RecordsGroup. Users with the predefined Records User or Records Officer roles have read and write permission (RW) to the RecordsGroup security group. Users with the Records Administrator role have read, write, delete, and admin permission (RWDA) to this security group. For details, see Section 5.6, "Security Groups."
Access control lists (ACLs) manage the security model on dispositions (ACLs are an optional feature available during configuration).ACLs can be assigned to folders, triggers, and retention categories. ACLs are used to control user and group access permissions for triggers, categories, and folders. The ACL can be assigned for each category, folder, and trigger that is created. For details, see Section 5.8, "Access Control Lists (ACLs)."
Rights define what actions users can perform on content items. To assign rights to user roles, choose Admin Applets from the Administration menu.
Click the User Admin icon and choose Security then Permissions by Role from the menu. Click the role to review or modify. Click Edit RMA Rights then set the appropriate rights by selecting checkboxes on the various tabs. Click OK when done.
For details, see Section 5.11, "Assigning Rights to User Roles."
This section describes configuration procedures used by administrators to set up the software. Certain configuration procedures described here and in other chapters may also apply to other users if they have been given the appropriate rights. The required rights for each procedure are described in Chapter 7, "Configuration Options," where these procedures are discussed in detail.
The following list highlights several tasks accomplished by using options on the Configure Retention Settings Page. To access that page, choose Records then Configure then Settings from the Top menu. For complete details about all the options, see Section 7.1, "Retention Options."
Set the fiscal calendar used by the organization for financial and accounting purposes. Specify the start date of the fiscal year once, unless the fiscal start date changes or the start date varies from year to year.
Configure e-mail notifications sent to users that indicate that items require a review or that a pending disposition event requires attention.
Enable or disable user-friendly captioning. If disabled, standard DoD 5015 disposition are used on the Disposition Information page and Disposition Rule screen. The DoD screening query language is used in the Criteria boxes of the screening pages.
Note:
User-friendly captions are used on most of the screen depictions in this guide.Enable supplemental marking security on content, record folders, and users. For more information, see Section 6.4, "Supplemental Markings."
Enable the classified security feature as required for agencies conforming to the Chapter 4 Classified Records section of DoD 5015.2 specification. This feature can also be used by corporations and other entities who use a classification scheme to designate specific items as important, secret, and so on. When enabled, the Security Classification Fields show on the Configure Retention Settings Page. Deselect this checkbox if it is not required.
Several aspects of PCM should be set up in order to use the system. These include:
Set up the required PCM user roles and rights as discussed in Section 3.6, "Security Overview."
Configure the PCM environment including chargebacks, customers, and object types. See Chapter 8, "Configuring Physical Content Management".
Define the storage space environment. See Chapter 9, "Setting Up PCM Storage Space".
Define disposition rules for physical content, if required. See Chapter 15, "Setting Up Freezes".
See the Oracle WebCenter Content Administrator's Guide for Records for details about setting up barcodes and labels for processing reservations and invoices.
A retention schedule is an organized hierarchy of series, categories, and record folders used to cluster content into similar groups, each with its own retention and disposition characteristics.
This section discusses the tasks involved in setting up a retention schedule. It covers the following topics:
Plan to set up separate retention schedules for those items that require different dispositions. It is simpler to track items when they are sorted into appropriate categories and the category following a disposition.
Content is filed directly into a retention category, and can optionally be filed into a record folder under a retention category. The retention schedule is the top-most series node. The top node is created automatically by the system. The remaining retention schedule objects (series, folder, or category) are created by the Records Administrator.
A series is an optional construct created by the Records Administrator. It does not contain content, but rather is a method of grouping like categories.
A retention category is required, and it contains disposition instructions for processing content. A record folder is optional, and it also organizes content according to common features.
For complete details about planning and implementing a retention schedule, see Chapter 10, "Setting Up a Retention Schedule."
If an organization has many retention categories, setting up some series can assist with managing the view of the retention schedule hierarchies. Series can be nested within each other. Series are also useful for creating work-in-progress retention schedules because series can be hidden from users, which prevents users from filing any items into the hidden series. For details, see Section 10.2.1.1, "Creating or Editing a Series."
A retention category is a retention schedule object with defined security settings and disposition instructions. Retention categories cannot be nested within other retention categories. If ACLs (Access Control List) are on the retention category, the user must also be in the ACL to view or access the retention category.
For details, see Section 10.3.1.1, "Creating or Editing a Retention Category." For detailed instructions about disposition rules and disposition examples, see Chapter 14, "Defining Disposition Instructions."
Retention categories can be created at the root level.
Retained items have different metadata than regular content in the repository and are also associated with a disposition life cycle. A record folder organizes similar items within a retention category.
Multiple record folders can be stored in a category or can be nested within other folders. Record folders inherit disposition rules and security settings from their parent folder or category but can also have their own rules or settings. Supplemental markings can be set on a record folder and on users to further secure the record folder. Access Control Lists (ACLs) can also be applied to a folder.
Record folders also inherit review information from their parent category. The review information that takes precedence is at the lowest node (the shortest review period prevails), as in the case of nested record folders.
Record folder objects are unique because the folders for temporary retained items are destroyed with the items. The record folders also have a life cycle paralleling that of their content. Record folders must be re-created on a regular basis, a practice that is not typically true of series or categories in the retention schedule.
For complete details about tasks involved in managing record folders, see Section 10.4.2, "Managing Record Folders." Also see the Oracle WebCenter Content Administrator's Guide for Records for other record folder task information.
Record folders cannot be created at the root level.
Other retention elements can be configured to help manage content. Triggers are used to initiate the disposition of content in a specified way and at specified periods of time. Freezes can be applied to content as needed. Content can be kept frozen for specified amounts of time.
This section provides an overview of triggers, dispositions and freezes. For complete details, see Chapter 11, "Setting up Triggers,", Chapter 15, "Setting Up Freezes," and Chapter 14, "Defining Disposition Instructions."
This section covers the following topics:
Two types of triggers can initiate disposition processing:
System derived triggers are built-in triggers based on defined events such as a preceding action, retention period cutoff, or a change in content states.
Custom triggers can be created by Records Administrators to define specific events. Three types of custom triggers can be defined:
Global triggers, which occur at a defined time
Custom direct triggers, which use metadata fields as triggering events
Custom indirect triggers, which occur on a regular schedule
Custom triggers appear in the Triggering Events list of the Disposition Rules screen. For details about the different trigger types, see Section 11.2.1, "Creating or Editing a Trigger" and Chapter 14, "Defining Disposition Instructions."
Dispositions are predefined actions taken on content, usually for items no longer needed for current business. For details, see Chapter 14, "Defining Disposition Instructions."
A disposition is defined using instructions. An instruction usually follows this sequence:
When a triggering event occurs, wait a specified rentention period, then perform a specified disposition action.
Instructions are created within retention categories. Child folders and content items inherit dispositions from their parent retention category, but a disposition rule can be applied to a specific record folder only. Use the built-in disposition actions or create custom dispositions.
The following types of dispositions are available:
An event disposition is used if items are eligible for disposition when an event takes place. The event itself acts as a cutoff or closing occurrence.
A time disposition has a fixed retention period and begins with a user-defined file cutoff. The retention period must transpire before the disposition instruction takes action on the content.
A time-event disposition is a disposition instruction that begins with a specified triggering event. After the event has transpired, then the record folder or content item is cut off and the retention period is applied.
A disposition instruction is activated when a triggering event occurs. Events can be split into general categories:
Those based on a preceding action
Those based on a content state
Those based on an indirect trigger
Those based on a custom trigger
Each category has several different events. For example, content states include the Activated triggering event, the Delete Approved triggering event, Superseded triggering event, No Longer Latest Revision triggering event, and so on.
For a complete list of triggering actions, see Section 14.3, "Triggering Events."
The retention period is the interval of time after the triggering event before a disposition action is performed. Built-in period units are available or custom periods can be created. For details, see Section 12.2.1, "Creating or Editing a Custom Time Period."
A disposition action defines what happens after Triggering Events occur and Retention Periods, if any, have passed. Several built-in disposition actions are available or custom dispositions can be created.
Important:
The software does not perform the disposition action itself; rather, it sends an e-mail notification to the person responsible for carrying out the action.Actions can be separated into several categories:
General Actions: These include archive, cutoff, delete old revisions, no action, and so on.
Content Actions: These include Delete Previous Revision, Delete Revision, and so on.
Record Actions: These include Accession, Destroy, Expire, and so on.
Classified Actions: These include declassify, upgrade, or downgrade classification.
After configuring the types of dispositions, rules are created that are used by the dispositions when evaluating content. Rules apply to all content and record folders in a category by default. A disposition rule that applies only to a specific record folder can also be created. For details about different types of rules, see Section 14.9, "Disposition Examples."
Freezing content or a record folder inhibits disposition processing. In addition, metadata for the folder or item is also frozen.
You can predefine freeze types to better control the freeze/hold process. For details, see Chapter 15, "Setting Up Freezes."