Understanding Information Governance
Somewhere within a discussion of the merits of enterprise content management, the concept of information governance sneaks in. It’s not always well received and it’s often misunderstood. But for companies far along the maturity curve of digitizing and centralizing critical business documents and related content, information governance becomes part of the critical path to making the most effective use of information in support of helping the organization achieve its goals.
Much of companies’ reticence around information governance has to do with the amorphous definition of what exactly information governance is and more importantly, the confusion over what’s involved in making it happen.
Here’s how Wikipedia defines information governance:
“A set of multi-disciplinary structures, policies, procedures, processes, and controls implemented to manage information at an enterprise level, supporting an organization’s immediate and future regulatory, legal, risk, environmental, and operational objectives.” More than just traditional records management, Wikipedia lumps privacy attributes, electronic discovery requirements, storage optimization, and metadata management into the information governance domain.
Gartner’s definition is equally open-ended. It classifies information governance as:
“The specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival, and deletion of information.” Gartner’s vision for information governance also encompasses the processes, roles, standards, and metrics that promote effective information use so an organization can achieve its business goals.
Simplifying Information Governance
Both of the above definitions are quite a mouthful and to the many companies yet to be indoctrinated in the concepts and best practices surrounding information governance, the topic seems rather hard to digest. There are so many unknowns—for example, is information governance about business processes or is it a technology toolset? What kind of policies or rules are required to support an information governance program and who’s in charge of promoting it to the rest of the organization? Is this an IT initiative or is information governance led by other parts of the organization like legal or records management? Finally, if you can get the information governance ball rolling, how do you get it on the radar screen of C-level executives, who may be scratching their heads over what you’re talking about and as a result, skeptical about green lighting project funding?
All good questions to which there are answers, but no one-size-fits-all rule of thumb. The bottom line, according to information goverance experts and practitioners, is that an effective information governance program varies depending on the needs and goals of an organization. In addition, information governance, while certainly multi-faceted, also doesn’t need to be as complex as most companies make it.
By understanding some basic tenants and by identifying a clear business need, companies can reduce a lot of the FUD (fear, uncertainty, and doubt) around information governance. By focusing on a specific business objective, organizations can get right to the heart of why they’re pursuing information governance in the first place. Some common reasons: To ensure more timely access to critical business information, decrease information management costs, better protect sensitive data, reduce the risk of non-compliance, or facilitate more effective information sharing and decision making.
Information governance experts have identified some basic steps that will give an organization a head start in ensuring effective information governance:
Define roles and responsibilities. Information governance won’t work unless the proper parties are engaged. Companies need to formalize a program and communicate the responsibilities of each user constituency so everyone is clear on what their role is in terms of supporting the initiative.
Designate leadership. Without a high-level executive sponsor, an information governance program has no legs. It doesn’t necessarily matter if the leader hails from the business, IT, or legal, they just need to take a hands-on role making the business case for information governance. An information governance council can also be an effective leadership tool, helping to set and enforce policies created in tandem with the business.
Put policies and procedures in place. This could include everything from written policies covering how to create and change content taxonomies to retention schedules that specify how long information is kept that are automated by an ECM system.
Formalize metrics. Establish data quality and other metrics that will provide an indication of how the program is progressing. By measuring its impact and showing demonstrable value, you are more likely to foster buy-in and keep the program moving forward.
Organizations shouldn’t be overwhelmed by information governance nor let their confusion deter ECM deployments. With a little focus and some basic best practices, information governance can be digested without any organizational heartburn.
About the Author: