In this multi-dimensional world of business information, where information is created, captured, accessed, shared and managed globally, there is potential for chaos. By chaos, I mean lost or missing information, information that is inaccessible, information that is not findable—well, you get the picture. There are numerous ways information chaos can make its presence felt. It is in these times when people will complain, seek other means of working with information and begin to chant, “We have to do a better job of controlling this!” What they are saying is, “Let there be governance.”
Information governance (IG) is made up of a combination of people, policy, process and technology. Corporate policies for managing records and protecting information may be included as part of an overall information management strategy or they may stand alone within an information governance policy.
AIIM research, from its Industry Watch Report titled “Information Governance – records, risks and retention in the litigation age,” shows that many organizations are working to achieve a uniform policy across the enterprise; yet, progress varies. Fifteen percent of respondents indicate they have some level of a governance policy in place, and 33% have indicated they are working on a corporate-wide view of governance.
Information governance (IG) is made up of a combination of people, policy, process and technology. Corporate policies for managing records and protecting information may be included as part of an overall information management strategy or they may stand alone within an information governance policy.
AIIM research, from its Industry Watch Report titled “Information Governance – records, risks and retention in the litigation age,” shows that many organizations are working to achieve a uniform policy across the enterprise; yet, progress varies. Fifteen percent of respondents indicate they have some level of a governance policy in place, and 33% have indicated they are working on a corporate-wide view of governance.
Consider this
Progress is being made on the formulation of IG policies that can be applied across the enterprise with a key driver of preventing escalating legal and compliance costs. Non-alignment of policies for records as a whole is an issue, and even where an IG policy exists, non-enforcement is a problem. This is particularly true when it comes to dealing with records that are beyond their retention period.
There is considerable interest in automated classification mechanisms for use both at the time of record declaration and as a way to improve the metadata of existing content. This approach not only improves searchability and findability but also helps to exploit retention periods as a way to decrease storage volumes.
Progress is being made on the formulation of IG policies that can be applied across the enterprise with a key driver of preventing escalating legal and compliance costs. Non-alignment of policies for records as a whole is an issue, and even where an IG policy exists, non-enforcement is a problem. This is particularly true when it comes to dealing with records that are beyond their retention period.
There is considerable interest in automated classification mechanisms for use both at the time of record declaration and as a way to improve the metadata of existing content. This approach not only improves searchability and findability but also helps to exploit retention periods as a way to decrease storage volumes.
Email management is still a major concern and is one of the key areas for the application of automated classification and retention management when addressing governance over multi-channel input mechanisms.
What to think about
Look to your existing policies and seek to align them with your operational requirements. Develop an up-to-date IG policy that is supported across the enterprise, and if you do not have one, kick off a project to create one. IG is the responsibility of all employees, not just something for the records management or compliance departments. Set up an IG committee with representation from all areas of the business. If you are not sure where to begin, seek professional assistance and expertise.
In my view
The need for IG is a reality that has not been appreciated nor its importance realized for years. IG is one of those areas viewed as someone else’s responsibility, like records managers, when in reality, it is the responsibility of all employees to protect and properly manage corporate knowledge assets.
While it is good to see a focus on IG and hear that many organizations are moving in a direction where IG becomes part of the overall information management environment, it is the combination of people, policy, process and technology that will get them there. A policy needs to be developed, processes designed to support the policy, people trained on both policy and adherence and technology implemented to minimize the potential of risk.
Good governance is good business. Getting the organization focused and mobilized on establishing and maintaining sound governance practices is important. Efficiency, productivity, security and risk management all fall under the realm of IG. Frustration, risk, inefficiency and productivity loss can result from poor IG.
Answer the call of the people. Let there be governance!
Bob Larrivee is vice president of market intelligence at at AIIM and an internationally recognized subject matter expert and thought leader with over 30 years of experience in the fields of information and process management. He is an avid techie with a focus on process improvement and the application of advanced technologies to enhance and automate business operations. Follow him on Twitter @BobLarrivee.