As a speaker at many technology events, it’s always fun to see the reaction the phrase “information governance” elicits — I’ve seen everything from eye rolls to head nods. “Easy for you to say — try and implement it!” said one particularly feisty individual. “Yeah, we are still trying to figure it out,” grumbles another. I am employed by a developer of an enterprise content management (ECM) software vendor and clients constantly express that they are overwhelmed by the wealth of their own information: “What should we keep? What should we purge? How do we manage information so that it becomes an asset rather than a liability? How can we use our information to operate more successfully? What controls do we need to put into place?”
While many approach information management from a technology nuts-and-bolts standpoint, what is not often addressed is the top-down, strategic management of information. I like to explain it this way: You’ve seen the trees, now let’s view the forest.
Step back for a second and consider the adaption of information management within an enterprise. When your organization first implemented information management, I bet it was all about “finding and filing”. You had paper files, electronic documents, etc. and you had to put them somewhere where you could easily find them. Essentially, you were setting up a central point of information control.
Then you started to consider how much valuable information that can be found in your business critical applications like your ERP, CRM, GIS and you thought about your users and the fact they had to toggle around three or four applications to get the information they needed to do their job. You then made the bold move of using your content management system as a sort of integrative middleware, so the information delivery to your users became much more dynamic.
You’ve approached information management from an enterprise technology perspective and you are rightfully proud of the way you provide services to your users. Then it happens (insert ominous music here), an e-discovery request is made, a new compliance initiative rears its ugly head, or you get notification of an audit … So now what?
It’s time for top-down. It’s time to plan an information governance strategy.
Governance roadmaps and frameworks
Every organization or enterprise has an overarching goal. To reach this goal it is necessary to coordinate activities and make a plan. In today’s economic climate, that goal may be simply to survive. In order to increase its chances for survival, an organization must be agile. In order to be agile, an organization needs its “information lifeblood” to be available, consistent and reliable.
This information is an asset to the organization because it allows better decision making. But at the same time information needs to have some controls around it. Simply put, in order to be more agile, organizations must better manage their information by putting a governance strategy into place.
Governance implementation is often thought of as a journey. Much like you won’t reach your organization’s goals in a few days you won’t solidify your governance plan in a couple of meetings. I’ve read a lot of material that suggests that one should create a road map for governance. While this is useful, I like to think of governance as a framework. A framework is an incomplete, though concrete, solution to a recurring problem. A framework has physical components upon which the user may build elements. Frameworks allow policies to be created, conflicts to be resolved and are flexible enough to foster the provision of services to business units. Simply put, information frameworks allow us to put structure around how we align control and agility.
The information governance framework has four parts: people, policies, technology and risk management. People and policies are the organizational enablers, supported by the discipline of risk management, which is shored up by technology. This allows resources and risk to be managed while fostering the creation of information value. Much like blood pumping thru the body, this information gives the business units power and agility. Ultimately, the goal of the governance framework is two-fold: compliance and value creation. A controlled yet flexible governance framework fosters agility in business processes and service delivery.
The Fab Four
The four areas of governance are important enough to discuss in more detail. Every successful information management endeavor that we’ve seen has been organized in this manner. Implementing a governance structure allows your organization to be proactive rather than reactive.
People – It’s so important to start with the human element. The success of any organizational endeavor is directly linked to the engagement of the members of the organization. If the needs of management and staff aren’t considered, you might as well shut off the lights and go home. Information management is truly a collaborative process. Make sure you have executive sponsorship, but don’t forget to engage your consumer in the strategy.
Be reflective of the needs of your clients rather than definitive. Use IT as the enabler, but it’s not always necessary that they take the lead. The most successful strategic implementations form a stakeholder committee that includes department heads, consumers, legal, technologists and records managers. But, before you put together a large group, let me caution you: Although all organizations want governance decisions to represent the interests of all stakeholders, the best committees assign clear responsibilities for each decision to individuals who can accept accountability for outcomes.
A good governance structure allows staff to work in the most efficient and effective way possible by giving them access to information assets. And don’t forget about usability. If implementations of information management controls are cumbersome, they will fail. It’s amazing how easily staff will get around your controls or refuse to use your system if it isn’t useful. The reason most information governance efforts falter is they didn’t take the business units methods of working in mind.
Policy – There’s no one-size-fits-all suggestion I can make in terms of governance policies, but I have a few suggestions. Instead of focusing on limits, focus on outcomes. When you approach policy-making in this manner, your business units are much more likely to cooperate as they will see value.
Rather than have staff members wait in line at a records counter for information, consider implementing a controlled system that allows instant, individualized information access. This way it’s less about lock-down and more about empowerment.
Approach your information like an asset, from a portfolio perspective. You don’t look at your bank account in terms of individual one dollar bills; don’t view your information that way.
Finally, consider standardization. Metadata or data about data is your information DNA. Consistency here will pay dividends and make compliance and auditing less painful. Standardization is an enabler of agility. By standardizing foundational components, you become more agile.