The second basic plot of the IG story is “fear, uncertainty, and doubt (FUD).” This story focuses on the risk side of IG. This has been a relatively easy story to tell in the past few years, with many massive business failures, data breaches and high profile court cases tied to IG shortfalls.
A note of caution about this plot: don’t overuse it. Many in the IG field are guilty of over-relying on the “sky is falling” argument to make their point. I have seen too many presentations in too many dimly lit conference rooms where the IG story starts with the same few slides detailing eye-popping court judgments, executives going to jail, and so on. This story can be effective, but it loses is power if it’s overused.
Both IG plots have merit. In fact, a recent survey of the Global 1000 conducted by the Compliance, Governance and Oversight Council found that enterprises expect to “reduce legal risk and enable compliance” as well as “increase IT efficiency and ensure routine data disposal,” as a result of the IG projects they are undertaking now.
Start in the right place
“Organisations become overwhelmed when they start recognising the many risks inherent in information mismanagement. ‘Trying to address them all at once can feel like trying to boil the ocean.’” –“The Future of Enterprise Information Governance,” Economist Intelligence Unit[i]
Some time ago, I had a client with over 10,000 poorly indexed, improperly stored, and nearly undocumented backup tapes. The metaphorical weight of these tapes around the neck of the poor folks trying to implement an IG program at the company was massive. How could they even begin to think about “easy” things like policy development when they had the problem of 10,000 legacy backup tapes to deal with?
Many organizations are in this position. They have so much unmanaged information in their environment that it effectively paralyzes them. It doesn’t have to be this way. In fact, organizations should focus first on building the foundation for their program (policies, procedures, etc), implementing those foundations (tools, training, etc.) and only then cleaning up their environment.
This isn’t the only way to approach IG, but it is a useful framework for organizations that are stuck.
This approach encourages organizations to build the “new world” of their IG program, and then bring old content into that world over time. This is a conceptual model since, in the real world, these things often happen simultaneously, in a different order, and faster or more slowly than we like.
In my next few columns, I’ll be providing several ideas on how you can make the case for IG at your organization. I will focus on the value that managing information can provide, and the way in which it can reduce risk associated with information mismanagement.
Barclay T. Blair is a consultant to Fortune 500 companies, software and hardware vendors, and government institutions, and is an author, speaker, and internationally recognized authority on a broad range information governance issues. He is the founder and principal of ViaLumina Group, Ltd. His blog, http://www.barclaytblair.com, is highly regarded in the information governance community. Barclay is the award-winning author of several books, including Information Nation., and is currently writing Information Governance for Dummies. Barclay is a faculty member of CGOC.