As digital information grows, so do the challenges and burdens of managing this mountain of data. Until recently, much of the industry has been focused on applying principles used to manage physical records, but they are now realizing that records management is no longer a sufficient solution. Companies are only now beginning to understand the importance of having an information governance program to manage electronically stored information across their organization as they drive new standards, controls, processes, disciplines and corporate objectives. This natural evolution to encompass a wide array of features and capabilities will continue to change the way that companies maintain their documents and ensure compliance across the organization and within their vertical industries.
RSD recently developed a monthly blog segment titled Influencer’s Corner where the team sits down with the industry’s top influencers to discuss all that is happening in the world of information governance. To kick this off, the RSD team recently spoke with the following industry influencers to discuss their thoughts on the current state of the information governance market, misconceptions, advice for companies looking to embark on information governance projects and industry predictions for 2015.
- Chris Walker, father of the Principals of Holistic Information Governance, an independent consultant and an analyst with Digital Clarity Group
- Bassam Zarkout, CTO of RSD, is a thought leader in the information governance space (conception, design, development and implementation), a frequent speaker at key industry events and a 20 year Information Governance veteran
- James Lappin, an independent records management consultant and trainer
- Robin Woolen, founder and principal consultant at The Records Guru®, IG industry veteran circa 1994
Continue reading for the influencers’ insight.
A Closer Look at Information Governance
Click through for information governance insights from industry experts, provided by RSD.
What is the definition of information governance?
From Robin Woolen: Information governance is a holistic and much broader view of how information is managed, maintained and accessed as it covers everything including emails, social media, vital records program and access to lists of employees/customers. Information governance involves how you secure information in an economical fashion across the board. There are many facets information governance includes, with records management fitting in as one of the underlying principles — as its entire life cycle is the foundation of information governance. The authoritative guide has gone a long way to help people understand exactly what information governance is and what information they need to prioritize.
From Chris Walker: My definition is really based on experience and customer engagements. I define information governance as follows: Information governance is all the rules, regulations, legislation, standards and policies with which organizations need to comply when they create, share and use information. The rules, standards and legislation are defined externally and internally. Information governance really is an extremely broad and overarching set of connected disciplines.
What are the biggest misconceptions of information governance?
From Chris Walker: All of the varying definitions from industry players have resulted in several misconceptions. For instance, look at ARMA; they are replacing records management with information governance while other vendors say that information governance is focused on e-discovery and litigation representation.
Personally, I think the single biggest misconception is that information governance is about minimizing legal damages. Information governance is far better served when it’s deployed as an offensive weapon, not defensive. The thinking must shift to, ‘how do I run my business better’ and ‘how do I better serve my constituents’ – if this is done properly, the negative and defensive piece falls into place.
Another misconception is that information governance must be applied equally across all information assets. That’s not true. Different types of information have different requirements around governing, storing and accessing them, they can’t all be treated the same.
What are some of the issues that the information governance industry is facing?
From Robin Woolen: One of the biggest issues that records managers have, and the tendency that organizations have, is to keep records managers typically relegated to the role of custodian or librarian of a company’s information, where they are located in the basement and no one sees or speaks to them. Records managers are already introverted and rarely speak to others so, in my opinion, this results in a big [cultural] disconnect in an organization and leads to losing the underlying value of the information that they are keeping. The whole value of this information has been lost from the C-suite and down. Luckily, technology is now to the point where this can be reversed. The Big Data craze is another helping factor though you can’t utilize Big Data unless your organization has control of its data in the first place. Now organizations are seeing the value in their information and keeping it organized. From here, the records management personnel must step up to organize information and dispose of unnecessary materials putting the value back into their organization’s information.
How do you define the new approach to information governance?
From James Lappin: In recent years, the IG industry has shifted and evolved a new set of practices, tools and initiatives. End users are overloaded with correspondence and documentation with information chucked at them, mostly through email, but also through other channels. Expecting individuals to coordinate with colleagues and come up with a universal filing system is not achievable. Instead, the new IG approach makes more pragmatic decisions, given information is accumulating in different ways, e.g., SharePoint, email, line-of-business communication. Companies on an individual basis are now striking a balance regarding their IG needs. Where some companies prioritize a governance process that allows them to manage litigation requests in reasonable time frame, others require a program that goes into greater depth to keep governance frameworks and apply them across different repositories (email, SharePoint, etc.).
What must companies consider when they begin to think about implementing information governance policies?
From Robin Woolen: I always stress the importance of the four Ws of information governance, which are what, where, when and who. When you get right down to it, to begin focusing on information governance you must determine what particular information is important to your organization. From there, you need to understand where all of this information is located and when you are able to dispose of it. Because there is typically a legal or regulatory reason for keeping information, various departments within the company, including legal, compliance, operations and IT must decide how long to keep each category of information. Lastly, companies must determine who manages this information and who will have access to it.
From Bassam Zarkout: In terms of enforcing information governance, the most effective way to minimize corporate risk and improve operational efficiency is to implement a “closed loop” records management program that applies legally defensible governance controls over the entire life cycle of corporate information that may be housed in various jurisdictions, business units, IT systems and physical warehouses. This requires that corporate information policies are integrated with IT systems and actively enforced across jurisdictions; it also requires that executives have ongoing visibility into the process.
If you had to give one piece of advice to companies thinking about implementing a records management strategy, what would that be?
From Robin Woolen: In my view, the records management buzzword has died so, instead, I talk about information governance which, of course, includes records management. Though, I think that information governance is a much sexier term. In order to embark on an information governance program, I first advise that organizations need to understand where they are now compared to industry standards, based on the ARMA International industry standards. From there, they must assess the entire company using the ARMA principles to create a baseline comparison using the maturity model as scorecard and then create a strategic plan focused on both the short- and long-term. I use this strategy as a guide for every customer.
How can companies utilize guerilla tactics to infuse information governance into various projects?
From Chris Walker: Right now I am involved with a client in a heavily regulated industry where I was asked to lead their SharePoint deployment. The client has decided that SharePoint is their ECM pillar. This project involves developing SharePoint sites for the client to use for their regulatory filings. In terms of guerilla tactics, we’re setting up the information architecture correctly and changing processes surrounding handling information assets. By starting out with the file plan and retention schedule, we at least built a framework that the company can leverage later on.
While we are contracted to fulfill a specific business initiative, in this case a regulatory filing, information governance can be built into the foundation of what we’re deploying and hidden from users as much as possible as they just don’t care about information governance. Just because a company doesn’t have a dedicated information governance budget doesn’t mean that good information governance practices can’t be infused into the projects that are happening.
Why is records management disappearing and being replaced by information governance?
From Bassam Zarkout: As businesses continue to evolve, the records management profession has struggled to translate the practices of the paper paradigm to the world of electronic information. The adoption of social, mobile and cloud have revealed gaps in many of the traditional records management applications, which are unable to capture content from these new sources and manage them. Simply put, records management has not been able to keep up with the velocity, volume and variety of formats for digital assets.
In this digital age, the records management industry is dealing with many new challenges that are not being addressed by the practices that records management professionals had been using for physical records. While records management solutions are still implemented within many companies, they do not provide the complete management of the record’s metadata, content tiers across storage platforms, security classification and data privacy attributes, as well as content digital rights. The transition to information governance is necessary as records management has its roots and practices based on managing physical files and papers, while information governance is centered on looking after and making decisions about an organization’s information assets, throughout their entire life cycle.