More

    How to Implement Information Governance Across the Enterprise

    Information governance has become a critical subject as businesses continue to generate an increasing amount of sensitive data that requires policy management and compliance. This presentation, outlined by Bassam Zarkout, CTO, RSD, will detail the steps that need to be taken in order to implement an information governance strategy across the enterprise.

    How to Implement Information Governance Across the Enterprise - slide 1

    Click through for steps that need to be taken in order to implement an enterprise-wide information governance strategy, as identified by Bassam Zarkout, CTO, RSD.

    How to Implement Information Governance Across the Enterprise - slide 2

    Information governance steering committee

    The first step to implementing information governance across the company is to form an information governance steering committee, which includes all the relevant stakeholders such as the CEO, CIO, chief legal counsel, risk officer, compliance officer and a variety of line-of-business executives. Each member needs to understand the potential benefits and impacts it would have on his/her organization. This ensures that everyone is involved in the process from the early stages. The committee would govern the organization’s information policies and procedures.

    How to Implement Information Governance Across the Enterprise - slide 3

    Objectives and goals

    The committee would then set the objectives and goals for the corporation’s information governance strategy, which should then get translated into a set of policies that can be enforced. They will create a written statement of what the initiative is looking to achieve, which lays out the vision and helps employees understand their relationship to information governance policies. These objectives include achieving greater overall operational efficiency, reducing IT infrastructure costs and re-allocating resources, improving compliance across the organization to reduce risks, ensuring the organization extracts and maximizes value from its information, and helping employees balance their roles and ensure accountability by assigning responsibilities.

    How to Implement Information Governance Across the Enterprise - slide 4

    Scope and vision

    Information governance must be implemented enterprise-wide from a practical standpoint, and the vision must be shared across all stakeholders and jurisdictions, as well as aligned with the corporate agenda. The committee must define the scope and timeline as well as a plan for communication and training of all participants. The scope of the information governance policy should include information retention, data protection and personally identifiable information, legal holds and e-Discovery, audit of compliance, laws and regulations in  multiple jurisdictions, use of cloud computing, mobile and on-device storage, migration of information across the storage hierarchy, and taxonomy and classification.

    How to Implement Information Governance Across the Enterprise - slide 5

    Enforcing information governance

    The most effective way to minimize corporate risk and improve operational efficiency is to implement a “closed loop” records management program that applies legally defensible governance controls over the entire lifecycle of corporate information that may be housed in various jurisdictions, business units, IT systems and physical warehouses. This requires that corporate information policies are integrated with IT systems and actively enforced across jurisdictions; it also requires that executives have ongoing visibility into the process.

    How to Implement Information Governance Across the Enterprise - slide 6

    Roll-out elements

    Information governance must be implemented enterprise-wide, but from a practical standpoint, a far-reaching implementation of this kind may be difficult to execute. The important point is to start with the end in mind: eventually, your program must encompass all business units, geographies, IT systems and jurisdictions. In addition, because governance will require constant maintenance, there needs to be a process to update policies when business conditions or regulations change.

    How to Implement Information Governance Across the Enterprise - slide 7

    Technology solutions

    Finally, identifying a technology platform that will ensure visibility into policy enforcement, across all jurisdictions, will also be important to the success of an information governance initiative.

    Latest Articles