Implementation
What must companies consider when they begin to think about implementing information governance policies?
From Robin Woolen: I always stress the importance of the four Ws of information governance, which are what, where, when and who. When you get right down to it, to begin focusing on information governance you must determine what particular information is important to your organization. From there, you need to understand where all of this information is located and when you are able to dispose of it. Because there is typically a legal or regulatory reason for keeping information, various departments within the company, including legal, compliance, operations and IT must decide how long to keep each category of information. Lastly, companies must determine who manages this information and who will have access to it.
From Bassam Zarkout: In terms of enforcing information governance, the most effective way to minimize corporate risk and improve operational efficiency is to implement a “closed loop” records management program that applies legally defensible governance controls over the entire life cycle of corporate information that may be housed in various jurisdictions, business units, IT systems and physical warehouses. This requires that corporate information policies are integrated with IT systems and actively enforced across jurisdictions; it also requires that executives have ongoing visibility into the process.