The Information Governance Initiative Annual Report 2015-2016 gives clear insight into the trend that organizations are increasingly getting a grasp of the impact of information governance (IG). In-fact, it predicts that most of the organizations implementing information governance will increase their IG spend by more than 30 percent in 2016-17. Moreover, the understanding of Information Governance is clearly increasing with practitioners having a more common definition compared to what they would have earlier. The question about information governance now is not “What is IG?” but more so “How we do IG?”
Challenges of Information Governance
- There is nothing quick about quick wins: The implementation period for an Information Governance project is typically between six to twelve months. The main reason for long implementation timelines is mostly because of lack of agreement within any given organization on the software that needs to be implemented for IG.
- Lack of education on Information Governance: Moreover, a fundamental aspect of any IG project is substantial education of the implementation team, such as individual functional experts within the business, about what data is important, what is not, which data serves what purpose, and so forth.
It is no doubt that a good Information Governance program can solve many tangible business problems that are expensive in nature, such as data security, storage, privacy, backups, knowledge transfer and the list goes on. So what does this all mean for your organization? Your organization’s data is growing by the minute and maintaining it is no small task.
Reasons to Kickstart an Information Governance Program
- Paperless Office
Research shows that the volume of paper records in organizations is increasing. With more and more content being added from various sources, its retention and deletion has become more important. And with duplication of records by digitizing them as a policy, there has been an exponential growth in electronic storage in addition to paper storage. Hence, more than ever, good information governance is required.
- Risky Business
Any data leak has a huge risk of loss of consumer confidence and bad publicity. Breaches in security can lead to fines, criminal prosecution in addition to loss of reputation. Loss of IP is another risk. Most organizations do implement Information Governance in some form or other, however its effectiveness can vary significantly. Regular training right from induction is the most effective tool in imparting good IG practices across employees.
- Should I Delete or Retain
In dealing with paper or electronic records, the governance policies applied vary widely. It is less likely that retention periods set as per policy are implemented on electronic records. People more often than not choose not to delete any form of electronic records as virtual storage is implied as free storage.
- Social Content Management
While most organizations record application-generated output (emails, forms etc) very few record dynamically generated personalized content (chats, office messengers etc.). Even less frequently monitored are employees interactions on social media or their use of cloud based social collaboration platforms (eg. Dropbox) for official use. All of these interactions can be potentially susceptible to breaches of acceptable use or insider malpractice.
Enterprise wide Information Governance Policies and System Strategies
If your organization already has an information governance policy in place, mechanisms need to be set in place to monitor compliance, include new media and content types as well as regular trainings to enforce governance amongst employees. In addition, investment in systems that help in classifying content as well as improve discovery process help immensely in reducing storage requirements.
To conclude, the post-paper record era, though more fascinating, is more susceptible to hacks and leaks if proper governance policies are not enforced.