Information governance

Information governance, or IG, is an emerging term used to encompass the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information at an enterprise level, supporting an organizations immediate and future regulatory, legal, risk, environmental and operational requirements.

Contents

Definitions of information governance

Because information governance is a relatively new concept, there is no standard definition as of yet. Gartner Inc., an information technology research and advisory firm, defines information governance as the specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. It includes the processes, roles, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals. [1]

As defined by information governance solutions provider RSD, IG enforces desirable behavior for the creation, use, archiving, and deletion of corporate information. [2]

To technology and consulting corporation IBM, information governance is a holistic approach to managing and leveraging information for business benefits and encompasses information quality, information protection and information life cycle management. [3]

Regardless of the exact wording, definitions of IG tend to go quite a bit further than traditional Records management in order to address all phases of the information life cycle. It incorporates privacy attributes, electronic discovery requirements, storage optimization, and metadata management. In essence, information government is the superset encompassing each of these elements.

History

Records Management and Information Governance

Records management deals with the retention and disposition of records. A record can either be a physical, tangible object, or digital information such as a database, application data, and e-mail. The lifecycle was historically viewed as the point of creation to the eventual disposal of a record. As data generation exploded in recent decades, and regulations and compliance issues increased, traditional records management failed to keep pace. A more comprehensive platform for managing records and information became necessary to address all phases of the lifecycle, which led to the advent of information governance. [4]

Information governance goes beyond retention and disposition to include privacy, access controls, and other compliance issues. In electronic discovery, or e-discovery, electronically stored information is searched for relevant data by attorneys and placed on legal hold. IG includes consideration of how this data is held and controlled for e-discovery, and also provides a platform for defensible disposition and compliance. Additionally, metadata often accompanies electronically stored data and can be of great value to the enterprise if stored and managed correctly. [5]

With all of these additional considerations that go beyond traditional records management, IG emerged as a platform for organizations to define policies at the enterprise level, across multiple jurisdictions. IG then also provides for the enforcement of these policies into the various repositories of information, data, and records.

Organizational structure

In the past, records managers owned records management, perhaps within a compliance department at an enterprise. In order to address the broader issues surrounding records management, several other key stakeholders must be involved. Legal, IT, and Compliance tend to be the departments that touch information governance the most, though certainly other departments might seek representation. Many enterprises create information governance committees to ensure that all necessary constituents are represented and that all relevant issues are addressed. [6]

Tools

To address retention and disposition, Records Management and Enterprise Content Management applications were developed. Sometimes detached search engines or homegrown policy definition tools were created. These were often employed at a departmental or divisional level; rarely were tools used across the enterprise. While these tools were used to define policies, they lacked the ability to enforce those policies. Monitoring for compliance with policies was increasingly challenging.

Because information governance addresses so much more than traditional records management, several software solutions have emerged to include the vast array of issues facing records managers. Some of these vendors include Open Text Corporation, RSD, HP’s Autonomy, EMC Corporation, and IBM.

Regulations

Key to IG are the regulations and laws that help to define corporate policies. Some of these regulations include:

IG In the News

Information governance was given national recognition in November, 2011 with a directive from President Obama to overhaul current records management processes within the government to encompass current needs more comprehensively. [10]

See Also

References

  1. ^ http://blogs.gartner.com/debra_logan/2010/01/11/what-is-information-governance-and-why-is-it-so-hard/ Gartner definition]
  2. ^ http://www.rsd.com/en/products/rsd-glass RSD information governance definition
  3. ^ IBM Survey Report
  4. ^ http://www.arma.org/pdf/WhatIsRIM.pdf
  5. ^ http://www.arma.org/erecords/index.cfm
  6. ^ [http://www.law.com/jsp/cc/PubArticleFriendlyCC.jsp?id=1202533945005 ALM IG Overview}
  7. ^ http://www.irs.gov/businesses/corporations/article/0,,id=236667,00.html
  8. ^ https://www.pcisecuritystandards.org/
  9. ^ http://www.moreq2.eu/
  10. ^ Presidential Memorandum – Managing Government Records

External links

Association of Records Managers and Administrators

Gartner Information Governance

Forrester Research information governance blog

Barclay Blair Information Governance Definition

RSD Official Website

EPA 10 Reasons for RM