Are there weaknesses in your company’s data management strategies? If your information governance roles aren’t clearly defined, then it’s likely there are.
According to analysts, information governance is how organizations “enforce desirable behavior in the creation, use, archiving and disposition of corporate information.” Information governance’s goal is to “ensure compliance with laws and regulations, mitigate risks and protect the confidentiality of sensitive company and customer data.”
Failure to comply with such regulations can result in significant penalty, legal liability and loss of reputation. Check out Information Governance is Good Business for more information on this big topic.
While it’s clear to see why information governance is important, implementing it is not without its challenges. One of the major challenges stems from insufficient collaboration among key stakeholders, according to EDRM’s (Electronic Discovery Reference Model) Information Governance Reference Model (IGRM).
IGRM seeks to help stakeholders understand their responsibilities, processes and practices for information governance—as well as understand the importance of collaboration across the enterprise.
According to IGRM, the key responsibilities are divided among three key groups:
- Business users. They need the information to operate the organization and are the primary stakeholders. Their responsibility is to define and declare the specific value of information.
- Legal, risk and regulatory departments. Once business value has been established, these stakeholders are chartered to manage risk for the company. They define what to put on hold and what and when to collect data for discovery. They also are charged with ensuring regulatory obligations for information are met, including what to retain and archive and for how long.
- IT organizations. They must manage the information accordingly, ensuring privacy, security and appropriate retention. Without collaboration with the other two sets of stakeholders, IT can’t speak to what information has value or what duties apply to specific information.
Once an organization has established these roles, the hope is that the diagram can be used to facilitate better cooperation, cross-functional processes and better information governance.
It can be hard work to design an information governance program and then implement it across the enterprise—but establishing who does what and fostering collaboration among the stakeholders can mean a huge payoff in terms of reduced risk and increased data security.