Unmasking Information Governance: What is it and how do I move it forward in my organization?

Robinson+Cole Data Privacy + Security Insider
Contact
LinkedIn
Facebook
X
Send
Embed

The heightened state of information security in recent years has instigated genuine collaboration, in many organizations, amongst its professionals in IT, records, security, risk, compliance, and other stakeholders in business management.  After the various perspectives are heard, the need is clear – an Information Governance (IG) strategy.

What is IG?  Wikipedia roughly defines IG as a set of multi-disciplinary structures, policies, procedures, processes, and controls implemented to manage information at an enterprise level, supporting an organization’s immediate and future regulatory, legal, risk, and operational requirements.  This definition resonates with me and broadly covers the range of information-related concerns facing virtually all businesses today.

How do I move IG forward in my organization?

Establish a steering committee.  An effective IG program requires perspective, steering, and ultimately enforcement by a wide range of stakeholders such as the CEO, CIO, chief legal counsel, risk officer, compliance officer, and a variety of line-of-business executives.

Communicate goals and objectives.  While many of the objectives will relate to security, privacy, risk, and compliance, clearly stated goals that speak to operational efficiency, knowledge management benefits, reducing IT infrastructure costs, and more effective utilization of staff resources will more easily win the support of executive management and the organization as a whole.

Formalize a policy.  Keep the policy document as short and easy to digest as possible.  The document will cover key policies, such as information security, privacy, legal compliance, records and information management.  There is a real opportunity to include policies regarding document organization and naming standards, knowledge management, accuracy and completeness, and other information quality benefits.  Roles will also be formalized in the policy document and appropriate authorities granted to support enforcement.

Rollout and ongoing education.  Key to the success of an IG program is enterprise-wide adoption.  The rollout needs to touch just about everyone in the organization and ongoing training is a must to achieve stated goals and objectives.

Establishing an effective Information Governance program is no small task and this writing barely touches the iceberg.  On the other hand, getting to a set of shared goals and objectives and realizing the benefits, from a risk mitigation and operational effectiveness perspective, is the first big step toward a successful implementation.

[View source.]

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Robinson+Cole Data Privacy + Security Insider | Attorney Advertising

Written by:

Robinson+Cole Data Privacy + Security Insider
Robinson+Cole Data Privacy + Security Insider
Contact
more
less

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide