What is Information Governance?




Editor’s Note: This post is a featured guest post by one of our IAI University Partners, Barry Murphy from the eDiscoveryJournal.

Barry MurphyThere’s a new category called “information governance” (Editor note: which may variously be called “content governance” or “enterprise content governance“) springing up in the marketplace.

With terms like information management, records management, and enterprise content management already out there, it’s likely that this new category will introduce yet another level of confusion. Never fear, though, information governance is a good category name that provides a framework for what I call the conservative side of information management.

Information is the lifeblood of businesses; you’ve heard term “information economy,” I hope.

I like to talk about information as the fuel on which businesses run.  Taking that analogy further, raw information assets are like oil – they need to be converted into fuel that can make an engine run; in the case of business, that fuel is knowledge.

As the early 2000’s evolved, knowledge management took a back seat and enterprise content management (ECM) moved to the front of the class. (Editor note: Knowledge Management [KM] vs Enterprise Content Management [ECM] as a technological system vs. business practice continues to cause confusion – although most of this is converging together for modern organizations)

The software giants (EMC, IBM, Microsoft, Oracle) and others like Interwoven, Open Text, and Vignette, rushed to build out their suite of ECM applications.

To be considered an ECM suite, the offering had to include the following components:

  • Document Imaging – the ability to process and store high-volume images of documents like insurance claims.
  • Document Management (DM) – the ability to provide library services and version control.
  • Records Management (RM) – the ability to declare and manage corporate records.
  • Collaboration – the ability to share content with team members.
  • Web Content Management (WCM) – the ability to publish and update web sites.
  • Digital Asset Management (DAM) – the ability to manage digital assets like powerpoint slides and movies.
  • COLD/ERM – the ability to capture and store enterprise reports, like the ones that were printed on that green and white wide paper (the acronym came from Computer Output to Laser Disk / Enterprise Report Management)

The market was on the right track – all of those functions are important to successfully managing unstructured content – but it was silly to think that any organizations could successfully put so many initiatives together when information is used across so many aspects of business.  When the Amendments to the Federal Rules of Civil Procedure took effect in December, 2006, information governance was born.  Not that the need for information governance didn’t already exist, but the FRCP amendments just brought the spotlight to the need.

When most people think of information management, they think of some pie-in-the-sky strategy for managing every information asset within an organization…and that’s basically true.  Many initiatives under the information management umbrella, however, are tenable.  There are many content-driven processes within every organization – think insurance claims, sales proposal management, human resources onboarding, and the list goes on and on.  The goal with these processes is to make sure that information assets are available easily to those (people or systems) that need the asset in a fast, efficient manner.  The information is the fuel of the business in these scenarios.

There has also been a lot of focus on making information available to employees quickly and easily.  This gave rise to mobile devices and social networking sites like FaceBook – these are faster ways to collaborate and share information.  Despite the business benefits, these applications pose risk because content gets harder and harder to control and monitor.  This is where information governance comes in – it turns the perspective on information management from providing fuel for the business to covering your a$$ (CYA for those that know the acronym).

Information governance is not a separate category from information management, but rather a different perspective of it – a more conservative one.

In a perfect world, organizations would bar applications that put content out of control, but efforts to stop people from doing what they want to do with information always fail.  Always.

Information governance is really the practice of putting in place measures to mitigate the risk.

For those of us in eDiscovery, information governance is about putting in place the right people, processes, and tools to be able to efficiently respond to requests for information. Those organizations that have good information governance programs in place know:

  • What information is retained
  • Where it is stored
  • How long it is retained
  • Who has access to it
  • How that data is protected
  • How policies, standards and regulations are enforced

Because eDiscovery initiatives are really part of information governance, they are closely related to records management, compliance, privacy, and security programs.

The challenge many organizations face is connecting these programs under one umbrella and correctly assigning ownership – sometimes to legal, sometimes to IT, and sometimes to compliance.

Each organization is different, but in general the following diagram is a good description for information governance.

Is information governance a hot topic at your organization?  Who owns it?  What types of projects are underway?  We’re always interested in learning more about what you’re doing, so feel free to contact us or comment on this journal entry.

– end article –

Where are you in your eDiscovery Education?

  • Unsure how to best proceed with an eDiscovery strategy?
  • Find the wide variety of tools and platforms available throughout the eDiscovery process to be a bewildering mish-mash of “marketing speak” from the vendor community?
  • Looking for a sanity check on how you are approaching eDiscovery, and where you can cut time, money and resources out of the equation?

Take advantage of our 4-Hour Online and On-demand eLearning course, “eDiscovery: From Legal Imperatives to Technical Solutions” created in partnership with Barry Murphy and Information Architected on our new learning platform, IAI University.

“Not only did Barry give us a comprehensive overview of the challenges organizations face with managing eDiscovery, but he also gave a detailed analysis of how to address those challenges.  Barry was able to take a complex subject with many moving parts and allow us to understand it in less than half a day.” – Greg Arnette, CTO and Founder, Sonian

The “eDiscovery: From Legal Imperatives to Technical Solutions” course has four modules and includes a 30-minute live call with Barry to discuss the course or any eDiscovery project you have in play.

Register Now for “eDiscovery: From Legal Imperatives to Technical Solutions”

Module 1: Understanding eDiscovery

  • Understanding and Defining eDiscovery
  • Federal Rules of Civil Procedure
  • The Electronic Discovery Reference Model

Module 2: The eDiscovery Imperative

  • The eDiscovery Imperative
  • The Challenge of Managing and Finding Information
  • The Immediate Impact of eDiscovery on Organizations
  • The State of eDiscovery Today
  • eDiscovery Trends to Consider

Module 3: Getting Started on eDiscovery

  • Critical Elements of Good eDiscovery Programs
  • Aligning Roles and Responsibilities
  • Creating Retention Policies
  • Near-term vs. Long-term Issues and Challenges

Module 4: Understanding the Complex Solutions Landscape

  • Understanding the Solution Landscape
  • Benefits Promised by eDiscovery Solutions
  • The Truth About eDiscovery Platforms
  • Positioning Solution Providers and Products
  • Final Thoughts and Considerations

Register Now for “eDiscovery: From Legal Imperatives to Technical Solutions”

Tags: , , , , , , , , , , , , , ,

Subscribe to the Blog

Subscribe Using RSS

Close

Fans

Testimonials/Quotes

“Dan and I served on the SANS GIAC Advisory Board where his knowledge and insight into security and organizational issues were keenly appreciated.”
by Stuart Berman, Security Architect Steelcase Inc.

Back

Organizations That Have Used Our Services Include:




Forward