Information Governance is more important than ever because the majority of large enterprises have a data problem. While just about every large company claims to be “data-driven” and focused on leveraging new technologies like artificial intelligence (AI) and machine learning, the evidence suggests that few are backing up this talk with real action. In fact, it can be argued that data is actually more of a liability than an asset in many organizations.
NewVantage Partners, a consulting firm that helps large enterprises with “data-driven business transformation,” recently released a survey that examined how companies were faring in their attempts to govern and utilize their data. Top-level executives from 64 of the Fortune 1000—including companies like General Motors, Johnson & Johnson, Ford Motor Company, American Express, and General Electric—were surveyed. The results were troubling, to say the least.
Of the executives surveyed:
- 72% felt that their company hadn’t created a “data culture” yet;
- 69% said that they hadn’t been able to create a data-driven organization;
- 53% believed that they weren’t properly treating data as an asset yet;
- 52% admitted they weren’t competing effectively on data and analytics;
- Only 31% identified themselves as being “data-driven” (down from 37% in 2017).
An article by Leandro DalleMule, Chief Data Officer at AIG, and Thomas H. Davenport, author and Senior Adviser at Deloitte Analytics, in Harvard Business Review highlights the same data challenges in large enterprises.
“Cross-industry studies show that on average, less than half of an organization’s structured data is actively used in making decisions—and less than 1% of its unstructured data is analyzed or used at all,” the authors state. “More than 70% of employees have access to data they should not, and 80% of analysts’ time is spent simply discovering and preparing data. Data breaches are common, rogue data sets propagate in silos, and companies’ data technology often isn’t up to the demands put on it.”
What Is Information Governance?
As Crossing the Chasm author Geoffrey Moore has said: “Without big data, you are blind and deaf and in the middle of a freeway.” But as the examples above show, too much data can be just as debilitating. With information overload, trying to make smart decisions can feel a bit like playing chess in the middle of a rock concert—it’s very hard to block out the noise and focus on the signal.
Enter information governance. Gartner defines information governance as “the specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving and deletion of information. It includes the processes, roles, and policies, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.”
It’s not exactly a new concept—industries like healthcare have had to consider how it manages the sensitive information it holds for a long time—but new technologies and competitive landscapes have changed the nature of information governance and forced enterprises to dedicate far more resources to it.
Forrester writes about information governance: “Customer obsession and the move to digital business are disrupting information governance (IG) processes as content and communication move to cloud and collaborative platforms. But lifecycle management of business records remains at the core of compliance obligations and preserving institutional memory. Enterprise architecture (EA) professionals must fit records and information management into a business technology (BT) agenda.”
Old-school recordkeeping, where a single source of truth could more easily be kept and the organizational custodians of information were clear, has been replaced with a new world where information governance professionals need to consider the impact of things like enterprise collaboration platforms, social media channels, application programming interfaces (APIs), and third-party integrations. In short, questions around where information resides, how it’s protected, who has access to it, and what companies should actually do with it is not as clear-cut as they once were.
ARMA International and Information Governance
When it comes to addressing the new challenges of information governance, the Association of Records Managers and Administrators (ARMA) International has played a significant role over the last decade. The non-profit organization, which describes itself as wanting “to be the driving force that enables organizations to harness the strategic power of information,” created The Principles (also known as the Generally Accepted Recordkeeping Principles) in 2009 to help companies improve their approach to information governance, and updated them in 2017. The eight principles act as a standard of conduct and illustrate how modern enterprises should:
- Oversee information management to ensure accountability within the organization;
- Manage information in a way that is open and transparent;
- Guarantee the authenticity and reliability of information;
- Classify and protect information that should not be accessible by all;
- Comply with all relevant recordkeeping regulations;
- Maintain the availability and accuracy of information;
- Retain information for regulatory, legal, and historical requirements;
- Dispose of information no longer required.
The Information Governance Maturity Model
With ever-larger data volumes and increasing data sources to contend with, adopting this standard of conduct isn’t easy. To help further, ARMA International has also released the Information Governance Maturity Model as a quality improvement tool.
ARMA states that “an organization can determine the maturity of its information governance practices—for a specific department, division, geographic location, or the entire organization—by evaluating them against the characteristics of effective information governance provided by the Maturity Model.
“After determining its maturity, an organization may—based on its defined business needs and risk tolerances—target different levels of anticipated maturity achievement and/or different areas of the organization for each of the eight Principles.”
The Information Governance Maturity Model classifies organizations into five distinct levels:
- Substandard: Here an organization is barely considering information governance risks and doesn’t have the most basic of systems and processes in place.
- In Development: An organization has realized the importance of information governance and is putting a governance program in place, but is still facing substantial risks because of a lack of systems and processes.
- Essential: Information governance now plays a central role within the organization and meets the minimum regulatory and legal requirements associated with information governance.
- Proactive: As the name of this level suggests, the organization is proactive in its approach to information governance and not content to merely meet the minimum requirements; it is aiming to continuously improve.
- Transformational: Meeting requirements have become utterly routine. Information governance has evolved to the point where the focus is not merely on regulation and legal requirements but is now offering a competitive advantage and even improving client service.
Buzzwords like artificial intelligence and machine learning have everyone talking about how big data can make an organization more competitive and efficient. But as the Information Governance Maturity Model illustrates, doing this effectively requires a lot of prior work. Before enterprises can start thinking about how to use data in a proactive and transformational way, the foundational blocks of information governance need to be put in place. Only once a certain maturity level has been reached and information is no longer a liability, can large amounts of data become a meaningful asset.
For a great starting point, check out ARMA International’s manual, Implementing the Generally Accepted Recordkeeping Principles.
PageFreezer assists organizations with the information governance and lifecycle management of online data, including webpages, enterprise collaboration content, and social media channels. Visit our Information Governance Page or simply request more information.