Information governance is the development of a decision and accountability framework that defines acceptable behavior in the creation, valuation, use, sharing, storage, archiving, and deletion of information. It encompasses the policies, standards, processes, metrics, and roles guiding the efficient and effective use of information for an organization to realize its objectives. The term information governance is suitably broad to act as a reasonably comprehensive term. However, this also means the definition of that term is open to debate. As such, similar terms can also be heard which refer to similar disciplines and technology. This includes Data Lifecycle Management, Data Governance, and Information Management.
Information governance recognizes information as a strategic asset that must be subjected to high-level coordination and oversight. This ensures accountability, integrity, preservation, and protection of information enterprise-wide, and as a disciplined aims to treat the task holistically by removing silos and fragmentation, improving ROI on the technology and resources needed to manage information.
Micro Focus’ range of solutions that support this discipline has the label Information Management and Governance. This phrase broadens the definition to consider two strategically critical elements of effective information governance, namely the data and the employees.
Why is Information Governance Important?
Information governance (or Information Management and Governance – see above) is an emerging discipline so there is still some debate around the role it plays in the enterprise. Nevertheless, a well-implemented information governance program should yield the following benefits for the business at the minimum.
- Actionable, manageable data: organizations have a strategic opportunity and responsibility to analyze its data, and keep all of it safe throughout the full information lifecycle
- Support business objectives, priorities, and needs in line with organizational culture and available resources.
- Improve productivity by facilitating intelligent collaboration through information sharing. Employees across the organization work with the same version of a document in real-time.
- Ensure compliance with laws, regulations, industry standards, internal procedures, and legal discovery. Minimize the risk of noncompliance such as censure, penalties, prosecution, reputation loss, and financial loss.
- Improve information analytics capabilities. Access the information you need faster and easier because it’s better classified, supported, and secured.
- Improve ROI on business intelligence systems.
- Establish structure, control, and consistency over outsourced processes and systems.
- Increase staff awareness on key principles and policies of information management.
- Cut waste, eliminate duplication, reduce cost, and optimize information management expenditure.
- Minimize breaches by keeping information safe and secure.
- Base organization decisions on information needs and not available technology.
- Improve organizational agility. Give key decision makers an enterprise-wide perspective that recognizes impact on other stakeholders.
Information Governance vs Data Governance
The terms information governance and data governance are frequently used interchangeably. They do not however refer to the exact same thing. Understanding the differences between them is central to developing an effective approach to enterprise information management.
Information governance is a broad range of activities that covers all aspects of information within the organization. It is business-, legal- and compliance-driven. Components of information governance include categorization, information use definition, access management, records management, document handling, information lifecycle, secure removal (disposition), eDiscovery, cybersecurity, and, yes, data governance. In this sense, data governance is a subset of information governance.
Information governance professionals are skilled in records management, privacy, collaboration, discovery, and disposition.
Data governance focuses on the storage, transfer, and integrity of data assets. It’s IT-driven and involves data lineage, data security, data loss prevention, data service levels, and master data management. It’s a more established discipline than information governance.
Data governance experts have competence in data modeling, data architecture, data integration, data privacy, and master data management.
Effective data governance is a key component of enterprise information governance. However, good data governance does not of itself guarantee good information governance. An organization’s information management is at its best when there’s strong, fruitful collaboration between its information governance and data governance teams.
What is Information Governance Software?
Information governance software provides the automated tools the organization needs to comply with vast information governance demands. Identifying, analyzing, adopting, and implementing the right software is crucial in the realization of information governance objectives.
Information technology governance software often includes process and workflow automation solutions that digitize the repetitive and mundane elements of information governance.
What is an Information Governance Framework?
The purpose of an information technology governance framework is to establish the organization’s approach toward information management within a business, legal, and regulatory context. An effective framework covers the following areas.
Scope and Charter
Establish the scope of the information governance program. Set out the procedures that govern the creating, sharing, storage, and disposal of information. Define the management of all information and associated systems that affect the enterprise’s legal and regulatory obligations.
Roles and Responsibilities
Define the key roles and responsibilities in information governance. That includes the information governance committee, information governance team, information risk management team, information asset management team, records management team, business line managers, and employees.
Information Policies and Procedures
Some enterprise information will be created and stored by third parties. The framework establishes how the organization manages information with partners, suppliers, and stakeholders. Define how information governance affects contractual obligations and supplier relationships. Establish metrics that third parties are evaluated against to confirm conformity with information governance goals.
Business, Continuity, Disaster Recovery and Contingency
The framework should set out the process for reporting information losses, reporting information breaches, incident management, incident escalation, disaster recovery, and business continuity.
Audit and Review
Continuous monitoring of information access, information use, regulatory compliance, information security, infrastructure performance, and storage performance. Conduct regular risk assessments, audits, and reviews.
Key Components of Information Governance
Understanding the definitions and importance of information governance, data governance, and information governance framework is crucial. But what are some of the components of effective information governance?
Information Mapping and Evaluation
Locate, capture, manage, and store information wherever it resides within the enterprise. Identify the different types of structured and unstructured information in the organization. Where is the information stored? Who is in charge of it? Is it backed up? Is it relevant?
The management of information across its entire lifecycle, from capture to removal. It covers the identification, classification, storage, securing, retrieval, tracking, preservation, and destruction of records. As the name suggests, the focus here is on the granular element of the information, namely the record level. Other disciplines (see Knowledge Management, and Content Management, below) seek to further abstract the granularity of the information.
The creating, sharing, use, and management of information held by the organization in order to satisfy corporate objectives.
The creating, sharing, use, and management of information held by the organization in order to satisfy corporate objectives. This term emphasizes the value of the information being stored in terms of what it presents, i.e. as content.
Given this discipline is often associated with compliance initiatives, the necessity for rigor and security means the label Secure Content Management is often used.
Micro Focus’ Secure Content Management solution aims to maintain operational security and integrity by knowing what data is stored, who has access to it & what policies are most effective in managing.