Best Practices in Information Governance
Total Page:16
File Type:pdf, Size:1020Kb
Best Practices in Information Governance Marydee Ojala ............. 20 Information Governance Gets Respect Ever get a song stuck in your head? Talking about information governance with experts in the field, I suddenly found myself reminded of Aretha Franklin’s classic Respect. In the back of my mind, she was spelling out R E S P E C T in that incredibly strong voice of hers as background music to my thoughts about how attitudes toward information governance have changed… Robert Cruz, .............. 22 Best Practices in Information Governance Actiance, Inc. Information Governance—as a discipline—has undergone a strange and wild ride over the past couple of years. Finally, we have moved past endless debates on definitions and usable frameworks, thanks to the efforts of the Information Governance Initiative (IGI) and other IG leaders and practitioners… Ken Lownie, . ............. 24 The Real Differentiators in IG Solutions Everteam Software According to Gartner, Information Governance (IG) is: “The specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving and deletion of information.”… Susan Emery, Viewpointe. ... 26 6 Ways to Keep Business Content from Getting Out of Control Regulated industries such as financial services, healthcare Produced by: KMWorld Magazine or insurance require business to balance innovation and Specialty Publishing Group risk mitigation. Can you keep pace with digital transformation For information on participating without risking security, privacy or retention policy in the next white paper in the “Best Practices” series, contact: requirements?… Kathryn Rogals Publisher 561.483.5190 Premium Sponsors: [email protected] KMWorld.com Marydee Ojala is conference Information Governance program director for Information Today, Inc. She works on Gets Respect conferences such as Enterprise Search & Discovery, which is co-located with By Marydee Ojala, Conference Program Director, Information Today, Inc. KMWorld, and WebSearch Marydee Ojala University, among others. She is ver get a song stuck in your head? Talking Cleaning Out the Garage a frequent speaker at U.S. and international Eabout information governance with ex- To find out more about Everteam’s take on information professional events. In addition, she perts in the field, I suddenly found myself re- information governance, I spoke with Firas moderates the popular KMWorld webinar series. minded of Aretha Franklin’s classic Respect. Raouf, the company’s CEO. He likens it to In the back of my mind, she was spelling out the laborious task of cleaning out your garage. Ojala is based in Indianapolis, Indiana and can be R E S P E C T in that incredibly strong voice It’s a task people tend to put off. It’s very easy reached at [email protected]. of hers as background music to my thoughts to put things into your garage, things you’re about how attitudes toward information gov- not sure what you want to do with long term ernance have changed. Just like Aretha re- but you’re not sure you should throw away. quested, information governance is getting Maybe, just maybe, you’ll need that old item Pain Points a lot more respect these days, both when it some day. And so you keep it, along with gets home and when it’s at the office. other “stuff,” until you can no longer park Raouf recommends against telling people And why would that be? Information your car in your garage. You know there’s 10 they need to implement information gover- governance is hardly a new concept. Gain- things you definitely need to keep, but you nance because they’re not likely to under- ing control over internal information has can’t find them amidst all the clutter. When stand information governance as a category. long been an important activity. However, Instead, ask them about their pain points. It too frequently it had low priority and inad- might be archiving legacy operations, mit- equate resources. Now that companies are “The principle of keeping igating storage costs, or migrating to the realizing the value of protecting informa- cloud. By focusing on pain points, you can tion, it is seen as a crucial part of business information stored just in start small, with one application. strategy. This is particularly true of regulat- Everteam’s approach is to focus on the ed industries, such as finance, insurance, case you might need it in pain point and bring in information gover- energy, and pharmaceuticals. the future is not a nance concepts. For example, add retention The Information Governance Initiative schedules to the metadata. This can be easier (IGI; iginitiative.com) is widely credit- good idea… Best practices said than done. Raouf once asked a custom- ed with moving the discipline forward. It er about his company’s retention policy and has legitimized information governance in information governance was told it was “keep for 10 years then dis- as a free-standing business exercise, dis- card.” His next question was if the destruc- tinct from enterprise content management stress having rules to tion process was managed. No, it wasn’t. (ECM). It is not seen as synonymous with Raouf concluded that meant the company information security but the two are most guide you in determining did not actually have a retention policy. definitely related—or perhaps joined at the what to keep, what Hacking is on many people’s minds, hip is a better way to phrase it. thanks to highly publicized events from re- to discard, and when to tail stores to entertainment companies. Thus, Components of Information information security is a growing concern take action.” for companies who don’t want to be the next Governance victim. Can you completely prevent attacks? But what do we mean by the term infor- Raouf thinks not, but you can certainly take mation governance? Everteam’s Ken Lownie the amount of stuff becomes overwhelming, steps to minimize risk and be less vulnera- points out that the definition of information you know it’s time to apply information gov- ble. The amount of information being stored governance is far from set in stone. It en- ernance techniques—although you probably has increased exponentially. But it’s not only compasses a number of different functional won’t call it that. the volume that makes enterprises vulnera- areas, including records management, infor- The principle of keeping information ble from a security standpoint, but also the mation security, knowledge management, stored just in case you might need it in the failure of a centralized command and control big data, and data science. future is not a good idea. In fact, it’s not re- mentality. Raouf estimates that today, with Lownie identifies five core capabilities of ally a principle of information governance. all the different places where information information governance: Best practices in information governance can reside, 80% could be outside the ECM ◆ Connecting to every piece of content and stress having rules to guide you in determin- system. That makes it difficult to regulate data within the organization ing what to keep, what to discard, and when and manage. Not only that, says Lownie, ◆ Discovering information by analyzing to take action. Take that software you bought ECM platforms are over 20 years old and content, cleaning it up, eliminating dupli- years ago when it was the latest and greatest. the information governance piece of it is fre- cation, and migrating to secure repositories But now it’s old and tired. It’s not just you: quently “an afterthought.” ◆ Archiving content with an eye toward how Most organizations have software that hasn’t You can’t clean out your garage, which long it should be retained been updated. “Old software never dies,” you’ve been filling up for years, in one af- ◆ Managing information to ensure legal commented Raouf. “It becomes entrenched, ternoon. You can’t set up an information compliance with tentacles everywhere. It’s hard to con- governance program that effectively solves ◆ Analyzing content across the enterprise, vince people to throw it out and to find the every problem on a short timetable, either. providing advanced search capabilities budget to justify replacement.” Get the CFO to acknowledge the problem, S20 KMWorld September/October 2017 start small, and take it one step at a time is need to be specific to the job role, Cruz says. involves not only traditional content but also Raouf’s advice. Perhaps the sales staff can use Skype for newer communication channels. business purposes but not turn on the vid- His first point is that information is all Value and Risk eo camera. Perhaps interactions on social over the place. This results in both increased media need to be reviewed before they are value and increased risk. It’s a business fact When considering risk, it’s the hack- uploaded. Perhaps some types of messaging that “content containing business records or ers who command attention. But that’s not are blocked completely. It’s important the sensitive information can be anywhere, in- a company’s only vulnerability. As Robert policy statements not be too stringent. This cluding the cloud.” Cruz, Senior Director of Information Gov- can have the effect of encouraging non-com- Secondly, there’s a real need for policies ernance for Actiance, Inc., explained when pliance. Policies should “help people do to be up to date. With new communication I talked with him, the value of information their jobs with the structure of the policy.” channels coming into favor (and falling out governance in mitigating risk lies in manag- of favor), policies should be reviewed on a ing the many communication channels that Gluing It All Together regular basis. Now that waiters take orders exist. He’s adamant that, although email is on iPads and no one uses quill pens, why not going away, there are probably 150 other Actiance, says Cruz, can “glue commu- would your information governance policy ways people are communicating.