Our firm’s elephant icon is a nod to The Blind Men and the Elephant, the familiar, age-old parable for how we often do not see the big picture, but instead only the parts we directly encounter. And so it goes for organizations’ data. Individual company functions and departments often have their own, limited perspectives on information, seeing only the risks and opportunities with which they are directly familiar. Limited perspective yields limited perception – not a good thing for identifying, understanding, and controlling organizational risk.
I actually prefer a slightly different version, The Blind Elephants and the Man:
One day, six blind elephants were in a heated argument about what Man was like. To resolve their dispute, they sought out and found a man. The first elephant “felt” the man and then proclaimed “Man is flat.” Each of the other elephants, in turn, felt the man, and they all agreed.
The moral? Limited perspective not only yields limited perception – it can also lead to very bad results.
“Information Governance” has become an overused buzz-phrase, often trotted out as marketing mumbo-jumbo for selling technology tools. In all the hype one can easily lose track of what it really means. At its heart, Information Governance is no more – and no less – than making sure the organization sees the big picture of information compliance, cost, risk, and opportunity when making strategic decisions.
The Information Governance perspective is a ready-made, scalable resource. Any organization can make meaningful headway, right away, by simply adopting an inclusive IG perspective when addressing information matters, before investing in significant organizational changes and expensive technology tools.
What does this mean? Simply this – whenever any information-related issue is dealt with or decision will be made by your organization, be sure to ask the following:
- What information is involved, owned by whom, and in whose custody?
- What privacy requirements and risks are involved?
- What data security requirements and risks are involved?
- What intellectual property rights and risks are involved?
- What records & information management requirements and risks are involved?
- What litigation preservation and discovery repercussions and risks are involved?
I can’t think of an organizational decision related to information that wouldn’t benefit from this exercise, be it adopting a mobile device or remote work policy; or reconfiguring external access to IT systems; or pushing data, systems, or platform out to the cloud; or selecting vendors that will have system access; or outsourcing business operations to a service provider; or adding social media features to an intranet, extranet, or public website; or hiring personnel from a competitor; or acquiring or divesting a business unit; or moving the corporate headquarters; or launching a web-commerce site; or engaging in big data analytics; or monetizing data; or exploring use cases for AI or blockchain; or adding Internet of Things elements to the business model; or … you name it.
Of course more questions can be asked, and the above questions should include consideration of legal requirements, contractual relationships, and business needs. But the point is to make ourselves look beyond our comfortable silos, to see the big picture of information compliance, cost, risk, and value.
Like many worthwhile things, this is simple, but not necessarily easy. We tend to shy away from questions we don’t readily know how to answer, which helps explain why we end up in silos. Answering such questions may require input from various stakeholders, with different perspectives, and their input will need to be synthesized to inform the ultimate decision. But asking these questions helps bring into the decision-making process those who have a stake in the decision and its repercussions.
The Information Governance perspective, in and of itself, will yield better decision-making by your organization on any information-related issue or opportunity. It’s worth the effort to see the entire elephant … before anyone gets stepped on.