Robert Fulghum, who brought us All I Really Need to Know I Learned in Kindergarten, sagely mused “[t]hink what a better world it would be if all … had a basic policy to always put things back where they found them and to clean up their own mess.” So true, throughout our lives, and
Selecting the right initial project(s), determining outcomes and measures, and preparing the business case are important groundwork for your Information Governance initiative, as discussed in Part 1. But to secure resilient management support for an ongoing initiative, you’ll also want to tie the individual projects to strategic objectives for Information Governance at your organization.
Management support is crucial for success with Information Governance initiatives. This is not merely a question of initial project and budget approvals. Most Information Governance initiatives involve behavioral changes in how data is handled, and in many instances, aspects of organizational culture may be impacted. No matter the ultimate benefits, any initiative involving behavioral change
They say that the right time to plant a tree is yesterday. In a world of data dangers and opportunities, the time to elevate how your business governs its information is now. That’s easy to say, but with all of the conflicting priorities facing companies today, for many it’s hard to get started, or to
Our firm’s elephant icon is a nod to The Blind M
en and the Elephant, the familiar, age-old parable for how we often do not see the big picture, but instead only the parts we directly encounter. And so it goes for organizations’ data. Individual company functions and departments often have their own, limited perspectives on information, seeing only the risks and opportunities with which they are directly familiar. Limited perspective yields limited perception – not a good thing for identifying, understanding, and controlling organizational risk.
I actually prefer a slightly different version, The Blind Elephants and the Man:
One day, six blind elephants were in a heated argument about what Man was like. To resolve their dispute, they sought out and found a man. The first elephant “felt” the man and then proclaimed “Man is flat.” Each of the other elephants, in turn, felt the man, and they all agreed.
The moral? Limited perspective not only yields limited perception – it can also lead to very bad results.
“Information Governance” has become an overused buzz-phrase, often trotted out as marketing mumbo-jumbo for selling technology tools. In all the hype one can easily lose track of what it really means. At its heart, Information Governance is no more – and no less – than making sure the organization sees the big picture of information compliance, cost, risk, and opportunity when making strategic decisions.
The Information Governance perspective is a ready-made, scalable resource. Any organization can make meaningful headway, right away, by simply adopting an inclusive IG perspective when addressing information matters, before investing in significant organizational changes and expensive technology tools.
What does this mean? Simply this – whenever any information-related issue is dealt with or decision will be made by your organization, be sure to ask the following:
Continue Reading Why govern our information? Reason #2: Your information risks and opportunities arise from a single source – your data. Your response strategies should be synchronized too.
As you toss and turn in bed, you picture yourself on a strange playing field with other athletes swirling around you. You have absolutely no idea what sport you are playing, nor a clue what the rules are. It all feels beyond embarrassing, and downright dangerous.
This is not just a bad dream – it’s the reality for companies possessing third-party data without clarity on what rules and responsibilities apply.
Most companies possess some data that they do not truly and solely own. Perhaps your company signs a nondisclosure agreement and obtains others’ information while evaluating a business opportunity. Or maybe your company is a service provider that receives or generates data on behalf of customers or clients. Your company has possession of the data, but it remains responsible to the third-parties if there’s a problem.
What kinds of problems? Well, what if the third party’s data is lost, corrupted, misappropriated, hacked, or held for ransom? What if the cost of maintaining the information, after the work concludes or need passes, becomes onerous? What if the information becomes relevant in future litigation? Who is authorized to make decisions about the information when the unexpected happens, and who is responsible for the expenses and exposures?
Information Governance – your organization’s strategic approach to managing information compliance, cost, and risk while maximizing information value – is tailor-made for this commonplace scenario. Here’s how it works:
Continue Reading Why govern our information? Reason #3: “Your” data may actually belong to others … and you’re responsible to take care of it.
If you’re old enough, you’ll remember a time when businesses actually kept their own information (cue my adult children to roll their eyes). How quaint. We no longer keep most of our information – providers do that for us. We store our data in the cloud, with cloud providers. We outsource business applications to SaaS providers, and even entire systems as PaaS. And we increasingly use service providers to handle key aspects of our business that we used to operate internally, resulting in a robust flow of data out of our businesses to such providers, and also the providers generating, receiving, and retaining huge troves of business data on our behalf.
But we’re still accountable for our information in others’ hands:
Our litigation preservation duties do not vanish for information hosted elsewhere but still in our control; our data security obligations do not evaporate when we house protected data with a service provider; our imperatives of data integrity and accessibility have no exceptions based merely on data storage location; and our records retention and destruction rules do not disappear if our data is hosted remotely. In other words, we still need to govern information compliance and risk for our business data in other’s custody.
And this is a perfect example of the value of Information Governance. A key benefit of the IG perspective is that it enables organizations to take useful strategies from one established discipline and apply them more broadly. The importance of service provider controls is well-established in the data security discipline. For example:
Continue Reading Why govern our information? Reason #4: Your business data is in others’ custody … but you’re still responsible for it.
The “business case” for information governance often focuses solely on quantifying specific costs for data management and exposures for data security and ediscovery. Number crunching is of course important, but it misses something bigger, more strategic, and ultimately more crucial to the organization – its brand. Companies, regardless of industry, are fundamentally in the information business. It follows that how an organization manages its information assets reveals how the organization manages itself. And that matters, a lot, because companies that align themselves with their brand, achieving brand discipline, are more successful.
In their seminal 1993 Harvard Business Review article, Customer Intimacy and Other Value Disciplines, Michael Treacy and Fred Wiersema made the case for how highly successful companies (1) understand and redefine value for their customers, (2) build “powerful, cohesive business systems” to deliver more of that value than their competitors, and (3) raise their customers’ expectations beyond what the competition can deliver. The most successful companies do this work within at least one of three disciplines: operational excellence, product leadership, or customer intimacy.
Treacy and Wiersema based their insights on an intensive study of 40 companies that achieved breakout success in their markets. They followed the article with their quintessential business strategy book The Discipline of Market Leaders. Twenty years later, this book is likely still on your CEO’s bookshelf.
What’s the point for information governance? It’s this – a successful company brand cannot be lipstick on a pig. It must be organic, a discipline that pervades the organization from the bottom to the top, inward and outward, in its core processes, business structure, management systems, and culture. And how your organization manages information value, cost, compliance, and risk is no exception. Simply put, stronger information governance yields a stronger brand for your business. And this is true for each of the three disciplines of highly successful companies:
Continue Reading Why govern our information? Reason #8: It can build – or bust – your brand
2017 was rife with data dangers. Nary a day passed without headlines of massive data breaches and ransomware attacks; Russian election-meddling through WikiLeaks and social media; fake news; and presidential tweet-storms. Disruptive information-driven technologies continued to emerge, from block-chain to biometrics, IoT, AI, and robotics. Meanwhile, the sheer volume of our personal and business data inexorably grew.
What better way to start 2018 than with a renewed commitment to Information Governance? So, here are a dozen reasons why your organization should govern its information, in 2018 and beyond:
Continue Reading 12 reasons to govern your information in 2018
Our firm’s elephant icon is a nod to The Blind Men and the Elephant, the familiar, age-old parable for how we often do not see the big picture, but instead only the parts we directly encounter. And so it goes for organizations’ data. Individual company functions and departments often have their own, limited perspectives on information, seeing only the risks and opportunities with which they are directly familiar. Limited perspective yields limited perception – not a good thing for identifying, understanding, and controlling organizational risk.
I actually prefer a slightly different version, The Blind Elephants and the Man:
One day, six blind elephants were in a heated argument about what Man was like. To resolve their dispute, they sought out and found a man. The first elephant “felt” the man and then proclaimed “Man is flat.” Each of the other elephants, in turn, felt the man, and they all agreed.
The moral? Limited perspective not only yields limited perception – it can also lead to very bad results.
“Information Governance” has become an overused buzz-phrase, often trotted out as marketing mumbo-jumbo for selling technology tools. In all the hype one can easily lose track of what it really means. At its heart, Information Governance is no more – and no less – than making sure the organization sees the big picture of information compliance, cost, risk, and opportunity when making strategic decisions.
Continue Reading Why govern your information? Reason #2: Your information risks and opportunities arise from a single source – your data. Your response strategies should be synchronized too.