A metal cattle brand with the word brand as the marking areaThe “business case” for information governance often focuses solely on quantifying specific costs for data management and exposures for data security and ediscovery.  Number crunching is of course important, but it misses something bigger, more strategic, and ultimately more crucial to the organization – its brand.  Companies, regardless of industry, are fundamentally in the information business.  It follows that how an organization manages its information assets reveals how the organization manages itself.  And that matters, a lot, because companies that align themselves with their brand, achieving brand discipline, are more successful.

In their seminal 1993 Harvard Business Review article, Customer Intimacy and Other Value Disciplines, Michael Treacy and Fred Wiersema made the case for how highly successful companies (1) understand and redefine value for their customers, (2) build “powerful, cohesive business systems” to deliver more of that value than their competitors, and (3) raise their customers’ expectations beyond what the competition can deliver.  The most successful companies do this work within at least one of three disciplines: operational excellence, product leadership, or customer intimacy.

Treacy and Wiersema based their insights on an intensive study of 40 companies that achieved breakout success in their markets.  They followed the article with their quintessential business strategy book The Discipline of Market Leaders.  Twenty years later, this book is likely still on your CEO’s bookshelf.

What’s the point for information governance?  It’s this – a successful company brand cannot be lipstick on a pig.  It must be organic, a discipline that pervades the organization from the bottom to the top, inward and outward, in its core processes, business structure, management systems, and culture.  And how your organization manages information value, cost, compliance, and risk is no exception.  Simply put, stronger information governance yields a stronger brand for your business.  And this is true for each of the three disciplines of highly successful companies:
Continue Reading Why govern our information? Reason #8: It can build – or bust – your brand

3d blue cubes come together from different directions.Dr. Stephen Covey reminded us that “important” is not the same thing as “urgent.”  Records retention reminds us that important is not the same thing as exciting.  I get it – records retention schedules are boring.  But the fact remains that literally thousands of records retention requirements apply to your organization’s information.  I know, because my firm finds and tracks these laws as part of our decades of retention schedule work for clients across industries.  And your regulators expect you to know them too.

Records retention requirements generally apply to information’s content, regardless of the information’s medium – electronic data, paper, you name it.  The requirements are scattered across the federal and 50 states’ statutory and regulatory codes, often with unusual retention mandates.  Here are just a few:
Continue Reading Why govern our information? Reason #11: Thousands of federal and state records retention laws apply to your company

Image of one hundred bill burning “If your clients don’t have a records management system, they may as well take their money out into the parking lot and set it on fire.”

– Former U.S. District Court Magistrate Judge John Facciola

We all know that ediscovery is expensive, and various research reports have so confirmed. The definitive Rand study, Where the Money Goes: Understanding Litigant Expenditures for Producing Electronic Discovery, found that median costs for collection, processing, and review are $17,507 per gigabyte (roughly 3,500 documents or 10,000 e-mails).  The math is not pretty – a case involving 482 GBs of source data could exceed $8 million in ediscovery costs.

And on top of that are preservation costs. The  Preservation Costs Survey demonstrated that large companies incur significant fixed costs for preservation (for in-house ediscovery personnel and also for procurement and maintenance of legal hold management and data preservation technology systems), averaging $2.5 million annually.  More significant is the cost of employee time lost in complying with legal holds.  While companies with up to 10,000 employees incur the average time cost of over $428,000 per year, costs for the largest companies exceed $38 million per year.

There is indeed great complexity in how to cost-effectively process huge amounts of data through the ediscovery funnel. Tighter management of ediscovery processes continues to be important.

But as we ponder how to cut costs, let’s not confuse symptoms with causes:
Continue Reading Why govern our information? Reason #12: Unnecessary business data causes unnecessary litigation costs

“GarGarbage Dumpbage in, garbage out” – we know that already, right?  Well … what we know about information quality and what we do are not always in sync. Just for kicks, consider information quality through the lens of the industrial quality movement.

Looking down from 30,000 feet, the history of industrial quality goes something like this – Medieval Guild craftsmanship, then Industrial Revolution product inspection, and then the post-World War II focus on quality process management.  It sounds arcane, until one remembers the 1980’s visceral fear that Japanese manufacturers were beating the pants off of U.S. manufacturing in terms of quality and value. Enter W. Edward Deming, who had been deeply influential in Japan’s post-war industrial recovery, and who became the evangelist for quality management practices in U.S. industry.  Deming exhorted American management to adopt product and service quality as the driving force in all business practices.

What’s that got to do with Information Governance?  It’s this – regardless of industry, in today’s world you’re actually in the information business.  So, business quality increasingly means information quality.  
Continue Reading Why govern your information? Reason #5: Bad information results in bad decisions.

disk cleanupIn a previous post I suggested that Information Technology is really in a good position to help identify and clean up ROT (redundant, obsolete, and trivial information).  Sometimes, though, IT needs a helping hand to get the attention of those who can approve a budget for clean-up initiatives.  Here’s where Audit comes in.

Over the years, I’ve seen many information governance clean-up programs come to life in the wake of an expensive e-discovery effort, or an embarrassing and costly data breach.  Needless to say, such events draw the attention of the C-suite and boards of directors.  That attention usually translates into emergency funding and action to shut down e-mail retention, delete old files, and generally do what should have been done all along: better manage information.  Audits, whether external or internal, can serve the same function.

Continue Reading InfoSec Audit’s role in cleaning up ROT

When Earth Day rolls around each year, I can’t heEarth in human handslp but think of the picnic scene from Mad Men.  After Don Draper chucks his empty beer can into the pond, Betty snaps the blanket, dumping their litter across the grass, before trundling the kids off to the family car (12 MPG, leaded gas, with no emissions control).

Mad Men‘s magic was culture clash, the shocking contrast between the oblivious then – sexism, homophobia, humans as ashtrays – and our enlightened now.  What makes the picnic scene so memorable is the gobsmacking environmental thoughtlessness of that era, in which the only things green were money and envy.

And my, how far we’ve come.  We reduce, reuse, and recycle. Some of us compost, and others glare at the poor souls who still occasionally litter.  We spend extra money for energy-efficient vehicles and appliances.  We tend to buy local and organic, and we worry about chemicals in our food and water.  Most folks are concerned about climate change and believe we need to change human behavior to slow it.  In short, we devote significant thought, time, effort, and resources to be environmentally responsible.

At the same time, we remain completely oblivious to the swirling plumes of data exhaust we emit every day, and the toxic accumulations of data in the landfills of our devices, servers, and cloud accounts.  When it comes to data pollution, guess what – we’re Don and Betty.Continue Reading Earth Day and data pollution

Twenty percent solutionOK, IT mavens, listen up…how much better would your life be if you only had to manage and protect 20% of your company’s data? By eliminating 80% of your data you could free up oodles of storage, reduce licensing costs, shorten backup cycles, and drastically cut e-discovery preservation costs, not to mention go home on time for a change.  For most this is an unrealistic pipe dream, but it doesn’t need to be.  The trick is knowing which 20% to manage.
Continue Reading The 20% solution for information management and security

Wild Horses in Pens
https://www.kickstarter.com/projects/wildhorses/wild-horses-0

As a horsewoman, I have followed the plight of the American Mustang in recent years, and I am once again struck by parallels with the management—or lack thereof—of information.   Good intentions, poor execution.  Hopes that the problem would disappear.  Management by crisis.  Inattention leading to untenable yet continuing costs.   Fighting factions with competing agendas and differing views of the facts, with no resolution.

A little background:Continue Reading Roundups and records—it’s still the Wild West in 2016

A metal cattle brand with the word brand as the marking areaThe “business case” for information governance often focuses solely on quantifying specific costs for data management and exposures for data security and ediscovery.  Number crunching is of course important, but it misses something bigger, more strategic, and ultimately more crucial to the organization – its brand.  Companies, regardless of industry, are fundamentally in the information business.  It follows that how an organization manages its information assets reveals how the organization manages itself.  And that matters, a lot, because companies that align themselves with their brand, achieving brand discipline, are more successful.
Continue Reading Why govern your information? Reason #8: It can build – or bust – your brand

3d blue cubes come together from different directions. Dr. Stephen Covey reminded us that “important” is not the same thing as “urgent.”  Records retention reminds us that important is not the same thing as exciting.  I get it – records retention schedules are boring.  But the fact remains that literally thousands of records retention requirements apply to your organization’s information.  I know, because my firm finds and tracks these laws as part of our many years of retention schedule work for clients across industries.  And your regulators expect you to know them too.Continue Reading Why govern your information? Reason #11: Thousands of federal and state records retention laws apply to your company