For many organisations, information governance is treated as a means to meet the bare minimum requirements of data compliance regulations. But the benefits of sound information governance run way deeper than that, including cost and efficiency savings, says George Parapadakis, Director of Business Solution Strategy at Alfresco Software.
I meet hundreds of IT decision makers every year and I am particularly fascinated when we hit the subject of information governance. For example, I often hear that most organisations are confused about where to start and are convinced that their competitors are in far better shape than they are.
It might surprise you to learn that your competitors are probably about the same distance along the information governance path as you are, since most organisations have yet to truly gain control of their data, which often exists – unclassified – in siloes. The challenge comes when IT decision makers try to regain control of their data, seeking ever-cheaper storage solutions as corporate data continues to rise exponentially. Continuously migrating data to cheaper storage is not a long-term solution. Information governance can help contain the exponential growth patterns, by managing information proactively, based on its intrinsic business value.
IT decision makers, after years of procrastination, are eventually confronted by the inevitable question: When it comes to dealing with information governance – if we don’t tackle it now, when will we?
Taking a strategic approach to information governance
Many organisations do just enough with their information governance to ensure compliance with ever-changing data regulations across the world. Information security and data privacy are often treated separately from data management.
If the purpose of IT is to deliver services across the business, then IT decision makers should not adopt a “let’s just stay out of trouble” approach, but rather look to run an efficient set of services. After all, the goals of compliance and wider data management are the same: gaining control of our data to deliver wider business benefits.
For example, most information that organisations hold is redundant. This could include duplicate content, out-of-date documents, and draft or trivial information. Reducing content volumes lowers storage requirements and costs, accelerates finding the right information, increases work cycles and makes data analysis and information governance that much easier. This leads to great visibility, which leads to better business decision making. The “keep everything, just in case” mentality of most legal departments, is no longer a viable operational model.
Taking control of information governance
Organisations need to shift their mindset away from compliance, to taking control of information. Most companies cannot even begin to consider leveraging Artificial Intelligence (AI), machine learning (ML), blockchain, or any exciting emerging data technologies until they have built a deep culture of data quality and data control.
Many IT decision makers I meet are unclear on where to start. It’s a big topic, certainly, but I always reiterate that information governance is not that hard to do. You don’t necessarily need to outsource to a big consulting firm and engage of years of process re-engineering.
It all starts by bringing method and structure to information governance. Be sure to align governance to your business strategy and don’t be driven solely by compliance. Not all information is equal, so tier your data, prioritising your most sensitive data that would be most compromising in a privacy or competitive breach.
Also, be sure to build a future-proof, self-governing platform by automating information governance. Information does not exist in a void, so be sure to use governance controls in your process design and let the system drive that. Automation reduces risk, ensures consistency and reduces operational overheads.
At Alfresco, we recommend the following steps for sound information governance:
1) Aim for invisible information governance
Take advantage of technologies that enable information governance to happen behind the scenes, such as using intelligent classification and embedded governance controls, which take away the onus of compliance from the end-users.
2) Manage records holistically
A strong information governance programme requires a unified records management strategy. Look to manage records with a central hub, so that information disposition schedules run consistently and frequently, with complete transparency and auditability.
3) Build in extra controls
Look at features that allow your business to limit which information assets people are allowed to see, and what they can do with them. In today’s strict data protection regulations, this is essential.
4) Future-proof your solution
Make sure your solution is equipped for the future. This includes looking for cloud-ready solutions with an open architecture that is able to scale and manage multiple file types. Make sure it is certified or can support leading industry governance standards like DoD 5015.02 and ISO:15489
There is so much more to information governance than purely meeting compliance regulations. The question now is where along that journey is your organisation, where do you want to take it and how are you going to get there? How confidently can you answer that today?
George Parapadakis is the Director of Business Solutions Strategy at Alfresco Software, Inc, an enterprise open-source software company focused on driving the convergence of Enterprise Content Management (ECM) and Business Process Management (BPM). Previously, he worked in ECM Strategy and Market Development at IBM UK Ltd, where he was part of the management team that delivered IBM's $20m+ Enterprise Content Management (ECM) business in the UK. George was also Director of ECM Risk and Compliance Solutions at FileNet Corporation, and earlier a Principal Consultant in the Technology Solutions Group at Capgemini UK Plc.
George has over 25 years’ experience in Content Management, Process Management, and Information Governance. He has delivered solutions and consultancy across multiple industries including banking, insurance, public sector, pharmaceuticals, and legal. He is a regular writer, speaker and social media contributor on Information Management, Compliance and Operational Improvement topics.