What is information governance?
Information governance is the way in which information is used and managed. It’s an important practice which seeks to limit the risks involved in the management of data and ensure compliance.
Good information governance begins with an examination into how information is gathered and how data is kept, both digitally and on paper. Information governance also covers how this data is stored, and the ways in which a company intends to use the data. The sharing of data is also crucial, particularly with rules and regulations concerning the use of data becoming more robust.
Information governance practices often involve the use of information governance software, which aids businesses as they seek to manage their information in the best possible ways, make full use of all available data and comply with all current data regulations.
What are some information and data governance challenges?
Data and information are the lifeblood of modern business. But the sheer amount and variety of them in need of information governance and data management? Those are growing at an exponential rate. It’s become a Herculean task for business. Just a couple of the complexities they must deal with?
Coping with the Three V’s:
More companies are reliant on Big Data, which is defined by three key vectors – volume, variety, and velocity. All of these are growing rapidly, and mismanaging them can have serious consequences.
As early as 2015, UK-based fraud prevention company Semafone an OnePoll revealed that the overwhelming majority of consumers would not do business with a company that had been breached, especially if it had failed to protect its customers’ financial data, such as credit card numbers.
- Over 86% percent of respondents were “not at all likely” or “not very likely” to do business with an enterprise suffering a data breach involving credit or debit card data.
Today, more employees, stakeholders, and customers in more locations than ever may want or require access to your files and data. Especially if you’re a large or global enterprise. Many of them are now working remotely, on a variety of devices, so a company must both ensure access and maintain data security:
- More U.S. corporate employees work from home than ever before, rising 140% from 2005-2018.
- 4.3 million work from home at least half the time.
- From 2015-2016, the telecommuter population grew by 11.7%, the biggest YOY growth since 2008.1
How is information governance integral to success?
Information governance is an enterprise’s strategic approach to managing its information, whether in digital data, documents, or archival records, in order to support business outcomes.
It can involve a wide range of cross-disciplinary policies, procedures, controls, tools, and technologies that help a company meet regulatory, legal, and operational demands.
By balancing the proper use of data and information against regulatory and security demands, information governance via proper data management can:
- Maximize the value of that data to the company
- Enable legal compliance and risk mitigation
- Enhance operational transparency
- Reduce likelihood, instances, and costs of legal discovery and regulatory penalty
What is the difference between information governance and data governance?
Information governance and data governance are complementary areas, but are not exactly the same thing. By understanding more about each one, businesses can enhance their approach to overall information management.
As the name suggests, information governance relates to an organization’s information as a whole – including documents, records, cybersecurity, and data. In other words, data governance is one avenue of information governance.
The differences between the two lie mainly in where they are carried out and by who. Data governance is an approach to managing at a data level and is focused on maintaining the integrity of any data assets within an enterprise. At its essence, information governance is much more multidisciplinary and relies more on top-down leadership to ensure effective management and collaboration across silos.
By ensuring effective data governance, however, an organization can enhance its overall information governance. Both approaches are ultimately vital for risk mitigation and maximizing the value of your information. The two also naturally intersect within information governance software that includes data management and analysis tools.
What falls under information governance?
There are multiple elements to any successful corporate information governance program, and here are some of the mainstays:
The practice of managing and reducing the risks caused by unnecessary access to data. Employees may have access to data not required for their role or work, for example, or may try to access data via unsecured channels. Implementing it is often a matter of regulatory compliance, especially in sectors such as healthcare, financial services, or the legal industry.
Enterprise Content Management
ECM is the strategy and practice of capturing, managing, storing and delivering data and content by leveraging technology tools. ECM allows an enterprise to manage its unstructured information, wherever that data resides across the organization.
Audit trails (or audit logs) are chronological records that provide documentary evidence of the sequence of activities involved in a specific program, operations, workflow, or event. Capturing and preserving these, along with associated assets such as documents, messages, meeting records, et al, is critical in satisfying both internal reviews and regulatory oversight; a lack of a detailed audit trail can prove disastrous, especially in heavily-regulated industries.
Know Your Customer (KYC)
KYC is the process of verifying the identity of its clients or customers, and assessing any risks, especially legal or criminal, possible in that business relationship. KYC is a term that’s also specifically applied to the banking and anti-money-laundering regulations governing such activities.
Information Lifecycle Management
ILM refers to strategies and policies for administering digital storage systems, and encompasses data center and security infrastructures, backup and data protection, disaster recovery, archiving and long-term retention, data replication, and everyday storage architecture management.
Single Source of Truth
SSOT is the practice of structuring data models and architectures in such a way that every data element is stored just once, typically in a centralized d digital data management repository, in order to avoid duplicate or de-normalized versions. This way, everyone in an organization has access to the same authoritative data.
This is a function dedicated to managing data or information throughout its lifecycle, from its capture to its disposition. It consists of identifying, classifying, storing, securing, retrieving, tracking, and permanently preserving or destroying those records.
A discipline for creating, sharing, using and managing the knowledge and information held by an enterprise in order to reach corporate objectives by making optimum use of that knowledge.
This refers to the discovery process in legal proceedings such as litigation, government investigations, or Freedom of Information Act requests, where the data or documentation being sought is in Electronically Stored Information (ESI) format.
Information Governance Software
More enterprises are adopting information governance tools like data management software and ECM solutions to cope with data governance demands. Evaluating, adopting, and implementing these tools can be a key responsibility for information governance professionals.
Process and workflow automation software solutions are increasingly being used to digitize and automate the mundane and repetitive aspects of Information Governance-related processes. This greatly enhances the speed and accuracy of these processes, while reducing error and cost.