What is “information governance”? Here are some definitions:
- TechTarget: “A holistic approach to managing corporate information by implementing processes, roles, controls and metrics that treat information as a valuable business asset.”
- Wikipedia: “The set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information at an enterprise level, supporting an organization’s immediate and future regulatory, legal, risk, environmental and operational requirements.”
- The IG Initiative: “The activities and technologies that organizations employ to maximize the value of their information while minimizing associated risks and costs.”
In short, information governance is about getting value out of information and minimizing the risks associated with managing it.
We are just about to publish a white paper focused on the return-on-investment associated with information governance. As part of that effort, we have conducted a survey with mid-sized and large organizations to determine the state of information governance today. Here are some highlights:
- Only 52% of the organizations surveyed have an information governance program today, but another 20% plan to do so within the next 12 months.
- The top three drivers used to justify an information governance program are risk avoidance, the risks associated with meeting regulatory obligations, and, somewhat surprisingly, maintaining or improving employee productivity.
- Despite the fact that most organizations have or will have an information governance program in place within the next 12 months, most organizations do not regulatory dispose of digital information from file share, SharePoint or related systems.
- Moreover, most organizations do not have in place a defensible disposition program.
- More than one-third of the organizations surveyed have had sensitive or confidential content stolen from them. This most often occurs from outside parties, but also a sizeable proportion of insider theft has occurred.
Our focus in the white paper will be on a) why information governance is an essential best practice for any organization, but particularly those with large amounts of sensitive, confidential or otherwise valuable information; and b) how to demonstrate the return-on-investment that can be realized by implementing an appropriate information governance program.
If you’d like an advanced copy of the white paper, please let us know.