Every organisation is different. It has unique business challenges and goals. This means that every Information Governance programme is also different and needs to address the specific information requirements of that organisation.
However, there will be some areas in your business that are common to any Information Governance programme. You will need to identify the information sets with your organisation and then set best practise policies in all of the key areas.
This section of the web site sets out some Best Practice advice and tips when planning an Information Governance programme.
Engage an Executive Sponsor
Information Governance will set the drivers, policies, strategies and core processes that information owners need to manage information within the organisation. To ensure success, it is critical to have the right people at the table. The programme requires an Executive-level level sponsor. The CIO, CFO, CTO or General Counsel will add authority as policies and procedures are rolled out.
Establish a Multi-Disciplinary Council
An Information Governance programme will affect every part of the organisation so broad and deep support from executives and managers is required. A multi-disciplinary committee – often called a Council – should be established to drive planning and execution. The best way to approach Information Governance is to roll out the programme through a series of smaller manageable projects. As a result your committee may change over time to include those managers that are directly involved with the current projects.
Involve IT and Business Users From the Start
Information Governance is often driven by the legal department but there are two groups that should also be involved. Representation from IT is essential if the correct technology solutions are to be selected and the life cycle of Information Governance projects are synchronised to the life cycle of IT systems. Business users are needed too because they are best placed to determine the value of the information they use. They can determine which information they need access to, how they would like to access the information and also what information is not required for business operations.
Take the Long View
Experience has shown that an Information Governance programme usually takes around three to five years. Anything less and it is unlikely that all of the potential benefits will be realised. If it takes much longer to deliver tangible benefits to the organisation, the programme is increasingly likely to falter and fail.
Start Small, Think Big
Many organisations begin their Information Governance programme by attempting to re-engineer their legacy information. For most, this is a massive task. A better approach is to focus on building the foundation of the environment that the organisation wishes to move towards. Once that is established, the organisation can start work on small projects that begin to move to full Information Governance. For example, tackling information within email is a quick, cost-effective way to gain some benefits. In this way, an organisation can clean up their existing environment as it implements each new project.
Create a Central, Flexible Policy
Information Governance policy should be created and maintained centrally so that there is one central source of policy that can be understood, documented and defended, All information sources governed by that central policy can be searched once and information returned. This approach results in significantly less cost and time invested, in lieu of examining each and every different system of record of corporate information. It provides the basis for simplifying the organisation’s information structure where there can be one information item or document that is a ‘single version of the truth’.
Adopt ‘Active Compliance’
Effective regulatory compliance is one of the key benefits of Information Governance. However, compliance is sometimes viewed as a cost to the business. If an organisation adopts ‘Active Compliance’ it can be utilised to drive competitive advantage. Through Active Compliance the organisation automatically adhers to industry-established best practices and procedures. Risks are automatically minimised. As all of the organisations within that industry have to comply with the regulations, companies can benefit from the delivery of better products and services that fit into compliance frameworks.
Integrate Information Governance With all Business Programmes & Projects
It is easy to see Information Governance as a separate business programme. It should really be viewed as an ethos. The easiest way to ensure that Information Governance is consistently applied throughout your organisation is to ensure that all of your business programmes and projects include an Information Governance component from the outset. Then, over time, Information Governance won’t be seen as a separate business activity, but just a natural part of your business operations.
Employ the Carrot AND the Stick
It is hard to incentivise people to adopt Information Governance, but thinking creatively provides an opportunity to make staff understand the benefits to their daily operations. For example, show staff how the programme can deliver the information they need while also removing the bulk of useless information they don’t want. This approach has to be backed up with full training on your Information Governance approach and underlying IT systems. In addition, you should have enforceable, appropriate, clearly communicated and understood penalties for non-compliance.