Information Governance: Not A Product, Not A Technology, Not A Market

The Information Governance report is out! Over the last few months I've test-driven my thoughts and data with many vendors and enterprise customers via conference presentations, webinars, and one-on-one discussions. For those who have shared their thoughts with me - thank you! Forrester subscribers can access it here.

Information Governance is red hot right now, and it was time for Forrester contribute a view on how IG helps companies meet their core corporate missions. Of course, better, consistent fulfillment of compliance obligations is essential, but so are objectives such as customer service, revenue growth, and improved agility in oh-so competitive markets. IG is not just about getting rid of junk content, it is - more importantly - about instilling trust in the data and communication we use to run our businesses.

Software is not a silver bullet for information governance. Look beyond vendor hype - IG is not something to go buy so you can say your company has it. Look at IG as an evergreen corporate objective, enabled by programs, policies, people- and yes, a range of technologies.

I'm going to add to the IG definition war this week, by describing information governance as:

"A holistic strategy for using and managing information to meet business objectives. Information governance assures the quality of content and data, maximizes its value, and ensures that security, privacy, and life-cycle requirements are met".

Business objectives. These may include cheaper, faster eDiscovery. Or more accurate responses to regulators. Or getting rid of redundant digital debris chewing up valuable storage space. These are the typical IG use cases we hear from vendors. But corporate technology spend is shifting. More funding is being allocated to serving the needs of client-facing roles, like sales, marketing, and customer service. Companies are reducing storage costs by adopting cloud services - not just by destroying duplicates and expired records. Companies focused on ongoing continuous improvement are not just spending time deleting smoking guns, but they're figuring out how to stop them from being fired in the first place. It's time to move the needle from reactive to proactive.

Sustainable IG programs don't focus exclusively on one problem. Sustainable programs shift their priorities and projects to align to the key, funded corporate objectives. The top driver in 2015 might be a refreshed electronic records management system, but next year it might be consolidation of CRM systems, or anonymizing historical data to feed into a big data pilot. Evergreen, relevant IG programs must shift as corporate priorities shift. 

IG strategy teams need to embrace new stakeholders. Most current reference models for IG depict "The Business" as a monolithic block, next to roles for technology, privacy, security, legal and compliance. Sustainable programs will decompose "the business" into specific key roles that drive corporate mission. Sales, R&D, marketing, customer support, M&A - these varied stakeholders will have different IG expectations. Don't gloss them over into one segment.

It's also time for an "outside-in" view for IG. Put yourself in the seat of a customer, a partner, a regulator. What do they expect from your organization or institution regarding their information? What guardrails and guidelines need to be around information as they progress through their journey with you? Do they expect it to be secured, yet instantly found when there's an urgent call for service. Will it be appropriately disposed of to prevent breach when the engagement is over? Brand and customer trust must be built into IG priorities.

These external perspectives can help build a stronger business case for an IG program, because it's easier to tie IG into currently funded programs. Key takeaway? Stop asking how to get C-level attention on your IG program....and go to where C-level attention is already focused. 

Comments

Piggybacking IG onto a large IT program - but stay neutral

Great blog. Agreed: IG is not a product/technology/market (though advanced org’s may well want to invest into an IG tool to support an IG program). Your “outside-in” view is prescient as well – indeed, we live in a world with more scrutiny by regulators and where suppliers are increasingly dependent on high data quality in the org’s they serve, esp. if they buy customer data from them.

Interesting proposition in your closing para which suggests to latch an IG program onto an existing C-level sponsored IT program to get attention, approval and funding. While this is indeed, sadly, often the best or only way to get it started, IG leaders must be careful not to limit their scope to the interests of the piggybacked IT program.

Indeed there are benefits from NOT being too close to any particular program. IG data standards, policies, processes, definitions, hierarchies etc. work best if they are seen as neutral, program-agnostic, serving all business units, business functions, geographies and systems equally.

I love this sentiment as the

I love this sentiment as the primary goal of IG: "it is - more importantly - about instilling trust in the data and communication we use to run our businesses."

Thank you Cheryl for this

Thank you Cheryl for this refreshing approach on information governance. This is a much needed insight: IG is about instilling trust in the information and communication we use to run our business." So with Nick that makes two of us loving this 'sentiment'. ;-)

Thank you, Cheryl, for making

Thank you, Cheryl, for making clear what IG isn't. And I like the focus on 'business objectives' in your definition of IG.

Your post is also refreshing in that it doesn't equate IG with RIM (as I unfortunately see a lot) - IG is more than RIM, although RIM is definitely a part of a successful IG Program.