Basic Principles to Establish an Information Governance Policy
Information Governance programs are a growing and critical component of how organizations manage their data and records. Understanding information governance and the information lifecycle is important because data impacts all areas of an organization, including regulatory compliance, litigation, continuous improvement processes, IT infrastructure, and business strategies, to name a few.
Additionally, an effective information governance program can help an organization understand what information it finds valuable, thereby enabling it to leverage the new capabilities provided by modern technology. For instance, twenty years ago if documents were requested in discovery a categorical document collection and review was undertaken. Today, eDiscovery technologies allow specificity with regards to file types, servers, formats and versions of documents; not to mention the additional efficiencies that may be gained through the use of analytic and clustering tools.
Basic principles of establishing a good information governance policy include:
- Take time to understand where your organization is currently situated with its governance programs and strategies.
- Identify what types of data and information are important to the organization and its industry.
- Design and implement effective data retention policies and schedules so that the important information is preserved in accordance with regulatory requirements and business need, and the rest can be properly and defensibly disposed of in due course.
- Train employees on the organization’s data policies, and how to correctly handle information.
- Executive sponsorship and top-down support of the information governance model established. While this is listed last here, executive buy-in is possibly the most critical component differentiating successful information governance programs, and those that fail.
An organization should have full awareness of how its information and records are being created, used, stored and managed (including what that information contains), and deleted. Additionally, only maintaining “clean” data and defensibly disposing of the redundant, outdated, and trivial data, in accordance with a well-established information governance policy, can be worth its weight in gold if it becomes necessary to retrieve data in response to litigation or government investigation. That, however, is a topic for another day.
If you would like more information about information governance or how information governance consulting services from TERIS can assist you, please contact us!