Information governance practices must be updated as laws, technologies, and business models change. Here are seven ways to make sure you’re governing your data effectively.
Extract from an article by Lisa Morgan
Assess Where You Are
Developing effective data and information governance policies takes time. It’s an evolving process. Like any other business or IT endeavor, reaching a desired end is easier if the status, goal, and steps necessary to meet the goal are defined, agreed to, supported by, and acted upon by the stakeholders.
“You need to conduct an assessment of how the information is being managed throughout the organization, taking into account the governance principles that pertain to the integrity, disposition, retention, and availability of the data, as well as compliance requirements and accountability,” said Rimon Law partner John Isaza.
Tie It To The Business
Information and data governance policies can affect the business positively and negatively. Unless the policy is designed with the needs of the business and its customers in mind, its value is uncertain.
“It’s really important to understand early on what your business objectives are for doing this. It may be you want to improve the first-time resolution of customer queries, or that you want to reduce waste in the manufacturing process. [Regardless,] it’s important to have that insight from the beginning so you can prioritize and measure progress,” said Tim Jennings, chief research officer at global advisory firm Ovum. When data governance has a purpose, it can be measured against outcomes. Companies are more likely to get engagement if they seek assistance on a business level, as in improving customer inquiry turnaround times, as opposed to improving data quality scores.
Information and data governance collectively require multiple types of expertise and generally involve people from multiple disciplines. You’ll need expertise in IT systems, business domains, security, privacy, compliance, records management, and legal. The group may be chaired by the CIO, chief data officer, chief information governance officer, or another individual who has the authority to make a final call and can be held accountable.
Define A Policy
Information and data governance policies can’t be followed unless they’ve been defined in the first place. If there are missing pieces, serious problems can arise. For instance, in the electronic design automation space, Synopsys sued Magma Design Automation for patent infringement, which cost Magma $72 million. Of that sum, $30 million to $40 million was spent tracking down information that was demanded as part of the litigation. The companies settled the lawsuit out of court, and eventually Synopsys acquired Magma.