The Information Governance Initiative (IGI) released “The State of Information Governance Report, Volume III on March 1, 2018 (SIGR-III). Based on a survey of approximately 100,000 people who work in Information Governance (IG) in their organization, it reveals some key insights about the importance of IG and also a (perhaps) surprising increase in adoption of IG projects. It seems an appropriate time to reflect on IG and how it can maximize value and reduce risk.
There is a growing recognition, reflected in the SIGR-III, that IG is one of the broadest categories of internal business activities. It is usually described as subsuming compliance, E-Discovery, and privacy, for example. IGI has developed a pinwheel infographic which depicts IG as touching upon all organizational activities and functions.
IG is not a product that an organization can simply purchase or install; it is a practice, similar to the risk-based approach that has emerged in compliance disciplines. It is an ongoing way of doing business that becomes easier over time but really has no end. Its lifecycle moves through many stages: evaluation, collection, measurement, analysis, development, implementation, evaluation, reporting, training and finally audit.
The goal of all this is to move away from an ad hoc system where individual users decide how information is to be generated, used, valued, shared, stored and deleted. The ad hoc approach is fraught with risk. By managing and optimizing an organization’s IG system we move to one that is designed to maximize value and minimize risk. In other words, “IG by Design”.
SIGR-III demonstrates that business has got the message. Some of the key findings include:
VAST INCREASE IN IG PROJECTS - the number of respondents who have never undertaken an IG project dropped by a whopping 90% in one year resulting in only 2% of respondents never having undertaken an IG project;
ORGANIZATIONS REALIZING VALUE - the number of organizations reporting that they are extracting business value from the information they hold has increased by 30% to 46%;
TONE FROM THE TOP – senior executives are getting more involved;
CYBERSECURITY CONNECTION – organizations are increasingly aware that IG is “essential to strong cybersecurity”.
SIGR-III describes a business world that is changing rapidly and starting to get a hold on the reality that effective information governance is no longer an option. It is a business necessity.