Information governance is slowly moving beyond its traditional image as a center of risks and costs as it evolves into a technology practice that delivers added value for companies.
That was one of the themes yesterday in a CMSWire Webinar, "Real Customer Successes: Business Transformation with Information Governance." The speakers were Barclay T. Blair, executive director and founder of the Information Governance Initiative (IGI), and Stephen Ludlow, the director of product marketing at OpenText who leads that company's e-discovery and information governance (IG) practice.
The core of the presentation was a preview of a benchmarking study by IGI that is based on interviews with 30 information governance managers. You can watch the full webinar by clicking here or at the end of this story. The full IGI study is scheduled to be released in January.
"This was motivated by the observation of clients and organizations around the globe struggling with the same problems," Blair said. "There's a tremendous amount of information they're creating, and [they're] trying to use that, trying to extract value from that information in an intelligent way, to try to transform their businesses to remain competitive."
Blair offered a "sneak peek" into the findings by sharing several of the lessons from the interviews in the hour-long program, which was sponsored by OpenText, an enterprise information management vendor. He began with this definition for information governance, which he said was approved by more than 90 percent of the organization's members: "The activities and technologies organizations employ to maximize the value of their information while minimizing associated risks and costs."
Ludlow, whose company was a charter member of ICI, noted "the starting point for most organizations still seems to be this idea that content sources need to be managed in order to reduce a lot of the perceived cost and risk." He explained that information governance doesn't even necessarily involve technology.
"You could have policy about your instant messages that doesn't involve technology," he said. "It's simply an internal policy about how long you keep your instant messages and how they're considered from a policy perspective in terms of them being considered conversational or transitory in nature."
Blair's case studies provided cameos of the various challenges and opportunities facing information governance professionals in several types of companies. For example, the first involved an IG leader for a large technology service company that is just starting to take information governance seriously. The motivation to adopt formal IG policies stemmed from the move to the cloud with Office 365.
"There's money and political capital to clean information up, get information organized and so on" and that, Blair said, is prompting the company to review the way it handles information. Specifically he said there's a growing awareness that it's "frankly stupid to move the pile of stuff from one environment to another."
As a result, a lot of ROI models have embrace the notion of adopting IG guidelines that help to determine what information needs to be moved and what doesn't.
"I do think, however, that most management structures at most organizations are not up to the task of actually ensuring that governance considerations are baked into the IT process," he said. "And I think that's a problem."
Need to Know
A second case involved an IG manager in a large biotech company that is spending heavily in information governance because its intellectual property is its key asset. The manager was initially assigned to retain that property. In the process of implementing data-loss processes, however, it became apparent that the same technologies can help in other areas.
"It's not only retention, it's security, it's privacy, it's what is this from a business perspective and who needs to have it, and how do we marshal that to actually generate value and make new discoveries," said Blair.
Because the act of classifying the data requires expertise of the subjects, it also makes it easier to limit access to the information to those who need to know it.
Ludlow noted a benefit of that approach is that "it really removes the end-user from the equation, which is really important most of the time when you consider the amount of information we're talking about capturing."
A third example involved an information manager at a major insurance company that was striving for simplicity in the way it manages its information. For an insurance company, that information is vital to defend itself from future claims that it made mistakes. Blair likened that to a sort of insurance for its business.
"The challenge here is that a lot of this is not simple," said Blair. The company operates in many countries, with different regulatory agencies demanding different types of information or imposing different restrictions on the data. The call for simplicity stems from the notion that complicated approaches reduce productivity.
Ludlow noted that many companies believe its easier to keep all the information forever, but that isn't really the case when one considers the legacy systems, added costs of storage and other factors.
"Everybody understands and agrees that there are definitely risks and costs associated with storage, e-discovery and investigations, digital privacy rights associated with European companies and offshoots," he said. "There's the idea that we need to be able to understand the information we have and understand personally identifiable information in our content. There's certainly lots and lots of risks and costs."
But he said that information governance also has to be about creating value for the company. "I'm beginning to see that information governance needs to be about more than risks and costs," he said.
Blair agreed, saying most IG programs are founded on the idea of managing risk, but "ultimately the opportunity and long-term value proposition of information governance is to build from that foundation and find a way to deliver value," he said.
For example, he said, large construction companies often find themselves the targets of lawsuits from building owners who allege they made major errors in putting up a building.
The construction company may be right, but in the years it takes the case to work its way through the courts, the owner earns income on the tens of millions of dollars in withheld payments.
An effective IG process can help the construction company prove its innocence quickly, clearing the way for payment.
Another of the benchmarking interviews centered on an information manager at a major manufacturer who had a hard time generating any support for an IG program from the C-suite. Blair said that's a common issue.
"There's no senior executive waving the flag for them. There's no sponsor for the IG program," he said. "There's a perception that the activities are really focused on the risk and cost side, and it's not something big business leaders want to spend a lot of time on unless they're regulated."
The manager focused on smaller projects that demonstrated the value propositions of a strong IG program. That helped convince the company's chiefs that IG is more than a risk-and-cost consideration.
Ludlow agreed it's very important to have executive backing. He said there remains a desire to show how IG adds value, but the perception is still that it's only impacting risks and costs.