Information governance is slowly moving beyond its traditional image as acenter of risks and costs as it evolves into a technology practice that deliversadded value for companies.
That was one of the themes yesterday in a CMSWire Webinar, "RealCustomer Successes: Business Transformation with Information Governance." The speakers were Barclay T. Blair, executive director and founder of theInformation Governance Initiative (IGI), and Stephen Ludlow, the director ofproduct marketing at OpenText who leads that company's e-discovery andinformation governance (IG) practice.
The core of the presentation was a preview of a benchmarking study byIGI that is based on interviews with 30 information governance managers. You can watch the full webinar by clicking here or at the end of this story. Thefull IGI study is scheduled to be released in January.
"This was motivated by the observation of clients and organizationsaround the globe struggling with the same problems," Blair said. "There'sa tremendous amount of information they're creating, and [they're] trying to usethat, trying to extract value from that information in an intelligent way, totry to transform their businesses to remain competitive."
Blair offered a "sneak peek" into the findings by sharing severalof the lessons from the interviews in the hour-long program, which was sponsoredby OpenText, an enterprise information management vendor. He began with thisdefinition for information governance, which he said was approved by more than90 percent of the organization's members: "The activities andtechnologies organizations employ to maximize the value of theirinformation while minimizing associated risks and costs."
Ludlow, whose company was a charter member of ICI, noted "the startingpoint for most organizations still seems to be this idea that content sourcesneed to be managed in order to reduce a lot of the perceived cost andrisk." He explained that information governance doesn't even necessarilyinvolve technology.
"You could have policy about your instant messages that doesn't involvetechnology," he said. "It's simply an internal policy about how longyou keep your instant messages and how they're considered from a policyperspective in terms of them being considered conversational or transitory innature."
Blair's case studies provided cameos of the various challenges andopportunities facing information governance professionals in several types ofcompanies. For example, the first involved an IG leader for a large technologyservice company that is just starting to take information governance seriously.The motivation to adopt formal IG policies stemmed from the move to the cloudwith Office 365.
"There's money and political capital to clean information up, getinformation organized and so on" and that, Blair said, is prompting thecompany to review the way it handles information. Specifically he said there's agrowing awareness that it's "frankly stupid to move the pile of stufffrom one environment to another."
As a result, a lot of ROI models have embrace the notion of adopting IGguidelines that help to determine what information needs to be moved and whatdoesn't.
"I do think, however, that most management structures at mostorganizations are not up to the task of actually ensuring that governanceconsiderations are baked into the IT process," he said. "And I thinkthat's a problem."
Need to Know
A second case involved an IG manager in a large biotech company that isspending heavily in information governance because its intellectual property isits key asset. The manager was initially assigned to retain that property. Inthe process of implementing data-loss processes, however, it became apparentthat the same technologies can help in other areas.
"It's not only retention, it's security, it's privacy, it's what is thisfrom a business perspective and who needs to have it, and how do we marshal thatto actually generate value and make new discoveries," said Blair.
Because the act of classifying the data requires expertise of the subjects,it also makes it easier to limit access to the information to those who need toknow it.
Ludlow noted a benefit of that approach is that "it really removes theend-user from the equation, which is really important most of the time when youconsider the amount of information we're talking about capturing."
A third example involved an information manager at a major insurance companythat was striving for simplicity in the way it manages its information. For aninsurance company, that information is vital to defend itself from future claimsthat it made mistakes. Blair likened that to a sort of insurance for itsbusiness.
"The challenge here is that a lot of this is not simple," saidBlair. The company operates in many countries, with different regulatoryagencies demanding different types of information or imposing differentrestrictions on the data. The call for simplicity stems from the notion thatcomplicated approaches reduce productivity.
Ludlow noted that many companies believe its easier to keep all theinformation forever, but that isn't really the case when one considers thelegacy systems, added costs of storage and other factors.
"Everybody understands and agrees that there are definitely risks andcosts associated with storage, e-discovery and investigations, digital privacyrights associated with European companies and offshoots," he said."There's the idea that we need to be able to understand the information wehave and understand personally identifiable information in our content. There'scertainly lots and lots of risks and costs."
But he said that information governance also has to be about creating valuefor the company. "I'm beginning to see that information governance needs tobe about more than risks and costs," he said.
Blair agreed, saying most IG programs are founded on the idea of managingrisk, but "ultimately the opportunity and long-term value proposition ofinformation governance is to build from that foundation and find a way todeliver value," he said.
For example, he said, large construction companies often find themselves thetargets of lawsuits from building owners who allege they made major errors inputting up a building.
The construction company may be right, but in the yearsit takes the case to work its way through the courts, the owner earns income onthe tens of millions of dollars in withheld payments.
An effective IG processcan help the construction company prove its innocence quickly, clearing the wayfor payment.
Another of the benchmarking interviews centered on an information manager ata major manufacturer who had a hard time generating any support for an IGprogram from the C-suite. Blair said that's a common issue.
"There's no senior executive waving the flag for them. There's nosponsor for the IG program," he said. "There's a perception that theactivities are really focused on the risk and cost side, and it's not somethingbig business leaders want to spend a lot of time on unless they'reregulated."
The manager focused on smaller projects that demonstrated the valuepropositions of a strong IG program. That helped convince the company's chiefsthat IG is more than a risk-and-cost consideration.
Ludlow agreed it's very important to have executive backing. He said thereremains a desire to show how IG adds value, but the perception is still thatit's only impacting risks and costs.