What Does Your Information Governance Program Look Like?

June 17, 2013

data governanceInformation Governance, otherwise known as the collection of policies, structures and practices used to ensure the confidentiality, security and ethical use of information, is an on-going initiative for most organizations.

data governanceInformation Governance, otherwise known as the collection of policies, structures and practices used to ensure the confidentiality, security and ethical use of information, is an on-going initiative for most organizations. However, like other information management disciplines, companies struggle to meet these challenges for one fundamental reason: they fail to focus on the enterprise-wide nature of data management problems. They incorrectly see information as a technology or IT issue, rather than as a fundamental and core business activity.

At MIKE2.0, we believe Information Governance should be implemented across the entire organization- its people, processes and technology. Listed below are the most important factors to a successful Information Governance (IG) program:

  • Accountability. Because of the ways in which information is captured–and how it flows across the enterprise, everyone has a role to play in how it is governed. Many of the most important roles are played by individuals fairly junior in the organization. They typically play a key role data capture stage and often cause–or see-errors on a first-hand basis. Certain individuals need to be dedicated to IG. These roles are filled by senior executives such as the CIO, Information Architects, and Data and Content Stewards.
  • Efficient Operating Models. The IG approach should define an organizational structure that most effectively handles the complexities of both integration and IM across the whole of the organization. Of course, there will typically be some degree of centralization as information flows across the business. However, this organizational model need not be a single, hierarchical team. The common standards, methods, architecture, and collaborative techniques so central to IG allow this model to be implemented in a wide variety of models: physically central, virtual, or offshore. Organizations should provide assessment tools and techniques to progressively refine these new models over time.
  • A Common Methodology. An IG program should include a common set of activities, tasks, and deliverables. Doing so builds specific IM-based competencies. This enables greater reuse of artifacts and resources, not to mention higher productivity out of individuals. It also manifests the commonalities of different IM initiatives across the organization.
  • Standard Models. A common definition of terms, domain values, and their relationships is one of the fundamental building blocks of IG. This should go beyond a traditional data dictionary. It should include a lexicon of unstructured content. Defining common messaging interfaces allows for easy inclusion of “data in motion.” Business and technical definitions should be represented and, just as important, the lineage between them easy to navigate.
  • Architecture. An IM architecture should be defined for the current-state, transition points, and target vision. The inherent complexity of this initiative will require the representation of this architecture through multiple views. This is done in Krutchen’s Model. Use of architectural design patterns and common component models are key aspects of good governance. This architecture must accommodate dynamic and heterogeneous technology environments that, invariably, will quickly adapt to new requirements.
  • Comprehensive Scope. An IG approach should be comprehensive in its scope, covering structured data and unstructured content. It should also include  the entire lifecycle of information. This begins with its initial creation, including  integration across systems, archiving, and eventual destruction. This comprehensive scope can only achieved with an architecture-driven approach and well-defined roles and responsibilities.
  • Information Value Assessment (IVA). Organizations (should) place a very high value on their information assets. As such, they will view their organization as significantly de-valued when these assets are unknown–or poorly defined . An IVA assigns an economic value to the information assets held by an organization. The IVA also how IG influences this value. It must also measure whether the return outweighs the cost, as well as the time required to attain this return. In this vein, current methods are particularly immature, although some rudimentary models do exist. In this case, industry models must greatly improve, much like what has occurred in the past ten years in the infrastructure space.
  • Senior Leadership. Senior leaders to manage their information, and deal with related issues. CIOs, for example, must face a host of business users who increasingly demand relevant, contextual information. At this same time, leadership teams often blame failures on “bad data.” In the post Sarbanes-Oxley environment, CFOs are asked to sign off on financial statements. To this end, the quality of data and the systems that produce that data are being scrutinized now more than ever before. CMOs are being asked to grow revenues with less human resources. New regulations around the management of information have prevented many organizations from being effective. Senior leaders must work towards a common goal of improving information while concurrently appreciating that IM is still immature as a discipline. The bottom line is that there will be some major challenges ahead.
  • Historical Quantification. In the majority of cases, the most difficult aspect of IM can be stated very simply: most organizations are trying to fix decades of “bad behavior.” The current-state is often unknown, even at an architectural or model level. The larger the organization, the more complex this problem typically becomes. Historical quantification through common architectural models and quantitative assessments of data and content are key aspects of establishing a known baseline. Only then can organizations move forward. For such a significant task, this assessment must be conducted progressively–not all at once.
  • Strategic Approach. An IG program will need to address complex issues across the organization. Improvements will typically be measured over months and years, not days. As a result, a strategic approach is required. A comprehensive program can be implemented over long periods of time through multiple release cycles. The strategic approach will allow for flexibility to change. However, the level of detail will still be meaningful enough to effectively deal with complex issues.
  • Continuous Improvement. It is not always cost-effective to fix all issues in a certain area. Sometimes, it is best instead follow the “80/20 rule. An IG program should explicitly plan to revisit past activities. It should build on a working baseline through audits, monitoring, technology re-factoring, and personnel training. Organizations should look for opportunities to “release early, release often.” At the same time, though, they should remember what this means from planning and budgeting perspectives.
  • Flexibility for Change. While an IG program involves putting standards in place, it must utilize its inherent pragmatism and flexibility for change. A strong governance process does not mean that exceptions can’t be granted. Rather, key individuals and groups need to know exceptions are occurring–and why. The Continuous Improvement approach grants initial workarounds. These then have to be re-factored at a later point in order to balance short-term business priorities.
  • Governance Tools. Measuring the effectiveness of an IG program requires tools to capture assets and performance. Just as application development and service delivery tools exist, organizations need a way to measure information assets, actions, and their behaviors.

(information governance / shutterstock)