Gimmal Blog

Read the latest thought leadership and industry news from the experts at Gimmal!

All Posts

Your Information Governance Program Needs to Include IT

Based on a recent study, the majority of IT executives said their organization is either in the process of implementing an information governance program or planning on doing so. This study broke down the organizations into either "high performing" or "low performing" based on their results.

Not surprisingly, those that scored as "high performing" had information governance programs that included more of their departments in the process, including IT.  By nature of this inclusion, they also included more of the organization's data including email and file shares.Additionally, it looked at what tools were being used. File and email archiving were the most popular with 87% and 86% of organizations using them respectively. The study also asked about which information governance tactics were in place. The most popular was to "issue formal data use policies to the organization". This was closely followed by "requiring employees to identify data that is confidential". Another very important element of any information governance program is employee training. The good news is that 84% of companies reported as having something in place to train their users on storage and archiving.

Those organizations involved in implementing an information governance program were asked what tactics they were evaluating and testing. "Leveraging policies to delete data" was the most popular, followed by implementing a "compliance platform to assist them in responding to regulatory requests" and an "information lifecycle management tool for unstructured data". Finally, an eDiscovery tool is something these organizations were interested in evaluating as well.

As mentioned earlier, based on this data and the grades the organizations gave themselves, they were separated into either "high" or "low" performing. The high performing organizations were 50% more effective against their information governance program goals. The specific area where the high performing group had the largest gap was "deleting data with no value". We have talked about ROT data in the past, and it's clear here it is a major factor. In fact, the high performers were nearly three times more likely to actively measure ROT data.

The report also identified the top five tools and tactics related to an organization's information governance program effectiveness.

Top 5 IG Tools:

  • Tools to discover violations of data use policies
  • File classification and analysis solutions
  • File archiving
  • Information governance platform
  • Email deduplication to reduce the volume of archived data

Top 5 IG Tactics:

  • Assign a risk score to each piece of information stored
  • Conduct file-type assessments to prevent build-up of non-mission critical files
  • Identify and remediate orphan information (e.g., data owner has left company)
  • Training employees on policies and procedures for storage and data archiving
  • Measuring cost per byte for data archived and/or stored

Finally, three recommendations for an effective information governance program were offered:

  1. Conduct a policy deployment audit: Determine if your policies are being enforced.
  2. Empower decision-making: Establish a data valuation framework that empowers decision-making. High performers control data growth by understanding the value of their data.
  3. Mitigate risk: Engage your cross-functional stakeholders in a risk prioritization exercise. This will ensure the alignment of all priorities and the ability to execute against them.

I would wholeheartedly agree with these recommendations, specifically around engaging cross-functional stakeholders. As mentioned, involving all departments including IT is a critical step in a truly effective information governance program. To take a look at the current state of your organization's information governance, click below to download our IG Assessment Guide.

Posted by Andrew Borgschulte

Related Posts

Why Should Records Management be Important to You

Why should an organization care about records management? When users throughout all departments are creating new records without a thought to how they are cataloged or tagged, the sprawl of records can become a real threat. Unstructured data can lead to compliance issues for highly regulated industries. When proper records management isn’t a top priority, content that should have been disposed of for security purposes is left vulnerable for anyone to find and distribute.  

Creating Compliance in Chaos: A Consultant's Story

Records and Information Management (RIM) is constantly changing and evolving as record managers begin to realize the benefits of automation in their daily operations. In my 6 years of consulting, I have seen everything from heavily manual business processes to automated document management solutions.  Even as time goes by, information professionals continue to face the long-standing hardship of trying to get end users to comply with either internal or external regulations when it comes to records management.  Lately, there has been an apparent shift from ridged business centric solutions to end user centric solutions. 

Gimmal at ARMA International InfoCon 2019

Once a year, members in the records management community come together for ARMA’s annual conference to discuss the latest advancements and best practices for modern information managers.  ARMA, the global authority of information management and governance, hosted this year’s conference, ARMA InfoCon, in Nashville, TN. While attendees were not in the typical “record” industry that Nashville is known for, the location called for a great mix of music and information management knowledge.