June 24, 2016

Your Information Governance Program Needs to Include IT

4 minute read

Based on a recent study, the majority of IT executives said their organization is either in the process of implementing an information governance program or planning on doing so. This study broke down the organizations into either "high performing" or "low performing" based on their results.

Not surprisingly, those that scored as "high performing" had information governance programs that included more of their departments in the process, including IT.  By nature of this inclusion, they also included more of the organization's data including email and file shares.Additionally, it looked at what tools were being used. File and email archiving were the most popular with 87% and 86% of organizations using them respectively. The study also asked about which information governance tactics were in place. The most popular was to "issue formal data use policies to the organization". This was closely followed by "requiring employees to identify data that is confidential". Another very important element of any information governance program is employee training. The good news is that 84% of companies reported as having something in place to train their users on storage and archiving.

Those organizations involved in implementing an information governance program were asked what tactics they were evaluating and testing. "Leveraging policies to delete data" was the most popular, followed by implementing a "compliance platform to assist them in responding to regulatory requests" and an "information lifecycle management tool for unstructured data". Finally, an eDiscovery tool is something these organizations were interested in evaluating as well.

As mentioned earlier, based on this data and the grades the organizations gave themselves, they were separated into either "high" or "low" performing. The high performing organizations were 50% more effective against their information governance program goals. The specific area where the high performing group had the largest gap was "deleting data with no value". We have talked about ROT data in the past, and it's clear here it is a major factor. In fact, the high performers were nearly three times more likely to actively measure ROT data.

The report also identified the top five tools and tactics related to an organization's information governance program effectiveness.

Top 5 IG Tools:

  • Tools to discover violations of data use policies
  • File classification and analysis solutions
  • File archiving
  • Information governance platform
  • Email deduplication to reduce the volume of archived data

Top 5 IG Tactics:

  • Assign a risk score to each piece of information stored
  • Conduct file-type assessments to prevent build-up of non-mission critical files
  • Identify and remediate orphan information (e.g., data owner has left company)
  • Training employees on policies and procedures for storage and data archiving
  • Measuring cost per byte for data archived and/or stored

Finally, three recommendations for an effective information governance program were offered:

  1. Conduct a policy deployment audit: Determine if your policies are being enforced.
  2. Empower decision-making: Establish a data valuation framework that empowers decision-making. High performers control data growth by understanding the value of their data.
  3. Mitigate risk: Engage your cross-functional stakeholders in a risk prioritization exercise. This will ensure the alignment of all priorities and the ability to execute against them.

I would wholeheartedly agree with these recommendations, specifically around engaging cross-functional stakeholders. As mentioned, involving all departments including IT is a critical step in a truly effective information governance program. To take a look at the current state of your organization's information governance, click below to download our IG Assessment Guide.

Receive News Updates As Soon As They Happen