Gimmal Blog

Read the latest thought leadership and industry news from the experts at Gimmal!

All Posts

X Percent for Information Governance

This is a guest post from Peter Sloan, founding member of boutique law firm Information Governance Group, LLC. They help companies across the United States create, validate, and update records retention schedules; establish data security policies and breach response readiness; respond to data breaches; and implement legal hold processes. The orginal post can be found here.

It happens every day.  A company spends a huge amount of money on a new technology system, without fully addressing the information implications.  

Maybe the decision (to move on-premise operations to a cloud SaaS or PaaS, or to retire and replace an enterprise database, or buy a comprehensive new tool suite) was reactive, driven by an impending crisis.  Maybe the decision-making was siloed, with IT not clearly hearing what the rest of the business truly needs (or more likely, the rest of the business not speaking up).  Or maybe IT just responded literally to a business directive of the moment (let’s get into IoT, or Big Data, or Blockchain!).  Regardless, the green light is lit, the dollars are spent … and problems ensue, painfully multiplying the procurement’s all-in cost.

What was missing? Strategic consideration of repercussions for information compliance, risk, and value for the organization as a whole, including privacy, data security, retention/destruction, litigation discovery, intellectual property, and so forth.  In other words, Information Governance.  And when was it missing?  Before the decision was made and the dollars were spent.

So, what if something could be hard-wired into the procurement process, a trigger that timely prompted decision-makers to call time-out; get focused input from all stakeholders; assess the repercussions for information compliance, risk, and value; and align the procurement requirements and purchase decisions with organizational strategy for governing information?

One Percent for Art

Over half of the states and hundreds of cities and local governmental bodies require that a percentage of expenditures for public improvement projects, usually one percent, be used to install public art.  These “Percent for Art” laws and ordinances have been in place for decades, and they provide reliable funding for public art programs across the country.  The results can sometimes be controversial (arguably the point of art, right?), but the value of public art is well-documented, including demonstrable economic, educational, workforce, health, and civic benefits.  So valuable, in fact, that iconic public art is often commissioned privately, such as Deborah Kass’s OY/YO in Brooklyn, or Anish Kapoor’s Cloud Gate in Chicago’s Millennium Park (pictured above).

Percent for Art requirements are there for a very pragmatic reason – without them, it’s too easy to merely get the job done, the public facility built or renovated, without the art.  It’s simply the nature of things – we get tunnel vision, doing only what’s necessary to get from point A to point B, without pausing to factor in the repercussions.  Percent for Art is the trigger that ensures the big picture will be considered for the project, and the broader public benefits of public art will be secured.

X Percent for Information Governance

So … what if any company decision to procure IT systems, apps, or tools were to hit a similar trigger, a procurement requirement adopted by the company that a percentage of the total IT project be devoted specifically to ensuring Information Governance?  What if the project’s green light would not be lit until an IG assessment was done, surfacing the inevitable repercussions for information value, compliance, cost, and risk, and with dedicated budget/resources allocated from the overall procurement to seriously and strategically address such issues?

Sure, the X percent could be hard dollars for Information Governance consulting services by outside providers.  But all or some could just as easily be allocated to the internal functions responsible for guiding Information Governance within the organization, such as through time/resource allocation rather than hard spend.

And what percentage would X be – ten percent, or five percent, or one percent?  Of course the need will vary depending upon the scope and purpose of the IT procurement.  But complication is not our friend – there’s a virtue in simplicity, and in ensuring that something reliably and timely prompts this strategically necessary effort when IT system decisions are made.  Every.  Single. Time.

And I do know one thing for sure.  Any of these percentages would be more – and would better serve the organization’s vital, strategic interests – than zero percent.

Posted by Peter Sloan

Related Posts

Why Should Records Management be Important to You

Why should an organization care about records management? When users throughout all departments are creating new records without a thought to how they are cataloged or tagged, the sprawl of records can become a real threat. Unstructured data can lead to compliance issues for highly regulated industries. When proper records management isn’t a top priority, content that should have been disposed of for security purposes is left vulnerable for anyone to find and distribute.  

Creating Compliance in Chaos: A Consultant's Story

Records and Information Management (RIM) is constantly changing and evolving as record managers begin to realize the benefits of automation in their daily operations. In my 6 years of consulting, I have seen everything from heavily manual business processes to automated document management solutions.  Even as time goes by, information professionals continue to face the long-standing hardship of trying to get end users to comply with either internal or external regulations when it comes to records management.  Lately, there has been an apparent shift from ridged business centric solutions to end user centric solutions. 

Gimmal at ARMA International InfoCon 2019

Once a year, members in the records management community come together for ARMA’s annual conference to discuss the latest advancements and best practices for modern information managers.  ARMA, the global authority of information management and governance, hosted this year’s conference, ARMA InfoCon, in Nashville, TN. While attendees were not in the typical “record” industry that Nashville is known for, the location called for a great mix of music and information management knowledge.