It’s easy to lose sight of why businesses need information governance frameworks, says Mervyn Mooi, director at Knowledge Integration Dynamics (KID).
The discussion can quickly become embroiled in details about technology, repositories, silos, quality, master data and other facets but lose perspective on the perceived and tangible business benefits and impetus of compliance.
Data and information generated and used for operational purposes alone is short-sighted. No business seeks to only collect and store data and information. There must be a purpose to its existence, one that aligns with the organisation’s goals, objectives and vision.
In the context of information governance the goal is to ensure that regulations and rules governing collecting, storing, using and destroying of data are adhered to.
This cannot be accomplished without maintaining control over the environment, knowing who accesses what data and information, how they access it, whether or not it is secure, which standards are applicable, where the data and information are to be found and in what form.
While governance or control processes can be wrapped around almost any data and information resource to make sure that they are properly tracked, managed and reported on, it requires an investment to implement. Investing in an inefficient environment where there is no framework or business intent or directive increases costs and erodes benefit much to everyone’s detriment.
The information governance framework consequently incorporates policies, principles, standards and guidelines for information lifecycle management (ILM), data management lifecycle (DMLC), enterprise information management (EIM) and information and data management, the latter which includes enterprise information architecture (EIA), master data management (MDM), data quality management (DQM), records and content management, metadata management, information security and privacy management, data warehousing and business intelligence (BI) and information and data integration. It also includes storage and process optimisation and e-discovery.
Why include all of these disciplines? Information governance touches on all aspects of technology and processes in the EIM framework that create, store, process, consume, migrate, dispose and recover data and information.
Information governance helps organisations achieve the following business objectives:
* Provision of control and accountability in the organisation’s processes, practices, and operations;
* Improvement of information across business units to reduce risk and highlight cross-selling opportunities;
* Improvement of operational efficiency in compliance and IT;
* Reduction of the size and cost of IT infrastructure; and
* Rationalisation of resources with regard to data and information integration across functional units.
It focuses on economy of resources for creating an efficient environment in which work can be carried out, streamlining the organisation’s processes and ensuring flexibility, responsiveness and adaptability.
More immediate concerns for organisations, though, are compliance requirements. Organisations need to improve their understanding and implementation of compliance obligations as they relates to and impact company data and information. They need the flexibility to adapt faster, more effectively and at lower cost to new or changed regulations.
They need to automate and improve accuracy of data and information classification. They must enhance the ability to view enterprise-wide risk and reduce the risks of non-compliance.
While IT efficiency is not always a primary business benefit – not always but often – operational efficiency certainly is, because it results in so many wins for the business.
IT and operational wins include:
* Significant reduction in cost of information classification and records management;
* Important process savings in data management, archiving, backup and recovery;
* Smaller, lower-cost infrastructure as a result of smaller data volumes to archive, back up and recover;
* Balancing of cost of data storage and management against the changing value of the data (from both business and regulatory aspects);
* Automation to help reduce staffing requirements and free up precious skilled technical personnel; and
* Improved information classification to help ensure higher quality data for improved decision-support.
Most businesses have some degree of in-house expertise, which is crucial to taking ownership of the information governance programme, yet most will need assistance in some or all areas of such a programmes. The information governance framework is arguably the most essential aspect of the entire programme.
Don’t be fooled by snake oil salespeople – this is an extremely complex undertaking for the majority of businesses due to the complexity but also the scale of their systems. Most South African businesses deal with the challenge of simply maintaining their operational systems and don’t have the expertise or skills fat to assume the burden of this responsibility. Off-shoring this type of operation has also not proved to be the most successful course of action for many organisations because South Africa, while it subscribes to international standards and best practice, fosters an abundance of local conditions and regulations unique to our geography. The skills to successfully deliver this type of programme do reside in the country, albeit in slight numbers.