Despite years of effort and substantial investments in technology and training, most companies still have relatively immature practices for governing the structured data stored in corporate databases and data warehouses, according to industry analysts. But when you consider the burgeoning data stores of unstructured content throughout the typical enterprise – containing everything from emails to documents to files stored in SharePoint collaborative workspaces – the discipline of information governance isn’t just immature. It can be downright chaotic.
“When it comes to broader information, particularly unstructured data – in the real world, we’re talking about mountains of stuff in shared drives, on hard disks, on floppy disks, even in paper [files]. It’s just a complete mess,” said Alan Pelz-Sharpe, a principal analyst at Real Story Group, an Olney, Md.-based consulting firm that focuses on content management technologies. “There’s a need to bring some sort of order to the chaos, but the kind of governance practices and structures that work for data warehouses simply don’t work outside of that paradigm.”
Pelz-Sharpe noted that while data governance programs focused on structured data often include automated controls driven by applications, there is no such correlation for information governance efforts, which typically depend on business users to ensure that unstructured data meets corporate guidelines for validity and accessibility by others.
Many companies embark on information governance initiatives to mitigate regulatory compliance risks. Another key driver that gets less attention is information governance as a means of leveraging unstructured data as a core business asset. To successfully achieve the latter goal, however, organizations need a clear picture of the business outcome they’re trying to achieve, Pelz-Sharpe and other consultants said. That definition, they added, should be the starting point for building a successful information governance strategy and program.
“There is no automatic declaration you can make that managing information better is good for the enterprise,” said Anne Lapkin, vice president of research for information management at Gartner Inc. “If you don’t have a clear vision, you don’t know what you’re going to do, you don’t know what information to concentrate on, you don’t know what you’re looking for in information. You actually don’t know anything.”
And that’s only the beginning. Once the vision and business case for information governance are defined and understood, the heavy lifting starts. Consultants suggested following these basic information governance best practices to ensure that a governance program not only gets off the ground but has staying power:
Set clear governance roles and responsibilities. As part of the foundational steps of formalizing an information governance program, document how different people within an organization will interact with content and set their governance responsibilities accordingly. For example, Forrester Research Inc. analyst Alan Weintraub said that business managers might be designated as “content owners” – the onus is on them to guarantee the integrity and business value of unstructured information. Meanwhile, other employees would be responsible for creating, reviewing or approving documents and other specific pieces of content. All of those responsibilities need to be clearly spelled out and communicated to business users, Weintraub said.
Create policies and procedures to support the program. Along with establishing well-defined roles, organizations need to put specific guidelines in place that help users do their part in maintaining proper information governance practices. Procedures covering how to approve content, change content taxonomies and add new content types are just a hint of what should be covered during this stage of a governance program. Creating a records retention schedule and some sort of hierarchical classification that helps categorize and prioritize unstructured information, including how long it should be kept in systems, is another key step. “It’s assumed that just by having policies, an organization knows what makes something an important information asset,” said Barry Murphy, an information governance consultant and co-founder of the online publication eDiscovery Journal. But typically, that isn’t the case, he added.
Appoint the proper leadership. A successful information governance program needs a proper leader – and we’re not talking about a mere figurehead, but an executive at a high-enough level who has real authority to make decisions, not just facilitate discussions. Some consultants think the ideal candidate is the chief information officer or another C-level executive. But in any case, most said that information governance isn’t a grass-roots endeavor – it needs to be a top-down directive with hands-on executive support. An information governance council with representatives from across an organization can also help in setting and enforcing governance policies, they noted.
Establish clear metrics and communicate the value of good governance. This goes back to the old saying that you can’t manage unless you measure. The same holds true with information governance management, according to Gartner analyst Ted Friedman. “Organizations have to develop data quality metrics and scorecards, and they have to have a repeatable approach for measuring the degree to which data conforms to their policies,” he explained. “And they need to make the results visible to people so they can take action.” For example, if individual users aren’t complying with information governance rules, that should be detected and communicated to them so they can be sure that they do follow proper protocols.
Make information governance a continuous process. Like so many IT initiatives, particularly those involving data management, information governance is not a one-time deal. Companies have to put a framework in place to ensure that their programs are continually monitored and that approved information governance best practices are updated as needed. “It has to be continuous, and you have to train users on it,” Murphy said. “You don’t put something out on your intranet and say, ‘Here are the policies around information governance.’ ”
ABOUT THE AUTHOR
Beth Stackpole is a freelance writer who has been covering the intersection of technology and business for 25-plus years for a variety of trade and business publications and websites.