What is Information Governance and How is it Implemented? 

By Nick Inglis

In my book Advancing from eDiscovery to preDiscovery, I provide a deep dive into the current state, process evaluation, and future state of Information Governance and eDiscovery, as well as how these two disciplines can be aligned. 

In this first in a three-part blog series about the book, I will summarize the first section, focusing specifically on what Information Governance is and different ways of implementing it across an enterprise.

To start off at a high level, Information Governance is the umbrella discipline that situates itself above all other information-related disciplines and aligns their efforts. But in this situating above other fields, some organizations have struggled at their Information Governance programs as it was challenging to situate a new domain with less maturity above multiple disciplines with solid maturity.

Hence the need for a more detailed description of the discipline and why it’s needed.

How is Information Governance defined across industries

In 2010, Gartner analyst, Debra Logan, defined the term Information Governance. Since then, the term “Information Governance” and the newly formed underlying discipline have expanded rapidly.

From Gartner, “Information governance is the specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. It includes the processes, roles, standards, and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.”

While I appreciate Logan’s definition, I prefer the definition that I created, which now serves as the definition at ARMA International, “Information governance is the overarching and coordinating strategy for all organizational information. It establishes the authorities, supports, processes, capabilities, structures, and infrastructure to enable information to be a useful asset and reduced liability to an organization, based on that organization’s specific business requirements and risk tolerance.”

Where Information Governance can be implemented

While these industry definitions may help slightly with implementation across an organization, it’s how various Information Governance models can be used that really showcases what it is and what it can do.

It’s really an umbrella discipline that draws together the guidance of various information-related sub-disciplines that had previously been highly siloed and harmonizes them. Information Governance provides a single organizational approach across ALL corporate information (including data).

In Information Governance, you draw together the various information policies and practices that exist across your organization – harmonize the guidance while ensuring all policy is in alignment with organizational goals – and then drive information efficiencies forward (in conjunction with and in support of the various information sub-disciplines).

Guidance flows from Information Governance to the various strategic sub-disciplines (Content Strategy, Data Governance, Document Strategy, Knowledge Strategy, and Records Governance [or any combination within your organization]). The guidance then flows in one of two ways for the tactical disciplines (Content Management, Data Management, Document Management, Knowledge Management, and Records Management [or any combination that exists within your organization]

In addition to the disciplines that are frequently within the reporting structures, some disciplines can find support from Information Governance that don’t usually have a direct reporting structure to Information Governance. Those disciplines are:

  • Audit / Compliance  
  • Information Technology (IT)  
  • Legal & eDiscovery  
  • Privacy 
  • Security 

Different models for Information Governance

As you can see from this high-level breakdown of how Information Governance should be structured can help, the discipline should not be just a centralized point for supporting one-time projects (e.g., a privacy audit in support of the Privacy team).

Many models exist for Information Governance exist, but l look at three models in my book:

The EDRM’s Information Governance Reference Model (IGRM)

ARMA International’s Information Governance Implementation Model (ARMA IGIM) Model for Information Governance (MIG)

While you can explore these sites at length or read the booth to see my commentary on each, the below chart depicts some of differences in the underlying focus viewpoints for each.

Beginning an implementation of Information Governance

The first step in Information Governance is to align your program to your organization strategically. When you’re aligning your IG program, you look above and below the IG program for existing guidance regarding information. That guidance from above includes your organization’s Corporate Governance.

Next, Information Governance professionals often run a series of one-time projects, usually targeted at specific organizational challenges, sometimes in support of a sub-discipline’s challenge. There are myriad types of projects and automation that your organization can undertake – the Information Governance team should be driving the prioritization of projects across sub-disciplines to avoid anyone discipline driving their projects forward at the expense of other fields (where the prevailing prioritization should be that of the organization’s priorities).

Lastly, as programs mature, you start to see more activity in the third area, where you’re applying a layer of automation to your IG program. There are many areas where automation can be applied (and from an IPRO perspective, we’re adding new automation capabilities regularly and constantly having discussions with companies about their application of automation and future desires for automation).

What’s next for Information Governance

In the longer term, Information Governance is likely to continue its expansion and importance in organizations of all types. A longer-term vision, though, can get cloudy, especially in a discipline that has been rapidly expanding, has many layers of stakeholders with competing interests, and is likely to benefit from future legislation whose drafts haven’t yet seen the light of day.

The area of greatest collaborative growth right now is with eDiscovery. eDiscovery professionals are looking upstream towards the processes and disciplines that touch on information improvement to drive better downstream results in eDiscovery. As they look upstream they are finding a new burgeoning profession of Information Governance.

Stay tuned for part 2 of this series where I will summarize the third section of my book, focusing specifically on the current state, future state, and process models of eDiscovery.