Jonathan would like to thank Craig Bliss and Marc Sterman, senior principals at Knightsbridge Solutions, and Dr. Ken Krigelman for their contributions to this month's column.Managing information as an asset is essential to guiding the organization and positioning it for success. As an organization's business processes and information systems evolve and expand, effectively managing information as an organizational asset is challenging, if not impossible, without a structure for governing information. Also, legislation such as the Health Insurance Portability and Accountability Act (HIPAA), which requires the safeguarding and protection of patient information, or the Sarbanes-Oxley Act, which requires the disclosure of financial and accounting information, can be a compliance nightmare for those organizations that do not manage their information. As we know, information can be easily created, captured, accessed or disseminated with the technologies that are available. However, technology alone does not ensure that information is safeguarded and used efficiently or effectively; processes and people are also needed.
Information governance is a business function with a set of policies, procedures, processes and administration of the data and information within an organization. Well-governed information assets ensure the organization's data is available, accurate, auditable, explainable and safeguarded. The challenge common to most organizations is having the discipline to enact an information governance program when they don't understand it or they don't know how to begin.
Figure 1: Effective Structure for Governing Information
Creating a structure for governing information starts with executive-level sponsorship and support. A top-down approach is recommended because executive-level involvement is needed to ensure appropriate support and guidance for the program. An information governance program with anything less than this level of support should not be undertaken because the chance of success or of creating any lasting value for the organization is highly unlikely. One example of an effective structure for governing information consists of three levels: a governance committee, a governance office and tactical teams.
The highest level within this structure is the governance committee, which is comprised of executives, ideally C-level, representing business and technology leadership. The governance committee is responsible for establishing the charter, goals and objectives for the organization's information governance program. Because individual members of this committee are extremely busy with many responsibilities, their primary focus is creating policy and setting the program direction. In addition, they are tasked with defining priorities, evaluating progress of the program, rendering decisions about information issues, authorizing projects, and understanding costs and benefits. Members of this governance committee must be willing to establish policies for the common good of the organization and to be champions of organizational change.
The enactment of policies and the program is delegated to the next level within the information governance structure: the governance office. This group reports directly to the governance committee and is comprised of the program management office and individuals at the director or manager level who represent business and technology leadership. These individuals comprise the operations group responsible for administering the information governance program and for aligning policies with tactical initiatives. They are also responsible for setting standards and defining processes and procedures for information governance. Members of this office should be extremely knowledgeable about the business and applicable legislation, and should be well respected by their colleagues.
At the next level, the tactical teams are charged with implementing the standards, processes and procedures as defined by the governance office. These teams are made up of individuals who represent business, technology and internal auditing. The number of tactical teams is dependent upon the number of initiatives approved by the governance office. They are responsible for carrying out the tactical initiatives of the governance office and for measuring and reporting on their progress. Initiatives that tactical teams undertake include customer data integration, master data management, data quality, data protection or data certification. Members of these teams work with other project teams, such as the business intelligence development team, to address security or sourcing of data.
The benefits of information governance and the consequences for not appropriately administering information cannot be ignored. Information governance enables:
- Increased information efficiencies by enforcing consistent data definitions and standards that are applied throughout business processes, information systems and information usage;
- Increased organizational efficiency by eliminating or minimizing redundant efforts and manual processes to locate, define, cleanse, prepare and transform data into information;
- Compliance with applicable legislation that encompasses the administration of information;
- Organizational transformation by enlightening individuals about the activities, events and assets of the organization;
- Alignment of strategic goals and objectives with tactical initiatives by monitoring activities and performance; and
- Accelerated achievement of organizational vision by elevating the effectiveness of programs and tactical initiatives in a timely manner.
A structure for governing information addresses the people and process elements that are critical to ensuring that information is safeguarded and used efficiently and effectively. Creating a structure is a good starting point for organizations that have not yet established the policies, procedures, processes and administration. And more importantly, a structure is essential to starting and governing one of your organization's most valuable assets.
Jonathan Wu is a senior principal with Knightsbridge Solutions. He may be reached at email@example.com.
This article originally appeared in DM Review.
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access