The distinction between information governance (IG) and records and information management (RIM) represents a key element of corporate information management today and is one of the greatest challenges facing many companies. When a company wants to overhaul how it manages information, figuring out the balance between IG and RIM is often the first stumbling block. It starts with a profound misunderstanding of the place and purpose of IG and RIM and their relationship. It really boils down to a question of strategy vs. tactics.
First, to clarify, IG is not RIM. They are two separate tiers of scale. Nor is RIM the only thing that falls under IG. According to David Fleming in a 2013 talk for ARMA, IG is:
“A strategic framework composed of standards, processes, roles, and metrics that hold organizations and individuals accountable to create, organize, secure, maintain, use, and dispose of information in ways that align with and contribute to the organization’s goals.”
Compared to the ARMA definition of RIM:
“RIM is the systematic management of records and information through its various life cycles. It includes the analysis, design, implementation and management of manual and automated systems regardless of format or medium.”
As we can see, the difference in scale means that IG comprises the strategic element of planning, whereas RIM represents the tactical aspect of actually implementing a plan. IG refers to the company as a whole, to the mission of an organization, broad and encompassing language meant to present a unified front. RIM speaks to the practical element of the trench work and individual manual labor and automated systems that manage records and information.
A company may see IG and think of an overall strategy, adhering to laws on information handling and dedicating time and resources to ensure these goals are met, but this may be at the expense of efficient RIM. On the other hand, a company focusing solely on RIM and day-to-day tactics, the efforts taken to effectively manage data, software implementation and security, may fail to see the bigger picture. The key is to have both, something easier said than done.
Information Governance, by its very nature, requires the entire company to be behind it in order to be effective. IG is not a policy, a single rule or set of guidelines, but a comprehensive strategy built from the ground up to support the company’s mission, business and compliance goals. Implementing an IG strategy is a company-wide endeavor that affects the entire chain, from the IT department all the way up to the C-suite. An example of this can be seen here, in the Buckinghamshire IG proposal report. Note the number of committees and the subsequent chain of accountability.
Organizing a coherent, effective IG strategy suffers from all the pitfalls any company-wide change might encounter, perhaps even more so as all departments need to voice their concerns and suggestions. This means that apart from dealing with the bureaucracy of corporate politics, individual branches within a company need to be managed. Executives might not feel the return-on-investment for IG is worth it, or a single department might hold too much sway. A common example that we see is when IT and Legal departments are unable to understand the other’s needs. The key to establishing an effective IG strategy is through a collaborative approach. Communication is key to building support and social acceptance.
RIM, on the other hand, has undergone an evolution in recent years. In the same talk by Fleming, he notes that there has been a crisis in management where the actual function of RIM has been subsumed by buzzwords and that doomsayers have even announced the end of RIM. RIM is far from dead, however, and it is not being challenged by the growth of IG. It has evolved to reflect the modern needs of companies and has become an integral part of an overall IG program.
Records information management, unlike IG, can be decentralized. A single department’s RIM responsibilities might differ dramatically from those of another, and are then dependent on the company’s overarching IG framework. RIM is built on software implementation, securing records and implementation of policy and retention. This decentralized nature can make it easier for individual departments to assess a situation and develop a solution. Traditionally they don’t have to worry about the overarching strategic objectives, all they have to worry about is managing their responsibilities. Get the records, do what needs to be done, let the committees sort out the strategy.
This works until the realities of business start to be felt. The decentralized nature of RIM requires departments to compete with one another – for budget, for time, for any resources available – often at the expense of one another. When one department doesn’t get what it needs, the entire IG plan suffers. This is why understanding the distinction between RIM and IG is so important. They should support one another through a balanced approach.
Striking a proper balance between an effective IG framework and RIM tactics is not an easy task and there is no magic bullet to solve a company’s information challenges. Part of our mission at Sherpa Software is to help companies meet their IG and RIM goals, but we can only achieve that if a company fully understands their own needs. Combining traditional RIM tactics with an overall IG strategy is the future of how companies will manage their information. They will only be effective if they fist understand the real difference between RIM and IG, strike the right balance and have the best tools for the job.