I often hear clients make statements much like this one: “We already manage the documents in our environment, so we don’t need to worry about information governance (IG), right?” It’s easy to either confuse these two types of programs or, in some cases, believe they are synonymous. For those new to the topics of governance, risk and compliance, it’s hard to keep new terminology straight. Many clients believe that a sound records management program implies information governance, but let me assure you that this is not the case.
If you take one thing away from this article, it should be this:
- Information governance programs are high–level, strategic initiatives which designate accountability for the management of electronic information throughout all areas of the organization.
- Records management programs are much more operational in scope, and are often a mechanism for achieving some of the goals defined during the IG planning.
With these basic definitions in mind, it is a bit clearer to see that information governance is a much broader initiative which typically includes records management practices. IG programs are the driving force behind identifying both what electronic content is going to be managed throughout the organization and how that management will take place. As such, they are a critical first step in ensuring an organization’s business goals match up to their compliance requirements. This assessment moves beyond managing records in scope to include areas such as: regulatory requirements, risk assessments, eDiscovery planning and key performance analytics. While IG programs at this level tend to be significant projects to undertake, they can yield substantial benefits including;
- Improved record-keeping to comply with regulatory audits
- Effective knowledge-sharing across the organization
- Increased shareholder value
- Better control of social media, for positive benefit
- More personalized and accurate service to customers
Clearly, these are all strategic goals that your organization is striving to accomplish. As part of the tactical implementation of these goals, records management often plays a role that may involve:
- Identifying how electronic information will need captured
- Building, approving and enforcing records retention policies
- Determining the plan of where records will be stored (both for the short- and long-term)
- Classifying and storing records
- Designating access control of the records (both internally and outside of the organization) to ensure business confidentiality, data privacy and public access
- Applying a defensible deletion process for records that are no longer needed (as defined by your IG policies)
Information governance and records management projects are quite different, but they can work together to greatly improve the management of critical information assets within your organization. For additional information on information governance or Sherpa Software’s solutions that will help you achieve policy-driven information governance, visit this link.