Information governance (IG) is an issue not only for IT departments but also for those handling the overall company data, both from a security and management perspective. This ultimately means the CIO’s office.
CIOs often need to prioritize data security in many aspects of their day-to-day responsibilities, especially as data breaches become more sophisticated and as having that data on hand becomes more important. They must add proper data security and management procedures and resources into their budgets, because these affect a critical business asset. They also need to shape the policies associated with data management before a breach ever happens. That means being proactive in respect to breaches, compliance issues, and cognizance of sensitive/offensive content that arises in the course of business. Aside from traditional unstructured and structured sources, CIOs must consider modern web media, including social and collaborative systems; these are in use within your organization often as “shadow IT” or poorly regulated business systems (e.g. instant messenger services with no retention policies enforced or, equally as bad, auto-deletion being enabled).
Given these responsibilities, here’s what CIOs need to know about IG:
1. Poor data quality costs big money.
Gartner, Inc. estimates poor quality of data is costing an average organization $13.5 million per year. This is compounded by the worsening of ongoing data governance problems, which affects all companies. This is a deep concern for CEOs: About 84 percent of them are worried about the data quality they’re basing their decisions on, per the Forbes Insights and KPMG “2016 Global CEO Outlook.” CIOs should be just as concerned about these numbers, because their chief concern is protecting their organization’s data. If they don’t understand the scope of that data, they can’t make wise business decisions.
2. Poor IG could mean losing money.
If CIOs can’t review, analyze, and make decisions based on the company’s data, this could put the entire organization at risk. An eDiscovery request within the scope of litigation can surprise CIOs and their staff, leaving them scrambling to find the requested data. Not only that, but the data must be put in a format requested by opposing counsel, and if it hasn’t already been archived in the scope of preventative archiving, then it will potentially take more time and money to make that happen. Hanzo recommends that this data is collected from web, social, and collaborative sources proactively, as it may not be there when you go back three years later.
3. Valuing data is power.
Just like knowledge is power, valuing your data at a level where you understand its implications for company-wide decisions is critical. It can mean the difference between losing money from redoing an eDiscovery or compliance request to doing it right the first time, in the right format, and in the right time frame.
The benefits of proper IG programs are enormous. Companies that take the time to organize their structured and unstructured data can then apply the right policies, processes, strategies, and metrics to create a valuable, ordered “golden source of truth.” At this point, intelligent insights can be gleaned for the business, and previous tasks requiring huge amounts of manual work and time are often completed in short order. Changing the perspective of data from headache to critical business asset can also mean all the difference when getting the company to value its data.
How can you start putting an IG program in place?
The first step for CIOs is to voice the importance of creating IG that crosses all departments. All too often, departments are siloed off from each other, not communicating until there’s an emergency. Talking to each other about data is key, because different departments place different values on data. Get the key stakeholders in the same room, understand their needs, and explain how this benefits them.
This direct leadership of bringing together the IT department and other functions of a business (human resources, as an example) on crafting the right policies can put companies on the path to saving money and time on future compliance audits and eDiscovery requests. It will also increase business productivity, efficiency, and overall confidence in the business’s data.
If you’re a CIO who would like to learn more about managing your data in a responsible, responsive form, stay tuned to this blog or send us a message. We’d love to hear from you.