The Difference Between Information Governance and Information Management

| February 21 2017

You may have heard the terms “information governance” and “information management” used interchangeably but they’re really two different ways of handling information within your organization. At the core, Information governance is proactive, while information management is considered reactive.


As you will be well aware, companies are awash with information; its everywhere and more and more is being kept indefinitely. This information is incredibly valuable, but must also be available to the right people at the right time. This is further complicated by the nature of much of the data: while some data sources are “structured”, or easily parsed by basic algorithms for storage and searchability e.g. Databases, but more and more information is “unstructured” e.g. sharepoint and the web, which makes it challenging to control. The largest volumes of unstructured data come from email and social media, indeed social media is currently expected to double in volume within the next 4 years. Other communication tools and management systems, such as Slack, are also unstructured data and, thus, more difficult to manage.  

What is Information Management?

Interested in Information Management? Learn about the SEC's expectations for web archiving and information management here

Information management is how the information is managed throughout its lifecycle (capture, manage, store, classify, distribute, preserve, and delete). This encompasses responding to information requests, managing archiving policies, and deleting older data as dictated by information-governance policies.

Important aspects of information management are automated data capture to meet compliance regulations and being prepared to respond to audits in a timely manner with all relevant data. Information management is the evaluation of what information is important and what is not important relative to the organization’s objectives.

Enjoying what you're reading?

Information management is the lifecycle of information—the acquisition of information from various sources, the custodianship of that information, the distribution of that information, and the disposition of the information through deletion or archiving as dictated by the organization’s information governance policies.

What is Information Governance?

Information governance is an organization’s technologies, policies, processes, and strategies employed to optimize information in order to meet its business needs, as well as legal and industry regulations, while minimizing risks. It is the controlling of information, including creation, valuation, use, storage, and deletion of data. Information governance empowers an organization to efficiently achieve its objectives.

An organization’s information governance is the backbone of its strategy for information management. It translates into effective cost savings because it minimizes risks by implementing structure and rules to accomplish the goals of the organization’s information management initiative. The base foundation for building a legally defensible information management program is information governance.

Implementing and maintaining the organization’s information governance policies and procedures can involve several groups or stakeholders, typically:

  • Legal and Litigation/Regulatory Response
  • Compliance
  • IT
  • Operations including HR and Finance
  • Records Management

Assembling a cross-functional group comprising members from each of these teams allows them to understand the value of the data from each team’s perspective and how it impacts the other teams, during the lifecycle of the information. This is essential in formulating the organization’s information-governance policies and protocols regarding retention of all relevant data without having to save everything. Today, new data types like Slack present a challenge to legal, compliance, information governance. 


The legal team focuses on information that is required and needs to be maintained for specific business purposes. It is also concerned with when data have reached the end of their useful retention and need to be deleted. This is beneficial in responding to discovery requests in an efficient and economical manner without the time-consuming gathering and analyzing of immaterial data.

The compliance team, or compliance officer, has the responsibility of ensuring that the organization adheres to regulatory requirements on a daily basis.

The IT team must implement and manage the processes and strategies required to manage the data.

The operations team is interested in ensuring that the data retained are useful and have business value, which this team utilizes to track trends and gain invaluable insights. Data that are irrelevant, obsolete, and redundant should be deleted so that the data can be gathered and analyzed efficiently without wasting valuable time and resources.

The Information Umbrella

Some organizations believe information governance is an arduous and unnecessary component of their business strategy. They have the misconception that their information management protocol is sufficient to address the controlling of information and its value as it relates to business policies and processes.


However, information governance provides structure to the strategy of information management. It is a more efficient and cost-effective approach to managing information while mitigating risks than having only information-management policies and practices in place. Ideally, information management should fall under the umbrella of information governance.


Often used interchangeably but actually frequently meaning different things. Practitioners will understand Information management is how the information is managed throughout its lifecycle (capture, manage, store, classify, distribute, preserve, and delete). Taking a corporation on an Information Governance journey will require leveraging technologies, policies, processes, and strategies employed to optimize information in order to meet business needs, legal, regulatory requirements, while continuing to minimizing risk.

Talk with us about your information governance and management requirements



Related posts

How I Learned to Stop Worrying and Love Slack: A Conversion Story

How I Learned to Stop...

When I first came across the collaboration platform Slack at my former company, I was, to put it mildly, not a fan. But ...

Read More >
Using Slack and Other Collaboration Platforms in Internal Investigations: Webinar Recap

Using Slack and Other...

At Hanzo, we’ve been talking about Slack and other collaborative communication platforms for the last few years. These ...

Read More >
7 Reasons Your Legal Department Wants You to Upgrade to Slack Enterprise Grid

7 Reasons Your Legal...

The global coronavirus pandemic has required that companies—practically overnight—restructure their offices to achieve ...

Read More >