Abstract
Effective business management within organizations depends, among other factors, on the availability and proper management of appropriate resources. Information resources are one of those resources. This chapter offers practical answers to the many questions that information professionals in an institution may have about how to ensure performing secure and rational management for corporate informational assets. After a brief presentation and discussion of main concepts, it defines and describes the information governance policy, which is the key tool of an advanced information governance approach. It specifies how and when a maturity model should help to develop and update a corporate information governance policy. In addition, it presents the main practical guidelines including specific recommendations on the structure, content, and format of an information governance policy. A discussion of the development and implementation process is then proposed.
TopIG Nature
One working definition of information governance (IG) sees it as a
senior-level administrative structure that establishes roles and responsibilities, decision-making processes, policies and procedures that promote effective decisions that align with business outcomes. (…) In some organizations, information governance seeks to integrate and coordinate a range of relative activities, such as data management, knowledge management, and records management. Sometimes referred to as information technology and communications governance (InterPARES, 2018a).
Considering this definition, an IG domain will fall within large perimeter that is likely situated at strategic and decisional corporate levels. It offers a strong connection between corporate governance and the strategic management of information resources in a given institution.
IG Relevancy
Many reasons exist for organizations to develop such an IG approach. They divide into three categories: short term, mid-term, and long term.
Among the short-term reasons that would lead an organization to adopt an information governance policy are that such a policy:
- •
Formalizes the rules and organizational conventions defining the informational behaviours required for the good conduct of business carried out by the organization's units;
- •
Recalls the rights and obligations with which the various organizational actors must comply;
- •
Provides support to conduct high-performance organizational activities and processes while optimizing the use of human, logistical, and financial resources necessary to access and exploit the information on which these same organizational activities and processes are based;
- •
Aligns information-management policies with the requirements of the organization’s governance policy.
From a mid-term perspective, an IG approach helps to:
- •
Guard against legal and technological risks related to information, as well as various other threats resulting from human error;
- •
Bring together the various information management (IM) sectors of an organization, such as information technology (IT) and records management (RM), around the same objectives;
- •
Identify the organization's information assets;
- •
Control the quality of information and the mechanisms protecting it; and
- •
Harmonise the definition of terms and standardise the practice of information resource management
Finally, among the long-term reasons that would lead an organization to adopt an information governance policy are to:
- •
Increase the visibility of information professionals (e.g., archivists, competitive intelligence specialists, record managers, content managers, knowledge managers);
- •
Enable these professionals to participate more easily in decision-making; and
- •
Enhance the organization's information assets through appropriate means and methods.
Key Terms in this Chapter
Information Governance Policy: A master document drawn up in accordance with the corporate governance policy, based on a collective consultation involving several corporate stakeholders, in which the objectives, rules, processes, and mechanisms necessary to optimize the efficient management of the entire corporate information assets are formalized.
Informational Risks: Any uses or actions carried out in the context of information management that occur in an unforeseen or unauthorized manner and have a direct or indirect impact, positive or negative, on the performance of institutional functions.
Information Governance Principles: Concepts, considerations, and rules of conduct for achieving effective information governance.
Policy: A document setting out the guidelines for the various legal, regulatory, normative, and ethical requirements of an area of activity, and identifying the main actors involved in the implementation of governance.