Information Governance Today: What is Working and What is Missing
Last Updated Tuesday, November 28, 2017
There is so much opportunity to improve — this is the number one take away from AIIM’s latest Industry Pulse survey, Governance and Compliance 2017: A Real World View. Even though there are many international, regional, local and industry regulations that must be addressed as a part of transacting business and reports of data loss and security breaches are at an all time high, almost half of the organizations surveyed rate their information governance (IG) policies as poor or worse.
I’ve pulled out a few key findings from this report to get you thinking about how your business is positioned and where you fit among your peers.
Perceptions of Information Governance
Only three percent of companies rate the maturity of their IG policies as outstanding, and 48 percent rate them as poor or extremely poor.
Ten percent of companies report a data loss or exposure in the last 12 months due to staff negligence or bad practice. Nearly a quarter reported they did not know if their organization had suffered a data loss or breach in the past 12 months.
Information Governance Policies
Only 17 percent of businesses have an IG committee with representatives from across business departments and the three biggest issues with creating an IG policy were identified as: getting anybody to be interested (38 percent), getting endorsement by senior management (35 percent), and having the right people involved (31 percent.)
When asked about deletion, 27 percent of respondents report that most things are actually never deleted and 17 percent cite having a manual process at the end of a retention period — which of course means it is labor intensive and time consuming, leading to additional costs.
Twenty-four percent of organizations are planning to automate the declaration and classification of record and information, while twenty percent are just getting started.
Forty-four percent of respondents have either adopted a Cloud/SaaS system for their business records or are actively planning to.
Legal Hold and ediscovery
Time-consuming and costly approaches to ediscovery remain prevalent — 28 percent of respondents use manual searches across their file-shares, email and physical records, 17 percent cite in-system (siloed) searches, and 13 percent conduct manual searches based on a subject matter expert.
Opinions and Spend
Over 60 percent of organizations believe that automation is the key to future governance success and the only way to keep up with increasing volumes of information.
“Information security is a priority but information governance as a unifying disciple is not well understood,” said one anonymous respondent.
Looking at this AIIM report as a jumping off point, the overall IG framework at your organization could include:
- Compliance with regulatory statutes
- Management of all electronically stored information for access, privacy, security, compliance and ediscovery
- Data security
- Data migration
- Employee training/defining staff responsibility
- Supporting or defending litigation or disputes
- Reducing storage space/defensible deletion
- Securing intellectual property
- Ability to respond to requests (i.e. Freedom of Information, etc.)
- Creating searchable knowledge for future reference
- Mobile security
Tackling all of these issues has been chaotic and inconsistent for most organizations, and it’s clear there is a long way to go.
To read the full AIIM report — including their recommendations for creating a plan to move forward — download a complimentary copy.