skip to Main Content
Red Sea Dispatches

Policy Driven Integrated Decisions (Part 3/3)

Scott Adams, known for his office comic strip, Dilbert, published the non-fiction book “The Dilbert Principle” in 1996. At that time, ISO 9000 (Quality Management) was all the rage and Adams was the satirical cat among the office pigeons. ISO 9000 champions well-documented processes and he artfully captures the mid-nineties experience of this:

“If your company is not involved in something called ‘ISO 9000’ you probably have no idea what it is. If your company is involved in ISO 9000 then you definitely have no idea what it is.”

Fast-forward twenty years and I feel a bit like the cat among the information governance pigeons. Information governance is not one thing — it is a process not a product. Moreover, controlling information works one way for a small family business, another way for a business with 1000+ employees, and vastly different for a multinational organization that operates across geographic and legal boundaries. Or in different terms, controlling information will take different forms in a department of defence, law firm, or university accustomed to academic freedom.

I began Part 1 of this series asking, what is information governance? My background in records management led me to ask, how does it differ from information management? I introduced Gartner’s definition of information governance, ARMA’s information governance maturity model, and discussed some values and principles that likely contributed to its development.

Part 2 focused on the “accountability framework” part of Gartner’s definition. I also suggested that the very act of capturing decisions accountably transforms businesses and, taken to the logical extreme, societies.

In this third and final instalment I reach out to veteran information professionals for their views. Before doing so I would be remiss not to say something about the “decision rights” part of Gartner’s definition.

According to Deloitte, decision rights goes beyond the standard approach to governance by cataloguing key decisions that must be made (a decision inventory), identifying who is closest to the relevant information throughout the decision making process, and documenting who is accountable for the decisions (a decision rights model).

This catalog will differ for a small business or university but, at the extreme, it is easy to see how a catalog of decision rights could be critical for aligning decisions across multinational firms. For me, this is helpful context to distinguish information governance from records management because the latter doesn’t really speak to decision rights.

Records management can demonstrate accountability and it can document who owns what record but it does not determine who may be consulted, informed or notified, or who makes the final decision. Those processes derive from executive leadership, corporate bylaws, or both.

Taken in that sense, records management follows; it does not lead.

On that note, let’s hear what others say. I thank the respondents for taking time to share their thoughts with Open Shelf and me. Each has a slightly different take on this topic but I think the combination of perspectives shows the way. Collectively, they have 125+ years cumulative experience dealing with information challenges so I invite you to read between the lines for additional areas of shared understanding.

I asked respondents the following questions:

1. Information governance is an emerging field without universally agreed definitions and understandings. Do you think it represents something new and useful or is it a repackaging of established practices?

2. Do you think that we will see Information Governance departments or sub-departments in the future?

3. Regardless of definitions, what do you think is the key component of a successful Information Governance program?

Responses to the first question varied the most. My sense from them is that information governance is not wholly new but it brings executive levels to the fore. It may be that “decision rights” is the tiebreaker in the debate and, if I were to repeat this survey, I would separate information governance into its component parts and check for understanding on that basis. I suspect that others might feel as I do that information governance is newer in terms of decision rights than well-established accountability frameworks.

Regarding question two, I was informed that that the future is already here and information governance departments exist today; more importantly, discussion of administrative offices extended to Chief Information Officers and the question arose as to whether a CIO’s role is to manage information or technology.

If I had to put money on it, I’d say, “Watch this space” for future development.

The third and final question shows the most agreement over what information governance needs to succeed: executive sponsorship! If your executive leadership is not behind this yet, what hope is there for the information professionals on the ground? As one respondent put it: this cannot be bottom up.

Respondents below are listed alphabetically by last name.

Stephen Howard currently works as an Archives and Records Management Expert in Brussels, Belgium. His previous experience includes senior information management roles at the UK National Air Traffic Service, the Special Tribunal for Lebanon in The Hague, the EU and UN missions in Kosovo, and in UK local government. He is the founder of Archival Strategies, an online records management resource. In 2013 he was awarded the prestigious Fellowship of the Information and Records Management Society (FIRMS).

“Information governance is a useful portmanteau concept but it is not new. For example, I was invited to deliver a presentation on Information Governance in London in 2007. At that time in England the concept of information governance was most fully articulated through the National Health Service’s Information Governance Toolkit, with a focus on the protection of personal and sensitive personal data.

In my presentation then I focused on the need for an information management program to align with organizational strategy, and to be implemented via policy and standards with a clear chain of accountability. I was strongly influenced at that time by British Standard publication “PD 0010 – The principles of good practice for information management.

Last year at the DLM Forum in Lisbon [Making the Information Governance Landscape in Europe] I used a similar core sense of the term information governance when presenting the lessons learned from a SharePoint governance project, and I think that this core meaning has not changed over the years. What is new today is how information governance’s inherently flexible definition has enabled its adoption by a wide variety of professions and disciplines. Lawyers, IT professionals and business leaders now use the vocabulary of information governance to mitigate risks arising from “Big Data” and our emerging interconnectedness in a fragile, insecure, and litigious digital world. In describing the new ‘super-discipline’, the broad span of Robert Smallwood’s ‘Information Governance’ foundation text reads like a scrapbook of memories from my career thus far.

To be successful, an information governance program needs senior management endorsement of the broad information governance vision and vocal support.”

Robin Keirstead is the University Archivist at Western University.  He previously worked at the BC Records Management Branch, the BC Courthouse Library Society, and the Archives of Ontario, and managed archives and records management programs for the Region of Waterloo and the City of Kitchener.  He also served as Acting University Librarian at Western for one year.  He has taught archives and records management courses at the college and university level and in 2006 received the Dean’s Award for Excellence in Part-Time Graduate Teaching from Western’s Faculty of Information and Media Studies.  Active in many professional associations, he served on the Board of Directors of the Canadian Council of Archives for five years.  In 2010 he received the Alexander Fraser Award from the Archives Association of Ontario in recognition of his contributions to the province’s archival community.

“I see Information Governance as a contemporary, unified way of articulating the value of an effective Information Management program to any organization that will (or should) resonate in the boardroom as well as on the shop floor, and also potentially have relevance with the various stakeholders of any organizations.

What may distinguish it from traditional information management may be the way in which it can bring different partners to the table who might, in the more traditional and stratified world of the information professions, not necessarily be working together or indeed talking to each other. And there is also the added benefit of bringing in the overall ‘governance’ aspect that is missing from many, but not all, information management programs.

Rather than creating new Information Governance departments, where there is a Chief Information Officer I think it better to ensure that this role takes on Information Governance as one if its key mandates. If the role of the CIO in a given organization does not include responsibility for ‘traditional’ information management, then it needs to be brought under his/her purview. If the increased focus on Information Governance makes existing CIO roles more comprehensive and/or leads to the creation of new CIO roles then it has been beneficial already. I see this is a way to bring responsibility for information in all its facets together and to maximize the benefit to the organization of any Information Governance initiatives.

To be successful, an information governance program needs a holistic view of the value of effective identification, management and use of information, in all its various components; a recognition of the necessity of having appropriate control and accountability for the information and all associated functions; and a recognition of the importance of and responsibility for good information practices on the part of all levels within an organization, both for compliance and effective business practices.

If all that the discussion of Information Governance creates is greater awareness of and respect for Information Management and its contributions to effective administration and operations then it will have been worth the effort, but I think it can achieve even more by elevating the level of discourse to include the broader context of information accountability, responsibility and compliance.”

Nancy McGovern has been responsible for digital preservation at the Massachusetts Institute of Technology (MIT) Libraries since 2012. Prior to that, she was responsible for digital preservation at the Inter-university Consortium for Political and Social Research (ICPSR) and at Cornell University Library, and served as Electronic Records Manager at the Open Society Archives in Budapest. She directs the Digital Preservation Management (DPM) workshop series that she has presented almost 50 times since its launch at Cornell in 2003, and has served on the faculty of the DigCCurr Professional Institute at UNC Chapel Hill, the Advanced Institute of the Council of State Archives, and the ARL/DLF e-Science Institute. She was elected Vice Preservation/President-Elect of the Society of American Archivists in 2015. She holds a PhD from University College London in digital preservation.

“To me, information governance is a high-level term that is inclusive of the things we do to achieve effective digital curation and its component parts, data curation and digital preservation – there is more to information governance than those components, but those are the ones I focus on. The information part includes the long-term management of content of any kind (especially digital in my case) and the governance part includes effective and compliant record-keeping and the need to address authenticity requirements in digital preservation for example.

Information Governance is informed by, builds on, and leverages lessons learned from established practices. The different terms we use reflect different lenses, perspectives, domains, and insights gained. The term itself is not brand new and it does contain, as most terms do, aspects that are not reflected elsewhere – information governance reflects and emphasizes the need to be intentional, transparent, well-documented, and compliant – though it depends on how you view governance.

It apparently is a human activity to latch onto a next term periodically – especially as new people join a domain or community – in hopes that it will solve a problem and possibly provide an all-inclusive understanding. I think the terms we develop in advancing practices should be viewed as individually valuable as well as cumulatively necessary – inclusive rather than exclusive.

I am increasingly a fan of focusing on necessary functions and roles associated with functions (information governance seems like a function or perspective to me) and of working in teams that are flexible and able to be formed and reformed as new functions and roles are needed. It would be valuable for institutions to understand how they are addressing information governance. I do not see it replacing the need for archives, for instance, though the two have a strong intersection.

To be successful, an information governance program needs a clear scope (what is in and out of scope); cumulative, current, and comprehensive documentation to ensure it; and ongoing, intentional, and reliable transparency that can build and retain trust.”

Mike Ridley is the former Chief Information Officer and Chief Librarian at the University of Guelph and current librarian and lecturer in the first year program. Other roles include University Librarian (Acting) and Associate Librarian for Systems, both at the University of Waterloo, and Head of Systems and Technical Services at the Health Sciences Library, McMaster University. In 2007, the Ontario College and University Library Association (OCULA) named him Academic Librarian of the Year. He has served as President of the Canadian Association for Information Science, as well as the Ontario Library Association. He is the Editor-in-Chief of Open Shelf, the online magazine for the Ontario Library Association.

“I’m very keen on governance (as opposed to management) as a concept. And at the core of governance is ‘decision rights’: who is responsible / accountable for what. The problems arise when the managers want to govern and the governors want to manage. Information governance, IMHO, raises the game about how we steward information (something in the past that was left to whim or a variety of different actors with different objectives.

Information governance is a different perspective; not new in the sense that these issues didn’t exist before (librarians and archivists have always considered them but rarely were they applied across an entire institution). Information governance makes information (at a certain level) the purview of the senior oversight group of the organization (e.g. Board of Directors).

We already see information governance departments starting to emerge from IT Governance units that are springing up in the private and public sector. Most IT Governance units quickly realize that they are in fact governing information not technology. Some flounder in trying to make that transition; others have a CIO that can manage it.

To be successful, an information governance program needs senior leadership (e.g., CIO and other C-level positions) with the support of the governing body (e.g., the Board) and a clear set of principles that drive the program. This cannot be bottom up.”

Ian Wilson is the former Librarian and Archivist of Canada and current Special Advisor at the National Archives in the United Arab Emirates. Other roles include the Executive Director for the Stratford Institute for Digital Media, Provincial Archivist of Ontario, and Provincial Archivist of Saskatchewan. In 2002 he received the Order of Canada and has been named as a Senior Distinguished Research Fellow by the Munk School of Global Affairs, University of Toronto. He is the former president of the International Council on Archives (ICA) as well as the Champlain Society and the Ontario Historical Society. HE is currently the special adviser to the National Archives of the United Arab Emirates.  He holds honorary doctorates from York University, Queen’s University, and the University of Saskatchewan.

“The concept of ‘information governance’ appeals to me but I would urge that we raise it to the level above “information management”. Information Governance must concern itself with the coherent body of laws, regulations and professional practices within which information management takes place. Information governance has the potential of providing a coherent legal and policy framework regulating and guiding the effective use of information within an information rich, technology enabled mobile society.

Information governance departments already exist. Most governments and major corporations have an office of CIO. Sadly most CIOs of my acquaintance have ignored, forgotten or more likely never considered their true responsibility: information. They have preferred to focus on the technology, leaving the real asset, the information (whether data or record) to an uncertain fate. CIOs have failed society.

The first requirement for a successful information governance program is to shift our understanding of records and data from being a waste by-product of administration or research to recognizing it as a strategic asset: one that must be managed by all executives and managers in all organizations as effectively as they have traditionally managed their other program resources: money, staff and facilities. It must also be seen as a corporate asset, not just a program asset, and managed from a corporate-wide perspective.

Information must be seen and managed in ways similar to managing other assets. This is the biggest challenge to get managers to comply with the laws and regulations in this field: they have not been trained in this. Most MBA and MPA programs offer courses in Human Resource and Financial management BUT seldom in information management. Until this changes the challenge remains. And the hardest part has always been monitoring compliance: how do you prove that records have not been created or are now missing?

Taking a comprehensive information focus to understanding organizations or societies can be transformative. How information is created, accessed and flows demonstrates the real structure of an organization. Terms like ‘hierarchy’, ‘teamwork’, ‘responsible to’ or ‘reporting relationship’ are really about information flow. Taking such an approach would transform governance in any organization.”

Chris Graves is the Acting University Archivist / Records Manager at the King Abdullah University of Science and Technology (KAUST) in Saudi Arabia. The Red Sea Dispatches column documents Chris’ experience in a new job in a new place. The views expressed in this article are those of the author and do not necessarily represent the views of, and should not be attributed to, the King Abdullah University of Science and Technology (KAUST).

Editor’s Note: This is the third in a three-part series on information governance:

Part 1: Would the Real Information Governance Please Stand Up
Part 2: Transformational Governance by Design
Part 3: Policy Driven Integrated Decisions

Back To Top