Hopkinton, Mass. — The time is now for senior leadership to accelerate implementation of companywide information governance programs. This is the message from
Available on EMC’s
The paper is based on an EIU research survey of senior executives from companies around the world about the benefits, challenges and risks associated with developing an enterprisewide information governance strategy. Seventy-seven percent of respondents expect information governance to be important to their company's success through 2011, while 68% also expect the complexity of their company's information governance issues will grow during that same time period.
Yet, nearly two-thirds (62%) of respondents indicated their companies had no formal information governance program in place, a concerning trend that may leave many corporations unprepared for new compliance mandates, and open to preventable risks to sensitive information.
“Even though the standards for good governance are rising, we find that much of today's focus around corporate governance leaves information out of the discussion,” says Frank Hauck, EMC EVP, global marketing and customer quality. “Carefully managing the relentlessly growing volume of information carries both risk and opportunity for the enterprise. We believe that senior corporate leaders need to be active stewards of their companies' information and should know as much about their information assets as their CFO knows about their company's financial assets. Implementing a companywide information governance initiative is one of the most valuable moves corporate leaders can make to create and enforce policies that help ensure information quality, compliance, and protection while increasing its business value.”
“As firms large and small begin to think more strategically about how information is used and conveyed, creating a standard set of policies and procedures for governing information protection, use and distribution inside and outside the firm will be extremely important,” says Debra D'Agostino, deputy director in the Americas, Industry and Management Research, at EIU.
The 2008 EIU research survey includes responses from senior business executives from leading companies, almost half with annual revenues more than US$1 billion and headquartered in North America, Europe, the Middle
East, Asia-Pacific and Latin America. Survey results revealed key differences between the 62% of respondents that do not have formal information governance programs and the 38% of respondents that do:
* For firms without a governance strategy, the risks may be significant. Only 51% of respondents at companies that do not have a formal information governance strategy rate their firms' overall ability to protect sensitive data as good or very good compared with 85% for those whose companies have a formal strategy.
* 40% of overall respondents say their firm does not regularly review and revise information backup and retention policies.
* Only 43% of respondents rate their firms' ability to integrate and share information across departments and necessary third parties as good or very good; 21% say that it is poor or very poor.
* 92% of respondents at firms with information governance strategies rate their company's ability to provide access to critical business information when it is needed as good or very good, compared with only 57% of companies that do not have governance in place.
* 57% of respondents admit they do not have a single view of the customer.
* 81% of firms with information governance programs report that “information can be better shared between departments, allowing for better decision-making.”
Enterprise information has typically been siloed around lines of business or specific business applications but when properly integrated, can benefit the rest of the organization. To effectively leverage and share that information across the enterprise while managing the associated costs and risks, EMC recommends implementing enterprisewide information governance programs.
The most effective programs, according to EMC, engage key leadership and information stakeholders across the organization to gain their input and to help prepare the organization for change. Both EMC and the authors of the EIU briefing paper advocate that executive sponsorship across lines of business can also help to ensure key business drivers such as cost management, security and business value as core metrics in measuring program success. The most successful programs take an incremental approach and don't attempt sweeping changes all at once. These programs should define master information standards along with the policies, privileges, and responsibilities of information owners and users in order to ensure required levels of quality and risk management, the companies say.
“Good information governance can help companies solve a fundamental challenge within their organizations - how to balance the costs, risks and value of information assets across the enterprise,” says Chuck Hollis, EMC Global Marketing CTO. “As the EIU research indicates, implementing an information governance program can result in companies seeing improved operations and cost control, increased visibility of information flows across the enterprise and an overall better organizational preparedness for meeting compliance mandates. The senior leadership at corporations worldwide should make this a key business priority.”
Recognizing the need for information governance solutions in the current marketplace,
According to the vendor, Autonomy ControlPoint facilitates critical governance tasks, including classification, preservation or disposition of information assets based on its ability to understand the meaning of information being collaborated across different SharePoint servers and other content repositories. ControlPoint also alleviates the need to assign teams of risk managers, legal professionals and compliance officers to manage information risk developing across SharePoint sites. It uses a centralized policy hub to enforce governance control across distributed networks, an increasingly critical function given that SharePoint servers are typically siloed throughout the enterprise.
"While many information officers have taken steps to try to protect the company with retention policies, lack of enforcement and a full understanding of the entire corpus of information in the enterprise can undermine any good faith efforts," says Mike Lynch, Autonomy's CEO. "The scope and breadth of the problem is compounded by the sheer volume of different types of information in an enterprise, hidden across divisions, countries, laptops, and now among rapidly growing MOSS installations. Companies must understand that policy matters. Without the appropriate policy applied, they will create "information anarchy."
Sources: EMC Corp., Autonomy Corporation plc, MarketWatch
Exclusive content only available on InsuranceNetworking.com
