I’ll repeat that for those of you at the back.
Information Governance is not Information Management… but they are closely related. You don’t have to take my word for it, as on this last point I’m referencing authors David Bawden & Lyn Robinson from their book ‘Introduction to information science’ (London: Facet, 2022).
Sometimes people find it convenient to bundle Information Management functions under IT. I get it… organisations need to establish lines of communication, delegate authority, assign roles & responsibilities, calculate & monitor budgets, evaluate & mitigate risks, ensure accountability in meeting goals and objectives etc.
At the end of the day you do what works for you
There’s no one best fit however and here’s why…
Governance historically has been viewed as how inter and intra governmental relationships were effected. It‘s since taken on a broader coverage to include relationships within and between NGO’s, community groups, charities, businesses, organisations and even markets (Commission On Global Governance, 1995).
When we talk about governance we should consider that:
“It is a continuing process through which conflicting or diverse interests may be accommodated and co-operative action may be taken” (Commission On Global Governance, 1995)
Corporate governance may be understood as how strategic decisions are made, facilitated and stakeholders aligned cooperatively to achieve organisational goals (Hoskisson, c2021).
Let’s further consider the following:
“The concept of information governance is interpreted differently according to the organisation’s context” (Bawden & Robinson, 2022).
There are any number of activities required to effectively support governance processes. Within any organisation everyone has their parts to play, yet governance begins with whomever holds the highest authority: the small business owner, the committee, the directors board or the C-suite etc.
The buck has to stop somewhere, after all.
Ultimately the wellspring of authority – and overall accountability – rests at the apex of any org chart:
- You establish the vision, secure the resources, chart the course & set the tone for the voyage
- You have the authority to empower and to delegate, or take the tiller when necessary
- You are ultimately legally accountable
Are we having fun yet? Nobody said it’d be easy.
I have been asked by several people; “What is Information Governance?” Other questions have included:
- “Is it about GDPR?
- “Is it data protection?”
- “Is it about privacy or information security?”
These are relevant enquiries, but they are not the be all and end all of Information Governance. Not by a long shot.
Some organisations may limit themselves to considering Information Governance as merely demonstrating regulatory compliance. That is their prerogative, just as it may be all that they are constrained to do.
Doing so, however, may expose themselves to various degrees of risk, not least potentially ‘leaving money on the table’.
Information has value.
Back in January of this year I piloted a workshop: ‘Introduction to Information Governance’. I’m doing what I can to inform & advise those who want to improve how they approach treating information appropriately.
And that’s another thing… ‘appropriately’ means different things to different people at different times.
See also: different places, industries, markets, scenarios, working conditions, jurisdictions and any number of technical, financial or other constraints.
Remember: nobody said it would be easy… it’s called work for a reason!
Information Governance (IG) has been said to be:
“An umbrella concept, of relatively recent origin, referring to the sets of policies, processes, standards and guidance on good practice which are applied within an organisation to ensure that all stages of the information lifecycle are managed correctly” (Bawden & Robinson, 2022).
Wait, isn’t that last bit just Information Management by another name?
Well… no.
Information Management (IM) covers the lifecycle of information within organisations: its creation & acquisition, storage, protection, processing & transmission and subsequent retention / preservation or destruction / disposal.
Functions of information retention or disposal are the provenance of Records Management (RM). This is often seen as a logical addition to the IM process, making its acronym RIM.
Information Governance (IG) does not limit itself to just considering the IM / RM functions and processes, however. It is a holistic professional practice supporting the spectrum of business functions, organisational goals, requirements and strategy.
For example:
- It supports identifying & mitigating risks not just towards information but also the organisations operational capability, financial wellbeing and reputation
- It supports how legal obligations, international, industry & professional standards will be met
- It explores opportunities for continual improvement & innovation
It’s my perspective that effective governance needs to be both forwards looking and reflective.
It must be open to critical analysis in pursuit of both compliance as well as performance improvement.
Governance must strive for efficiency whilst ensuring there are sufficient resources in order to meet goals & objectives.
It demands the flexibility of iteration whilst remaining steadfast in the name of doing what is appropriate.
Governance is rarely ‘one and done’. Information Governance is no different, wherver it sits within an organisational structure.
Like any system or process unless it is actively managed things can slow down, break down or go off on wild tangents that take time & effort to correct.
So whilst it might make sense to fold IM into your own IT function please consider the following points: