Information Governance

6,795 views

Published on

Information Governance Training - Learn how to establish an information accountability framework that reduces costs, manages risk, and optimizes value

Published in: Business, Technology

Information Governance

  1. 1. Copyright  ©  AIIM    |  All  rights  reserved.   #AIIM   The  Global  Community  of  Informa4on  Professionals   aiim.org   How  to  sell     Informa4on  Governance     to  execu4ves?   Manage  risks,  reduce  costs,  and  maximize  value  of  informa4on  
  2. 2. Copyright  ©  AIIM    |  All  rights  reserved.   Your  Industry  Associa4on   ¤ AIIM  is  the  global  community  for   informa4on  professionals   ¤  Founded  in  1943   ¤  80,000  acCve  community  members   ¤ We  do  research  and  task  forces   analyzing  trends  and  opportuni4es   ¤  Forbes  Magazine  called  our  research  with   author  Geoffrey  Moore  the  "Best  social   media  idea  of  2011”   ¤  AIIM  published  last  year  #OccupyIT  –  a   manifesto  about  how  business  leaders  must   reclaim  IT   ¤ AIIM  is  a  also  leading  provider  of   training  and  standards  
  3. 3. Copyright  ©  AIIM    |  All  rights  reserved.  3   The  Need  for  Informa4on  Governance   §  Digital  data  is  growing  &  moving   beyond  the  enterprise   §  Business  value  &  risk  is  oUen   unknown  &  unmanaged   §  Sharing  informaCon  with  partners   &     suppliers  is  rouCne   §  Social  networking  &  mobile  access   is  prevalent   §  Risk  of  security  breach  or  data  loss   is  growing   Source:  Chris  Preston,  InformaCon  Intelligence  Group,  EMC  at  #AIIM12  
  4. 4. Copyright  ©  AIIM    |  All  rights  reserved.  4   Perfect  Storm  of  Regula4on   §  Data  Privacy  Laws  (vary  by  state)     §  Freedom  of  InformaCon  Act   §  HIPAA   §  Payment  Card  Industry  Data   Security  Standard   §  Homeland  Security   §  Sarbanes-­‐Oxley   §  Industry  specific  regulaCons   (HACCP)   §  Federal  Rules  of  Civil  Procedure   Source:  Monica  Crocker,  Land  O’Lakes  at  #AIIM13   AIIM  research  found   that  legal  costs,  fines   and  damages  could  be   reduced  by  25%  if   organizaCons  applied   best  pracCce   procedures  to  records   management,  security   and  e-­‐Discovery.      
  5. 5. Copyright  ©  AIIM    |  All  rights  reserved.  5   Defini4on  of  Informa4on  Governance   “The  specificaCon  of  decision  rights  and  an  accountability   framework  to  encourage  desirable  behavior  in  the  valuaCon,   creaCon,  storage,  use,  archival  and  deleCon  of  informaCon.    It   includes  the  processes,  roles,  standards  and  metrics  that   ensure  the  effecCve  and  efficient  use  of  informaCon  in   enabling  an  organizaCon  to  achieve  its  goals.”              Source:  Gartner     The  key  terms?   §  Accountability  framework  for  informaCon   §  Processes,  roles,  standards,  metrics   §  EffecCve,  efficient  use  of  informaCon  to  achieve  goals  
  6. 6. Copyright  ©  AIIM    |  All  rights  reserved.  6   IG  as  an  Umbrella  Term   Source:  hhp://ediscoveryjournal.com/wp-­‐content/uploads/edj-­‐reports/ ViaLumina_eDJ_Info_Governance_Survey_Report.pdf  
  7. 7. Copyright  ©  AIIM    |  All  rights  reserved.  7   One  IG  Program  to  Rule  Them  All   Source:  Doculabs  &     EDRM  InformaCon  Governance  Reference  Model  (hhp://www.edrm.net/projects/igrm)   Managing   informa+on   throughout  its   lifecycle  from  a   broader   perspec+ve  than   just  reten+on,   legal  obliga+on,   or  IT   func+onality   Seeks  to  meet   the  needs  of   the  total   organiza+on   (Compliance,   IT,  and  lines  of   business)  with   op+mized   informa+on   management   prac+ces  
  8. 8. Copyright  ©  AIIM    |  All  rights  reserved.  8   A  New  Strategy  for  IG   1.  Manage  all  informaCon,  not  just  records   2.  Connect  legal,  privacy  and  regulatory  retenCon  obligaCons  to   relevant  informaCon   3.  RetenCon  periods  must  take  into  account  the  business  value  of   informaCon  in  addiCon  to  legal  and  compliance  value   4.  IdenCfy  where  informaCon  is  located   5.  Ensure  that  retenCon  and  disposal  obligaCons  are  communicated   and  publicized  in  a  language  that  stakeholders  can  understand   6.  Allow  for  flexibility  to  adapt  to  local  laws,  obligaCons  and   limitaCons   7.  Include  a  mechanism  that  allows  legal  and  IT  to  collaborate  in   execuCng  and  terminaCng  legal  holds   8.  IdenCfy  and  eliminate  duplicate  informaCon   9.  Update  in  real  Cme  to  account  for  changes  in  laws,  to  business   and  in  technology   Source:  Lorrie  Luellig,  Ryley  Carlock  &  Applewhite  hhp://www.cioinsight.com/it-­‐ management/inside-­‐the-­‐c-­‐suite/a-­‐modern-­‐governance-­‐strategy-­‐for-­‐data-­‐disposal.html/  
  9. 9. Copyright  ©  AIIM    |  All  rights  reserved.  9   §  InformaCon  Management  Compliance  =     legal  requirements  +  industry  standards  +   organizaConal  policies  and  guidelines,  and   more...   §  Finding  and  retrieving  informaCon  on  demand   §  Controlling  access  and  confidenCality   §  Monitoring  and  reporCng  for  enforcement   §  Comprehensive  audiCng   §  Secure  retenCon  and  destrucCon   Manage  Risks  -­‐  1   Source:  Ovum  
  10. 10. Copyright  ©  AIIM    |  All  rights  reserved.  10   0%   10%   20%   30%   40%   50%   60%   Excess  liCgaCon  costs  or  damages  resulCng  from  poor   records  keeping   Loss  of  customer  confidence  or  bad  publicity  from  data   loss   Loss  of  intellectual  property  or  company  confidenCal   informaCon   Inability  to  respond  to  requests  (Freedom  of   InformaCon)   Infringement  of  industry-­‐specific  compliance   regulaCons   Audit  qualificaCons  due  to  inadequate  records   Regulator  acCon  from  loss/exposure  of  personally   idenCfiable  informaCon   Poor  outcome  of  customer/supplier  disputes  due  to   gaps  in  comms  trail   Criminal  prosecuCon  for  allowing  personally  sensiCve   data  to  be  lost   Manage  Risks  -­‐  2   Which  of  the  following  do  you  consider  to  be  the  three  biggest  risks  to  your   company  from  a  failure  of  informaCon  governance?  (max  THREE)   N=500  
  11. 11. Copyright  ©  AIIM    |  All  rights  reserved.  11   0%   20%   40%   60%   80%   Reduce  storage  and  infrastructure  costs   Exploit  and  share  our  knowledge  resources   Faster  response  to  events,  accidents,  press  acCviCes,   FOI  enquiries,  etc.   More  personalized  and  accurate  service  to  customers   Beher  customer/supplier  relaConships   Support  for  potenCal  big  data  iniCaCves   Beher  reputaCon/improved  shareholder  value   Faster  and  cheaper  financial  audits   Control  social  media  for  posiCve  benefit   Reduce  Costs  -­‐  1   Which  three  of  the  following  do  you  consider  to  be  the  biggest  benefits  to  your   company  from  good  informaCon  governance?  (max  THREE)   N=506  
  12. 12. Copyright  ©  AIIM    |  All  rights  reserved.  12   Technique   Status   %  of  Total   Total   AnalyCcs   Unnecessary     20%   500  TB  (.5  PB)   ClassificaCon   Record   8%   200  TB  (.2  PB)   Non-­‐Record,  Business   Reference   28%   700  TB  (.7  PB)   Evaluated,  Staged  for   DisposiCon  (2016)     44%   1,100  TB  (1.1PB)   Total   100%   2,500  TB  (2.5  PB)   Findings   Enterprise  Impact   Total  that  could  be  disposed   20%  of  2.5  PB   Enterprise  ImplicaCons   .5  PB  removed  @  $5,000,000  per  PB   Savings   $2,500,000  per  year  in  storage  expense   Reduce  Costs  -­‐  2   Source:  James  Watson,  Doculabs,  at  #AIIM12`     Here  is  an  example  of  an  organizaCon  that  started  to  beher  manage   informaCon  over  its  lifecycle  including  gezng  rid  of  informaCon.  
  13. 13. Copyright  ©  AIIM    |  All  rights  reserved.  13   How  much  more   producCve  do  you   think  the   administraCve   staff  in  your   organizaCon  would   be  (or  are)  if  their   processes  were   work-­‐flowed,   using  scanned   forms  and   documents,  with   automated  data   capture?  33.5%  more  produc4ve  (average)   Maximize  the  Business  Benefit  -­‐  1  
  14. 14. Copyright  ©  AIIM    |  All  rights  reserved.  14   How  much  more   producCve  do  you   think  professional   staff  in  your   organizaCon  would   be  (or  are)  if  they   could  find  internal   informa4on  and   documents  as   quickly  and  as  easily   as  they  find   informaCon  on  the   web? 30.9%  more  produc4ve  (average)   Maximize  the  Business  Benefit  -­‐  2  
  15. 15. Copyright  ©  AIIM    |  All  rights  reserved.  15   Photo  source:  hhp://www.flickr.com/photos/globalx/4864001692/   How  much  would  it   improve  (or  have   you  improved)  the   efficiency  of  your   office  staff  by  giving   them  sufficient   remote  or  mobile   access  to  company   informa4on  that   they  are  able  to   efficiently  work   from  home  or  on-­‐ the-­‐road?   25.1%  more  efficient  (average)   Maximize  the  Business  Benefit  -­‐  3  
  16. 16. Copyright  ©  AIIM    |  All  rights  reserved.  16   By  how  much  do  you  think   customer  service  levels  and   response  Cmes  could  be  (or   have  been)  improved  if  all   of  your  customer-­‐facing   staff  could  immediately   access  and  share  all  of  the   customer  related  and  case-­‐ related  informa4on  that   you  hold.     32.2%  more  responsive  (average)   Maximize  the  Business  Benefit  -­‐  4  
  17. 17. Copyright  ©  AIIM    |  All  rights  reserved.  17   Informa4on  Governance  Training   AIIM  –  the  leading  training   provider  for  informaCon   professionals   §  25,000+  course  ahendees   §  Self-­‐paced  or  live  courses   §  Courses  can  be  customized   for  your  organizaCon   §  Pass  the  online  exam  to  earn   the  designaCon   Learn  how  to  establish  an  informa4on   accountability  framework  that  reduces   costs,  manages  risk,  and  op4mizes  value   •  Get  execuCve  sponsorship   •  Establish  an  InformaCon  Governance   Program   •  IdenCfy  necessary  components,   technologies,  and  instruments   •  Assess  the  impact  of  mobile,  social,   cloud  and  big  data  analyCcs   •  Conduct  a  risk  assessment  and   miCgaCon   •  Automate  records  retenCon  and   disposiCon   •  IdenCfy  necessary  roles  and   responsibiliCes   •  Measure  for  success  
  18. 18. Copyright  ©  AIIM    |  All  rights  reserved.  18   1.  Understanding  the  Context     How  to  understand  the  context  of  the  organizaCon     How  to  conduct  a  Maturity  Assessment     How  to  idenCfy  and  prioriCze  business,  legal  and   other  requirements  (compliance)   How  to  conduct  a  risk  profile,  assessment  and   miCgaCon  (risk  management)   How  to  define  the  scope  of  the  MSR   How  to  idenCfy  the  quality  of  leadership   How  to  get  management  commitment   How  to  obtain  ExecuCve  Sponsorship   How  to  develop  a  policy   How  to  establish  organizaConal  roles,   responsibiliCes  and  authoriCes   2.  Planning   How  to  carry  out  planning     How  to  address  risks  and  opportuniCes   How  to  define  business  problems     How  to  build  a  program  roadmap     How  to  establish  an  organizaConal  blueprint     How  to  establish  informaCon  management   objecCves  and  plans  to  achieve  them     How  to  define  Metrics     3.  Support   How  to  ensure  the  support  that  is  required     How  to  ensure  the  resources  that  are  required     How  to  establish  competencies  for  roles     How  to  increase  awareness  and  improve  training     How  to  improve  communicaCon     Hot  to  ensure  proper  documentaCon     4.  Opera4ons   How  to  establish  operaCons     How  to  carry  out  operaConal  planning  and  control     How  to  design  of  data  and  informaCon  processes     How  to  implement  an  informaCon  governance   operaCon     How  to  establish  supporCng  roles  required  for   informaCon  management     How  to  establish  and  use  analyCcs     How  to  establish  control  for  Security  &  Privacy     How  to  manage  the  lifecycle  of  data  and  informaCon     5.  Performance  Evalua4on   How  to  carry  out  program  performance  evaluaCons     How  to  monitor,  measure,  analysis  programs     How  to  measure  performance  results     How  to  carry  out  an  internal  system  audit     How  to  conduct  a  management  review     How  to  establish  conCnuous  improvement     How  to  address  nonconformity  control  and   correcCve  acCons     6.  Components/1     How  to  carry  out  high  level  acCviCes  for  records  and   Lifecycle  management   How  to  carry  out  high  level  acCviCes  for  Data  Quality   How  to  carry  out  high  level  acCviCes  for  Data   security  and  privacy     7.  Components/2   How  to  carry  out  high  level  acCviCes  for  Big  data   How  to  carry  out  high  level  acCviCes  for  Mobile   compuCng   How  to  carry  out  high  level  acCviCes  for  Cloud   compuCng   How  to  carry  out  high  level  acCviCes  for  Social  media   management     8.  Associated  Technologies/1     How  to  use  Content  Management  (including  CMS,   WCM  and  ECM)   How  to  use  Document  management  (including   scanning  and  imaging)   How  to  use  Records  management  (including  EDRMS   and  physical  records  management)   How  to  use  Digital  asset  management  (DAM)   How  to  use  Email  management  (and  archiving)   9.  Associated  Technologies/2   How  to  use  Archive  management,  Business  process   management   How  to  use  Search  (including  enterprise  search  and   federated  search)   How  to  use  eDiscovery  and  eDisclosure   How  to  use  AnalyCcs  and  “big  data”  analysis     10.  Instruments   How  to  develop  a  taxonomy   How  to  develop  a  metadata  model   How  to  develop  a  security  classificaCon  scheme     Informa4on  Governance  Prac44oner     -­‐  Create  an  informa4on  accountability  framework  that  reduces  costs,   manages  risk,  and  op4mizes  value  
  19. 19. Copyright  ©  AIIM    |  All  rights  reserved.  19   24-­‐7  course  access  for  6  months   Unlimited   access  for  6   months     Downloadable   resources,   checklists,  and   templates     Online  exam   leading  to  an   AIIM   designaCon  
  20. 20. Copyright  ©  AIIM    |  All  rights  reserved.  20   Standards  and  best  prac4ces   The  courses  use  and  refer  to  standards  when  possible  including  benefits   and  disadvantages   All  AIIM  training  courses  have  an  internaConal  focus  with  local   examples  of  regulaCons  and  standards      
  21. 21. Copyright  ©  AIIM    |  All  rights  reserved.  21   Sign  up  now  at  www.aiim.org/training   §  Self-­‐paced  PracCConer  courses  starts  at  $790  per  person   §  Includes  6  months  access  to  online  resources,  handouts,  and  exam   §  Contact  AIIM  to  get  significant  student-­‐bulk  discounts  for  10+   students   §  Instructor  is  available  for  6  months  to  answer  quesCons  and  provide   guidance     §  3  x  90  min  virtual  live  PracCConer  sessions  just  for  your   organizaCon  for  $3,700  with  max  15  ahendees   §  AIIM  organizes  3  x  90  min  live  virtual  sessions  with  experienced   instructor  and  subject  maher  expert   §  Ahendees  get  6  months  access  to  online  resources,  handouts,  and   exam   §  Instructor  is  available  for  6  months  to  answer  quesCons  and  provide   guidance    

×