1. yes the SmartArt tool is certainly an option that you can use to your advantage. Be advised that customizing SmartArt can be a challenge for the new PowerPoint user. Did you find that the graphic diagrams worked well initially or required some additional modifications?
2. Great post! I also utilized the Smartart/ Wordart feature on powerpoint. It helped my slogan pop out of my presentation and gave the audience something to remember about my product. I agree, it helps make the presentation visually appealing which is an important aspect to all professional presentations, especially those targeted to an audience. It captures attention which should be given to the important points which wont be done if the information is presented in plain text. Although,I do think too much WordArt can make the presentation look tacky, so on that note, I like to keep it for the most important factors!
3. i think its very important to make sure that there is a flow in you presentation. that it must look appealing and catch the readers attention. To much going on in a slide will not deliver your message in a professional way. when i didn't my presentation, i believe in the term "less is more". Even though i did put images, shapes,colors, etc. i made sure to blend them well enough to look presentable and still believer the message.
4. Powerpoint is an important tool when it comes to making a presentation to captivate your audience. Personally, I would say an essential for a professional layout would be to keep pictures on one side of the slide and words on the other. This option can be found under the "Slides" option and you can select the slide that offers two columns of information except one. In one column there would be a picture and in the other there would be words. For example, I used the technique in my Unit 2 assignment. I had my product picture on one side and a description of it on the side. In that manner, I was able to showcase my product and its features without there being too many pictures and words crowded on screen. This kept everything organized so if someone were to come across it, there would know what its for and what its about.
Another tool I use is Word Art for slogans that are important to the product or service I am showcasing to an audience. That keeps that attend to what the product is and about; also it keeps the audience engaged on your presentation and gives them something catchy to leave with. I utilized this tool in my assignment as well to make the slogan of my product pop.
5. I think the most essential and proffesional layout for Microsoft PowerPoint is the use of pictures and smart art. It catches the viewers attention and keeps them interested while listening to the presentation and also looking at the pictures of what the presentation is based on. The presentation may be boring but by using pictures and smart art it keeps the audience interested and connected to the slideshow. Yes I used pictures in my ...
Do you have abundant pool of talent within you but are wondering how to showcase it? How to connect with people for production and success? How to grab good professional income? Something to demonstrate your skills and potential to encase your unique work ? Did more and more efforts and hard work but failed in fetching attention worldwide?
How to use power point to sell your product or serviceVisualspiders
PowerPoint slideshows are now an important part of business presentations and in an instructional setting. They engage the audience and convince clients to buy your idea. Whether you are looking to make a visual impact or impress people with key statistics, PowerPoint presentations can be very effective. Here’s how you can use PowerPoint to sell a product or service:
Do you have abundant pool of talent within you but are wondering how to showcase it? How to connect with people for production and success? How to grab good professional income? Something to demonstrate your skills and potential to encase your unique work ? Did more and more efforts and hard work but failed in fetching attention worldwide?
How to use power point to sell your product or serviceVisualspiders
PowerPoint slideshows are now an important part of business presentations and in an instructional setting. They engage the audience and convince clients to buy your idea. Whether you are looking to make a visual impact or impress people with key statistics, PowerPoint presentations can be very effective. Here’s how you can use PowerPoint to sell a product or service:
From insight to idea, to implementation.
Design Thinking helps us create value-driven innovation.
Lean UX secures success through testing and iterations.
These key ingredients make up a winning combination.
Lillian Ayla Ersoy, BEKK
Presented by Lea Synefakis-Pica for Analytics That Excite 2014
Even the most seasoned analyst can make very simple changes to a presentations to make a big impact. If everyone in your audience is catching up on email or sleep, chances are your presentation design and/or data charts are obscuring your valuable insights and hurting you rather than helping you. Lea can help you inspire action and build credibility with a fresh new toolbox of tips and techniques to set your presentations apart and get the results you’re looking for.
Letsgetstartaffiliate.com power point 51 important tips to create your busin...Business Secrets
Ready to Win. Professionally researched, planned and prepared so that you can effectively deliver the right message to your target audience. Designed correctly. With points that are illustrated and visually illustrated without overwhelming your audience or unnecessarily complicating your message....
Interest: None
What is product marketing in a tech company, is it even a real thing, what are the key challenges, how are things changing and what are key takeaways. The session will draw on my 20+ years product marketing experience working for telcos and technology companies in Ireland, UK and Silicon Valley. Session from Product Camp Dublin, June 2017
Social media marketing is a powerful way for businesses of all sizes to reach prospects and customers. Your customers are already interacting with brands through social media, and if you're not speaking directly to your audience through social platforms like Facebook, Twitter, Instagram, and Pinterest, you're missing out! Great marketing on social media can bring remarkable success to your business, creating devoted brand advocates and even driving leads and sales.
[CXL Live 16] How To Present Your Testing Results to Get Results by Lea PicaCXL
Are your executives and clients falling asleep during your testing presentations? Chances are your slide design and data visualizations are obscuring your valuable insights. With her special blend of neuroscience-based visualization principles, practical hands-on design techniques, and entertaining “tough love”, Lea will equip you with a fresh new toolbox that will get you and your data presentations remembered and acted upon.
How to create effective and relevant content online | impact image marketingImpact Image Marketing
Presentations are tools that can be used as demonstrations, lectures, speeches, reports, and more. It is mostly presented before an audience. It serves a variety of purposes, making presentations powerful tools for convincing and teaching.
5 Tips for Creating Infographics That Win the War for AttentionClearEdge Marketing
You all know the old adage: “A picture is worth a thousand words.” Today’s world of instant gratification means average attention spans of less than 8 seconds, and a whopping 4 seconds for website viewing. Infographics are a great solution for conveying solid content and winning the war for the few seconds of your audience’s attention.
Don't Kill Them With Powerpoint - How old school visual tools can engage your audience and energise your presentations?
Article by Tim Hamons,
Founder, Art of Awakening.
M3 ch12 discussionConnecting Eligible Immigrant Families to Heal.docxjeremylockett77
M3 ch12 discussion
Connecting Eligible Immigrant Families to Health Coverage
Instructions:
Read the report
Connecting Eligible Immigrant Families to Health Coverage and Care
.
Write a one page post offering solutions to the problem from the nurse's standpoint.
.
Loudres eats powdered doughnuts for breakfast and chocolate that sh.docxjeremylockett77
Loudres eats powdered doughnuts for breakfast and chocolate that she can get out of the vending machines before class. Between classes , she grabs some chips and a caffine drink for lunch. By the end of the day, she is exhauted and cannot study very long before she falls asleep for a few hours. Then, she stays up untils 2.A.M to finish her work and take care of things she could not do during the day. She feels that she has to eat sugary foods and caffeinated drinks to keep her schedule going and to fit in all her activities. What advice would you give her?
.
More Related Content
Similar to 1. yes the SmartArt tool is certainly an option that you can use t.docx
From insight to idea, to implementation.
Design Thinking helps us create value-driven innovation.
Lean UX secures success through testing and iterations.
These key ingredients make up a winning combination.
Lillian Ayla Ersoy, BEKK
Presented by Lea Synefakis-Pica for Analytics That Excite 2014
Even the most seasoned analyst can make very simple changes to a presentations to make a big impact. If everyone in your audience is catching up on email or sleep, chances are your presentation design and/or data charts are obscuring your valuable insights and hurting you rather than helping you. Lea can help you inspire action and build credibility with a fresh new toolbox of tips and techniques to set your presentations apart and get the results you’re looking for.
Letsgetstartaffiliate.com power point 51 important tips to create your busin...Business Secrets
Ready to Win. Professionally researched, planned and prepared so that you can effectively deliver the right message to your target audience. Designed correctly. With points that are illustrated and visually illustrated without overwhelming your audience or unnecessarily complicating your message....
Interest: None
What is product marketing in a tech company, is it even a real thing, what are the key challenges, how are things changing and what are key takeaways. The session will draw on my 20+ years product marketing experience working for telcos and technology companies in Ireland, UK and Silicon Valley. Session from Product Camp Dublin, June 2017
Social media marketing is a powerful way for businesses of all sizes to reach prospects and customers. Your customers are already interacting with brands through social media, and if you're not speaking directly to your audience through social platforms like Facebook, Twitter, Instagram, and Pinterest, you're missing out! Great marketing on social media can bring remarkable success to your business, creating devoted brand advocates and even driving leads and sales.
[CXL Live 16] How To Present Your Testing Results to Get Results by Lea PicaCXL
Are your executives and clients falling asleep during your testing presentations? Chances are your slide design and data visualizations are obscuring your valuable insights. With her special blend of neuroscience-based visualization principles, practical hands-on design techniques, and entertaining “tough love”, Lea will equip you with a fresh new toolbox that will get you and your data presentations remembered and acted upon.
How to create effective and relevant content online | impact image marketingImpact Image Marketing
Presentations are tools that can be used as demonstrations, lectures, speeches, reports, and more. It is mostly presented before an audience. It serves a variety of purposes, making presentations powerful tools for convincing and teaching.
5 Tips for Creating Infographics That Win the War for AttentionClearEdge Marketing
You all know the old adage: “A picture is worth a thousand words.” Today’s world of instant gratification means average attention spans of less than 8 seconds, and a whopping 4 seconds for website viewing. Infographics are a great solution for conveying solid content and winning the war for the few seconds of your audience’s attention.
Don't Kill Them With Powerpoint - How old school visual tools can engage your audience and energise your presentations?
Article by Tim Hamons,
Founder, Art of Awakening.
M3 ch12 discussionConnecting Eligible Immigrant Families to Heal.docxjeremylockett77
M3 ch12 discussion
Connecting Eligible Immigrant Families to Health Coverage
Instructions:
Read the report
Connecting Eligible Immigrant Families to Health Coverage and Care
.
Write a one page post offering solutions to the problem from the nurse's standpoint.
.
Loudres eats powdered doughnuts for breakfast and chocolate that sh.docxjeremylockett77
Loudres eats powdered doughnuts for breakfast and chocolate that she can get out of the vending machines before class. Between classes , she grabs some chips and a caffine drink for lunch. By the end of the day, she is exhauted and cannot study very long before she falls asleep for a few hours. Then, she stays up untils 2.A.M to finish her work and take care of things she could not do during the day. She feels that she has to eat sugary foods and caffeinated drinks to keep her schedule going and to fit in all her activities. What advice would you give her?
.
Lori Goler is the head of People at Facebook. Janelle Gal.docxjeremylockett77
Lori Goler is the head
of People at Facebook.
Janelle Gale is the head
of HR Business Partners
at Facebook. Adam Grant
is a professor at Wharton,
a Facebook consultant,
and the author of Originals
and Give and Take.
ZS
U
ZS
A
N
N
A
IL
IJ
IN
HBR.ORG
Let’s Not Kill
Performance
Evaluations Yet
Facebook’s experience shows
why they can still be valuable.
BY LORI GOLER, JANELLE GALE, AND ADAM GRANT
November 2016 Harvard Business Review 91
LET’S NOT KILL PERFORMANCE EVALUATIONS YET
tThe reality is, even when companies get rid of performance evaluations, ratings still exist. Employees just can’t see them. Ratings are done sub-jectively, behind the scenes, and without input from the people being evaluated.
Performance is the value of employees’ contribu-
tions to the organization over time. And that value
needs to be assessed in some way. Decisions about
pay and promotions have to be made. As research-
ers pointed out in a recent debate in Industrial and
Organizational Psychology, “Performance is always
rated in some manner.” If you don’t have formal
evaluations, the ratings will be hidden in a black box.
At Facebook we analyzed our performance man-
agement system a few years ago. We conducted fo-
cus groups and a follow-up survey with more than
300 people. The feedback was clear: 87% of people
wanted to keep performance ratings.
Yes, performance evaluations have costs—but
they have benefits, too. We decided to hang on
to them for three reasons: fairness, transparency,
and development.
Making Things Fair
We all want performance evaluations to be fair. That
isn’t always the outcome, but as more than 9,000
managers and employees reported in a global sur-
vey by CEB, not having evaluations is worse. Every
organization has people who are unhappy with their
bonuses or disappointed that they weren’t pro-
moted. But research has long shown that when the
process is fair, employees are more willing to accept
undesirable outcomes. A fair process exists when
evaluators are credible and motivated to get it right,
and employees have a voice. Without evaluations,
people are left in the dark about who is gauging their
contributions and how.
At Facebook, to mitigate bias and do things sys-
tematically, we start by having peers write evalua-
tions. They share them not just with managers but
also, in most cases, with one another—which reflects
the company’s core values of openness and transpar-
ency. Then decisions are made about performance:
Managers sit together and discuss their reports
face-to-face, defending and championing, debating
and deliberating, and incorporating peer feedback.
Here the goal is to minimize the “idiosyncratic rater
effect”—also known as personal opinion. People
aren’t unduly punished when individual managers
are hard graders or unfairly rewarded when they’re
easy graders.
Next managers write the performance reviews.
We have a team of analysts who examine evalua-
tions f.
Looking for someone to take these two documents- annotated bibliogra.docxjeremylockett77
Looking for someone to take these two documents- annotated bibliography and an issue review(outline)
to conduct an argumentative paper about WHY PEOPLE SHOULD GET THE COVID-19 VACCINE
Requirements:
Length: 4-6 pages (not including title page or references page)
1-inch margins
Double spaced
12-point Times New Roman font
Title page
References page
.
Lorryn Tardy – critique to my persuasive essayFor this assignm.docxjeremylockett77
Lorryn Tardy – critique to my persuasive essay
For this assignment I’ll be workshopping the work of Lisa Oll-Adikankwu. Lisa has chosen the topic of Assisted Suicide; she is against the practice and argues that it should be considered unethical and universally illegal.
Lisa appears to have a good understanding of the topic. Her sources are well researched and discuss a variety of key points from seemingly unbiased sources. Her sources are current, peer reviewed and based on statistical data.
Lisa’s summaries are well written, clear and concise. One thing I noticed is that the majority of her writing plan is summarized and cited at the end of each paragraph. I might suggest that she integrate more synthesis of the different sources, by combining evidence from more than one source per paragraph and using more in text citations or direct quotes to reinforce her key points.
I think that basic credentialing information could be provided for Lisa’s sources, this is something that looking back, I need to add as well. I think this could easily be done with just a simple “(Authors name, and their title, i.e. author, statistician, physician etc.…)”, when the source is introduced into the paper might provide a reinforced credibility of the source.
As far as connection of sources, as previously mentioned, I think that in order to illustrate a stronger argument, using multiple sources to reinforce a single key point would solidify Lisa’s argument. I feel that more evidence provided from a variety of different sources, will provide the reader with a stronger sense of credibility and less room for bias that could be argued if the point is only credited to one source.
One area that stuck out to me for counter argument, being that my paper is in favor of this issue, is in paragraph two where Lisa states that “physicians are not supposed to kill patients or help them kill themselves, and terminally ill patients are not in a position of making rational decisions about their lives.” I’d like to offer my argument for this particular statement. In states where assisted suicide (or as I prefer to refer to it, assisted dying) is legal, there are several criteria that a patient has to meet in order to be considered a candidate. These criteria include second, even third opinions to determine that death is imminent, as well psychological evaluation(s) and an extensive informed consent process that is a collaborative effort between the patient, the patient’s family, physicians, psychologists and nurses. It is a process that takes weeks to months. Patients that wish to be a candidate, should initiate the process as soon as they have been diagnosed by seeking a second opinion. As an emergency room nurse, I have been present for a substantial amount of diagnoses that are ‘likely’ terminal. Many of these patients presented to the emergency for a common ailment and have no indication that they don’t have the capacity to make such a decision. Receiving a terminal diagnos.
M450 Mission Command SystemGeneral forum instructions Answ.docxjeremylockett77
M450 Mission Command: System
General forum instructions: Answer the questions below and provide evidence to support your claims (See attached slides). Your answers should be derived primarily from course content. When citing sources, use APA style. Your initial posts should be approximately 150-500 words.
1. Describe and explain two of the Warfighting Functions.
2. How do commanders exercise the Command and Control System?
.
Lymphedema following breast cancer The importance of surgic.docxjeremylockett77
Lymphedema following breast cancer: The importance of
surgical methods and obesity
Rebecca J. Tsai, PhDa,*, Leslie K. Dennis, PhDa,b, Charles F. Lynch, MD, PhDa, Linda G.
Snetselaar, RD, PhD, LDa, Gideon K.D. Zamba, PhDc, and Carol Scott-Conner, MD, PhD,
MBAd
aDepartment of Epidemiology, College of Public Health, University of Iowa, Iowa City, IA, USA.
bDivision of Epidemiology and Biostatistics, College of Public Health, University of Arizona,
Tucson, AZ, USA.
cDepartment of Biostatistics, College of Public Health, University of Iowa, Iowa City, IA, USA.
dDepartment of Surgery, College of Medicine, University of Iowa, Iowa City, IA, USA.
Abstract
Background: Breast cancer-related arm lymphedema is a serious complication that can
adversely affect quality of life. Identifying risk factors that contribute to the development of
lymphedema is vital for identifying avenues for prevention. The aim of this study was to examine
the association between the development of arm lymphedema and both treatment and personal
(e.g., obesity) risk factors.
Methods: Women diagnosed with breast cancer in Iowa during 2004 and followed through 2010,
who met eligibility criteria, were asked to complete a short computer assisted telephone interview
about chronic conditions, arm activities, demographics, and lymphedema status. Lymphedema was
characterized by a reported physician-diagnosis, a difference between arms in the circumference
(> 2cm), or the presence of multiple self-reported arm symptoms (at least two of five major arm
symptoms, and at least four total arm symptoms). Relative risks (RR) were estimated using
logistic regression.
Results: Arm lymphedema was identified in 102 of 522 participants (19.5%). Participants treated
by both axillary dissection and radiation therapy were more likely to have arm lymphedema than
treated by either alone. Women with advanced cancer stage, positive nodes, and larger tumors
along with a body mass index > 40 were also more likely to develop lymphedema. Arm activity
level was not associated with lymphedema.
*Correspondence and Reprints to: Rebecca Tsai, National Institute for Occupational Safety and Health, 4676 Columbia Parkway,
R-17, Cincinnati, OH 45226. [email protected] Phone: (513)841-4398. Fax: (513) 841-4489.
Authorship contribution
All authors contributed to the conception, design, drafting, revision, and the final review of this manuscript.
Competing interest
Conflicts of Interest and Source of Funding: This study was funded by the National Cancer Institute Grant Number: 5R03CA130031.
All authors do not declare any conflict of interest.
All authors do not declare any conflict of interest.
HHS Public Access
Author manuscript
Front Womens Health. Author manuscript; available in PMC 2018 December 14.
Published in final edited form as:
Front Womens Health. 2018 June ; 3(2): .
A
u
th
o
r M
a
n
u
scrip
t
A
u
th
o
r M
a
n
u
scrip
t
A
u
th
o
r M
a
n
u
scrip
t
A
u
th
.
Love Beyond Wallshttpswww.lovebeyondwalls.orgProvid.docxjeremylockett77
Love Beyond Walls
https://www.
lovebeyondwalls
.org
Provide a brief background of your chosen nonprofit entity using evidence from their publications or any other published materials. Then evaluate the factors, which may include economic, political, historic, cultural, institutional conditions, and changes that contributed to the creation and growth (decline) of the nonprofit organization. Justify your response.
.
Longevity PresentationThe purpose of this assignment is to exami.docxjeremylockett77
Longevity Presentation
The purpose of this assignment is to examine societal norms regarding aging and to integrate the concepts of aging well and living well into an active aging framework that promotes longevity.
Using concepts from the Hooyman and Kiyak (2011) text and the Buettner (2012) book, consider the various perspectives on aging.
Identify the underlying values or assumptions that serve as the basis for longevity, including cultural, religious, and philosophical ideas.
Present an overview of three holistic aging theories.
Integrate the values, assumptions, and theories to indicate what is necessary for an active aging framework where individuals both live well and age well.
Presentations should be 10-15 minutes in length, use visual aids, and incorporate references from the course texts and 5 additional scholarly journal articles.
.
Look again at the CDCs Web page about ADHD.In 150-200 w.docxjeremylockett77
Look again at the
CDC's Web page about ADHD
.
In 150-200 words, please analyze the document’s purpose and audience. Who, for example, is the CDC's audience? What are the CDC's beliefs about ADHD, and how does the CDC's Web page relate itself to those beliefs? Why would the federal government post a Web page about ADHD? What role does the general public expect the government to play regarding disorders such as ADHD?
.
M8-22 ANALYTICS o TEAMS • ORGANIZATIONS • SKILLS .fÿy.docxjeremylockett77
M8-22 ANALYTICS o TEAMS • ORGANIZATIONS • SKILLS .fÿy' ÿ,oÿ ()V)g
The Strategy That Wouldn't Travel
by Michael C. Beer
It was 6:45 P.M. Karen Jimenez was reviewing the
notes on her team-based productMty project tbr
what seemed like the hundredth time. I31 two days,
she was scheduled to present a report to the senior
management group on the project's progress. She
wasn't at all sure what she was going to say.
The project was designed to improve productiv-
it3, and morale at each plant owned and operated by
Acme Minerals Extraction Company. Phase one--
implemented in early 1995 at the site in Wichita,
I(amsas--looked like a stunning, success by the mid-
dle of 1996. Productivity and mo[ÿale soared, and
operating and maintenance costs decreased signifi-
cantly. But four months ago, Jimenez tried to
duplicate the results at the project's second
target--the plant in Lubbock, Texas--and some-
thing went wrong. The techniques that had worked
so well in Wichita met with only moderate success
in Lubbock. ProductMty improved marginally and
costs went down a bit, but morale actually seemed
to deteriorate slightl): Jimenez was stumped,
approach to teamwork and change. As it turned
out, he had proved a good choice. Daniels was a
hands-on, high-energy, charismatic businessman
who seemed to enjoy media attention. Within his
first year as CEO, he had pretty much righted the
floundering company by selling oft:some unrelated
lines of business. He had also created the share-
services deparnnent--an internal consulting organ-
ization providing change management, reengineer-
ing, total quailB, management, and other
services--and had rapped Jimenez to head the
group. Her first priority Daniels told her, would be
to improve productiviB, and morale at the com-
pany's five extraction sites. None of them were
meeting their projections. And although Wichita
was the only site at which the labor-management
conflict was painfiflly apparent, Daniels and Jimenez
both thought that morale needed an all-around
boost. Hence the team-based productivity project.
She tried to "helicopter up" and think about
the problem in the broad context of the com-
pany's history. A few ),ears ago, Acme had been in
bad financial shape, but what had really brought
things to a head--and had led to her current
dilemma--was a labor relations problem. Acme
had a wide variety of labor requirements For its
operations. The company used highly sophisti-
cated technologB employing geologists, geophysi-
cists, and engineers on what was referred to as the
"brains" side of the business, as well as skilled and
semi-skilled labor on the "brawn" side to run the
extraction operations. And in the summer of
1994, brains and brawn clashed in an embarrass-
ingly public way. A number of engineers at the
Wichita plant locked several union workers out of
the offices in 100-degree heat. Although most
Acme employees now felt that the incident had
been blown out of propo,'tion by the press, .
Lombosoro theory.In week 4, you learned about the importance.docxjeremylockett77
Lombosoro theory.
In week 4, you learned about the importance of theory, the various theoretical perspectives and the ways in which theory help guide research in regards to crime and criminal behavior.
To put this assignment into context, I want you to think about how Lombroso thought one could identify a criminal. He said that criminals had similar facial features. If that was the case you would be able to look at someone and know if they were a criminal! Social theories infer that perhaps it is the social structures around us that encourage criminality. Look around your city- what structures do you think may match up to something you have learned about this week in terms of theory? These are just two small examples to put this assignment into context for you. The idea is to learn about the theories, then critically think about how can one "show" the theory without providing written explanation for their chosen image.
Directions: With the readings week 4 in mind, please do the following:
1. Choose a theoretical perspective (I.e., biological, psychological sociological)
2. Look through media images (this can be cartoons, magazines, newspapers, internet stories, etc...) and select 10 images that you think depict your chosen theory without written explanation.
3. Provide a one paragraph statement of your theory, what kinds of behavior it explains and how it is depicted through images. Be sure to use resources to support your answer.
4. You will copy and paste your images into a word document, along with your paragraph. You do not need to cite where you got your images, but you do need to cite any information you have in number 3.
Format Directions:
Typed, 12 point font, double spaced
APA format style (Cover page, in text citations and references)
.
Looking over the initial material on the definitions of philosophy i.docxjeremylockett77
Looking over the initial material on the definitions of philosophy in
the course content section, which definition (Aristotle, Novalis,
Wittgenstein) would you say gives you the best feel for philosophy? What
is it about the definition that interests you? do you find there to be any problems with the definition? what other questions do you have regarding the meaning of philosophy?
ARISTOTLE :
Definition 1: Philosophy begins with wonder. (Aristotle)
Our study of philosophy will begin with the ancient Greeks. This is not because the Greeks were necessarily the first to philosophize. They were the first to address philosophical questions in a systematic manner. Also, the bodies of works which survive from the Greeks is quite substantial so in studying philosophy we have a lot to go on if we start with the Greeks.
Philosophy is, in fact, a Greek word. Philo is one of the Greek words for love: in this case the friendship type of love. (What other words can you think of that have "philo" as a part?) Sophia, has a few different uses in Greek. Capitalized it is the name of a woman or a Goddess: wisdom. Philosophy, then, etymologically, (that is from its roots) means love of wisdom.
But what exactly is wisdom? Is it merely knowledge? Intelligence? If I know how to perform a given skill does this necessarily imply that I also have wisdom or am wise?
The word "wise" is not in fact a Greek word. Remember for the Greeks that's "Sophia". Wise is Indo-European and is related to words like "vision", "video", "Veda" (the Indian Holy scriptures). The root has something to do with seeing. Wisdom then has to do with applying our knowledge in a meaningful and practically beneficial way. Perhaps this is the reason why philosophy is associated with the aged. Aristotle believes that philosophy in fact is more suitably studied by the old rather than the young who are inclined to be controlled by the emotions. Do you think this is correct? Nevertheless, whether Aristotle is correct or not, typically the elderly are more likely to be wise as they have more experience of life: they have seen more and hopefully know how to respond correctly to various situations.
Philosophy is not merely confined to the old. Aristotle also says that philosophy begins with wonder and that all people desire to know. Children often are paradigm cases of wondering. Think about how children (perhaps a young sibling or a son or daughter, niece or nephew of your acquaintance) inquistively ask their parents "why" certain things are the case? If the child receives a satisfying answer, one that fits, she is satisfied. If not there is dissatisfaction and frustration. Children assume that their elders know more than they do and thus rely on them for the answers. Though there is a familiar cliche that ignorance is bliss, (perhaps what is meant by this is that ignorance of evil is bliss), Aristotle sees ignorance as painful, a wonder that I would rather fill with knowledge. After all wha.
Lucky Iron Fish
By: Ashley Snook
Professor Phillips
MGMT 350
Spring 2018
Table of Contents
Executive Summary
Introduction
Human Relations Theory
Communications Issues
Intercultural Relations
Ethics Issues
Conclusion
Works Cited
Executive Summary
The B-certified organization that I chose is Lucky Iron Fish Enterprise which is located in Guelph, Ontario Canada. The company distributes iron fish that are designed to solve iron deficiency and anemia for the two billion people who are affected worldwide.
The human relations model is comprised of McGregor’s Theory X and Theory Y, Maslow’s Hierarchy of Needs, and theories from Peters and Waterman. These factors focus on the organizational structure of the company as it relates to the executives, the staff, and the customers. The executives provide meaningful jobs for the staff which gives them high levels of job satisfaction. Together, they are able to provide a product that satisfies the thousands of customers they have already reached.
Communication in this company flows smoothly. They implement open communication, encourage participation, and have high levels of trust among employees. Each of their departments are interconnected through teamwork.
Their intercultural relations, although successful, require a significant amount of time. They need to emphasize to the high context cultures that they are willing to understand their culture and possibly adopt some aspects of it. Additionally, they face barriers such as language dissimilarity and lack of physical store locations.
Ethics remains a top priority for this organization. They have high ethical standards that are integrated into their operations. They make decisions that do the most good for the most people, they do not take into consideration financial or political influence, and they strive to protect the environment through their sustainability measures.
Every employee is dedicated to improving the lives of those who suffer from iron deficiency
and anemia. As their organization grows, they continue to impact thousands of lives around the world. They are on a mission to put “a fish in every pot” (Lucky Iron Fish).
Introduction
Lucky Iron Fish, located in Guelph Canada, is a company that is dedicated to ending worldwide iron deficiency and anemia. They do this by providing families with iron fish that release iron when heated in food or water. They sell this product in developed countries in order to support their business model of buy one give one. Each time an iron fish is purchased, one is donated to a family in a developing country. They designed their product to resemble the kantrop fish of Cambodia; in their culture this fish is a symbol of luck. Another focus of theirs is to remain sustainable, scalable, and impactful (Lucky Iron Fish). Each of their products is made from recycled material and their packaging is biodegradable. Their organization has a horizontal stru.
Lucky Iron FishBy Ashley SnookMGMT 350Spring 2018ht.docxjeremylockett77
Lucky Iron Fish
By: Ashley Snook
MGMT 350
Spring 2018
https://www.youtube.com/watch?v=G6Rx3wDqTuI
Table of Contents
Case Overview
Introduction
Human Relations
Communications
Intercultural Relations
Ethics
Conclusion
Works Cited
https://www.youtube.com/watch?v=iY0D-PIcgB4
Video ends at 1:45
2
Case Overview
Company located in Guleph, Ontario Canada
Mission is to end iron deficiency and anemia
A fish in every pot
Gavin Armstrong, Founder/CEO
Introduction
Idea originated in Cambodia
Distribute fish through buy one give one model
Sustainable, scalable, impactful
Human Relations
McGregor’s Theory X and Y
-X: employees focused solely on financial gain
-Y: strive to improve worldwide health
Maslow’s Hierarchy of Needs
-Affiliation: desire to be part of a unit, motivated by connections
-Self-esteem: recognition for positive impact
Peters and Waterman
-Close relations to the customer
-Simple form & lean staff
Communications
Time and Distance
-Make product easily and quickly accessible
Communication Culture
-Encourages active participation
Teamwork
-Each role complements the overall mission
Gavin Armstrong Kate Mercer Mark Halpren Melissa Saunders Ashley Leone
Founder & CEO VP Marketing Chief Financial Officer Logistics Specialist Dietician
Intercultural Relations
High/Low Context
-Targets high context cultures
Barriers
-Language dissimilarity
Overcoming Barriers
-Hire a translator
Ethics
Utilitarianism
-Targets countries where majority of people will benefit
Veil of Ignorance
-Not concerned with financial influence
Categorical Imperative
-Accept projects only if environmentally friendly
Conclusion
Buy one give one model
Expansion
Sustainability
Works Cited
Guffey, Mary. “Essentials of Business Communication.” Ohio: Erin Joyner. 2008. Print.
“Lucky Iron Fish.” Lucky Iron Fish. Accessed 30 May 2018. https://luckyironfish.com/
“Lucky Iron Fish Enterprise.” B Corporation.net. Accessed 30 May 2018. https://www.bcorporation.net/community/lucky-iron-fish-enterprise
Lucky Iron Fish. “Lucky Iron Fish: A Simple
Solution
for a global problem.” Youtube. 28 October 2014. Accessed 4 June 2018. https://www.youtube.com/watch?v=iY0D-PIcgB4
“Lucky little fish to fight iron deficiency among women in Cambodia.” Grand Challenges Canada. Accessed 6 June 2018. http://www.grandchallenges.ca/grantee-stars/0355-05-30/
Podder, Api. “Lucky Iron Fish Wins 2016 Big Innovation Award.” SocialNews.com. 5 February 2016. Accessed 4 June 2018. http://mysocialgoodnews.com/lucky-iron-fish-wins-2016-big-innovation-award/
Zaremba, Alan. “Organizational Communication.” New York: Oxford University Press Inc. 2010. Print.
Lucky Iron Fish
By: Ashley Snook
Professor Phillips
MGMT 350.
look for a article that talks about some type of police activity a.docxjeremylockett77
look for a article that talks about some type of police activity and create PowerPoint and base on the history describe
-What is the role of a police officer in society? (general statement )
-how are they viewed by society?
what is the role of the police in this case?
how it is seems by society?
Article
An unbelievable History of Rape
An 18-year-old said she was attacked at knifepoint. Then she said she made it up. That’s where our story begins.
by T. Christian Miller, ProPublica and Ken Armstrong, The Marshall Project December 16, 2015
https://www.propublica.org/article/false-rape-accusations-an-unbelievable-story
.
Look at the Code of Ethics for at least two professional agencies, .docxjeremylockett77
Look at the Code of Ethics for at least two professional agencies, federal agencies, or laws that would apply to Health IT professionals. In two pages (not including the reference list), compare and contrast these standards. How much overlap did you find? Is one reference more specific than the other? Does one likely fit a broader audience, etc... Would you add anything to either of these documents?
.
Locate an example for 5 of the 12 following types of communica.docxjeremylockett77
Locate
an example for 5 of the 12 following types of communication genres:
Business card
Resume/CV
Rules and regulations
Policy handbook
Policy manual
Policy guide
Policy or departmental memorandum
Public policy report
Government grant
Government proposal
Departmental brochure or recruitment materials
Governmental agency social media (Twitter, Facebook, etc...)
Write
a 1,050- to 1,400-word paper in which you refer to your examples for each of the above listed communication genres. Be sure to address the following in your paper:
How does the purpose of the communication relate to the particular communication genre? In what ways does the genre help readers grasp information quickly and effectively? In what way is the genre similar or different than the other genres you chose?
What role has technology played in the development of the genre? How is it similar or different than the other genres you chose?
How does the use of these conventions promote understanding for the intended audience of the communication? How is it similar or different than the other genres you chose?
Is the communication intended for external or internal distribution? Describe ethical and privacy considerations used for determining an appropriate method of distribution. How is it similar or different than the other genres you chose?
Cite
at least three academic sources in your paper.
Format
your paper consistent with APA guidelines.
.
Locate and read the other teams’ group project reports (located .docxjeremylockett77
Locate and read the other teams’ group project reports (located in Doc Sharing).
Provide some comments for two reports in terms of what you think they did right, what you learned from these reports, as well as what else they could have done.
In addition, read the comments that other students made about your team’s report and respond to at least one of them.
Review ATTACHMENTS!!!!
.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
Operation “Blue Star” is the only event in the history of Independent India where the state went into war with its own people. Even after about 40 years it is not clear if it was culmination of states anger over people of the region, a political game of power or start of dictatorial chapter in the democratic setup.
The people of Punjab felt alienated from main stream due to denial of their just demands during a long democratic struggle since independence. As it happen all over the word, it led to militant struggle with great loss of lives of military, police and civilian personnel. Killing of Indira Gandhi and massacre of innocent Sikhs in Delhi and other India cities was also associated with this movement.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
Welcome to TechSoup New Member Orientation and Q&A (May 2024).pdfTechSoup
In this webinar you will learn how your organization can access TechSoup's wide variety of product discount and donation programs. From hardware to software, we'll give you a tour of the tools available to help your nonprofit with productivity, collaboration, financial management, donor tracking, security, and more.
1. yes the SmartArt tool is certainly an option that you can use t.docx
1. 1. yes the SmartArt tool is certainly an option that you can use
to your advantage. Be advised that customizing SmartArt can be
a challenge for the new PowerPoint user. Did you find that the
graphic diagrams worked well initially or required some
additional modifications?
2. Great post! I also utilized the Smartart/ Wordart feature on
powerpoint. It helped my slogan pop out of my presentation
and gave the audience something to remember about my
product. I agree, it helps make the presentation visually
appealing which is an important aspect to all professional
presentations, especially those targeted to an audience. It
captures attention which should be given to the important points
which wont be done if the information is presented in plain text.
Although,I do think too much WordArt can make the
presentation look tacky, so on that note, I like to keep it for the
most important factors!
3. i think its very important to make sure that there is a flow in
you presentation. that it must look appealing and catch the
readers attention. To much going on in a slide will not
deliver your message in a professional way. when i didn't my
presentation, i believe in the term "less is more". Even though i
did put images, shapes,colors, etc. i made sure to blend them
well enough to look presentable and still believer the message.
4. Powerpoint is an important tool when it comes to making a
presentation to captivate your audience. Personally, I would say
an essential for a professional layout would be to keep pictures
on one side of the slide and words on the other. This option can
be found under the "Slides" option and you can select the slide
2. that offers two columns of information except one. In one
column there would be a picture and in the other there would be
words. For example, I used the technique in my Unit 2
assignment. I had my product picture on one side and a
description of it on the side. In that manner, I was able to
showcase my product and its features without there being
too many pictures and words crowded on screen. This kept
everything organized so if someone were to come across it,
there would know what its for and what its about.
Another tool I use is Word Art for slogans that are
important to the product or service I am showcasing to an
audience. That keeps that attend to what the product is and
about; also it keeps the audience engaged on your presentation
and gives them something catchy to leave with. I utilized this
tool in my assignment as well to make the slogan of my product
pop.
5. I think the most essential and proffesional layout for
Microsoft PowerPoint is the use of pictures and smart art. It
catches the viewers attention and keeps them interested while
listening to the presentation and also looking at the pictures of
what the presentation is based on. The presentation may be
boring but by using pictures and smart art it keeps the audience
interested and connected to the slideshow. Yes I used pictures
in my unit 2 PowerPoint assignment just to keep the viewer
intereted and show them an example of the topic I was working
on.
6. When it comes to a professional layout, in my opinion, there
is no better tool than the theme feature under the design
tab. Incorporating a theme for your overall presentation allows
you to maintain a nearly flawless design flow for each
slide. Furthermore, the design ideas icon all the way to the right
under the design tab simplifies this process even further by
making suggestions for different slide layouts of the same
3. theme. I routinely use these features in my presentations,
including in my Unit 2 assignment, and always find that my
presentations turn out much better because of them.
7. I think that choosing a design that is not too distracting and
simple can go a long way. A color scheme can also play a huge
role in professional presentations. I don't feel as
though something too flashy or with too many transitions can be
considered professional. But at the same time, it does all depend
on the audience of the presentation as well. If it is for a toy
company they might want more color and transitions, but if you
are doing a staff meeting brief for a pharmaceutical company
more neutral coloring and to the point transitions might be more
appropriate.
8. I believe that the ability to add graphs, images, and videos to
a PowerPoint presentation is essential to have an outstanding
professional presentation. Think about it if you didn't the ability
to add images onto your slides, the presentation would be very
plain and the audience would not know what to connect your
idea with. For example, adding images to your presentation can
help illustrate the point you are trying to address. I have learned
in the past that images can make a big difference when
addressing a topic to an audience, it really grasps their
attention. Even graphs that follow a more-is-more rule can be
useful to show the status of statistics at a business presentation
Yes, I used images on my PowerPoint Assignment so
that it provides an idea of the creation I promoting for sale.
Images can also make your PowerPoint more appealing to the
eye of the audience. I have included animations and transitions
in specific timescales to emphasize what information to
remember as I was introducing the product. I also used a
feature, that I wasn't very comfortable using, which was a black
& white image as a background to draw attention to the text
4. while still showcasing my product on the background. It turned
out to work out the way I needed it to. The image was very
subtle due to the lack of colors, and it allowed the text to really
pop out!
9. To do a professional Microsoft PowerPoint, you have to use
the essential tools. So, your PowerPoint can be less busy, neat,
organize, and legible. For example, you have to make sure you
are keeping it short and simple, limited bullet points, tests,
transitions, and builds. Also, having a visual theme, but avoid
using powerpoint templets so that you can have a unique
powerpoint. If you have to use charts and tables, use the
appropriate charts and tables that flow with the facts and figures
of your PowerPoint. Also, you have to make sure you're using
the proper color scheme, and font size and color, and only use
audio when it is appropriate. When I was doing my unit 2
promotional PowerPoint Assignment, I felt I did a decent job.
However, I felt that my presentation was pretty basic because I
did not use any wow factors. However, I did choose the correct
font, font size, color scheme, animations, and transitions.
INFORMATION
GOVERNANCE
5. Founded in 1807, John Wiley & Sons is the oldest independent
publishing company in
the United States. With offi ces in North America, Europe,
Asia, and Australia, Wiley
is globally committed to developing and marketing print and
electronic products and
services for our customers’ professional and personal
knowledge and understanding.
The Wiley CIO series provides information, tools, and insights
to IT executives
and managers. The products in this series cover a wide range of
topics that supply
strategic and implementation guidance on the latest technology
trends, leadership, and
emerging best practices.
Titles in the Wiley CIO series include:
The Agile Architecture Revolution: How Cloud Computing,
REST-Based SOA, and
Mobile Computing Are Changing Enterprise IT by Jason
BloombergT
Big Data, Big Analytics: Emerging Business Intelligence and
Analytic Trends for Today’s
Businesses by Michael Minelli, Michele Chambers, and Ambiga
Dhiraj
The Chief Information Offi cer’s Body of Knowledge: People,
Process, and Technology by
Dean Lane
6. CIO Best Practices: Enabling Strategic Value with Information
Technology (Second
Edition) by Joe Stenzel, Randy Betancourt, Gary Cokins, Alyssa
Farrell, Bill
Flemming, Michael H. Hugos, Jonathan Hujsak, and Karl
Schubert
The CIO Playbook: Strategies and Best Practices for IT Leaders
to Deliver Value by
Nicholas R. Colisto
Enterprise Performance Management Done Right: An Operating
System for Your
Organization by Ron Dimon
Executive’s Guide to Virtual Worlds: How Avatars Are
Transforming Your Business and
Your Brand by Lonnie Bensond
IT Leadership Manual: Roadmap to Becoming a Trusted
Business Partner by Alan R. r
Guibord
Managing Electronic Records: Methods, Best Practices, and
Technologies by Robert F. s
Smallwood
On Top of the Cloud: How CIOs Leverage New Technologies to
Drive Change and Build
Value Across the Enterprise by Hunter Muller
Straight to the Top: CIO Leadership in a Mobile, Social, and
Cloud-based World (Second
Edition) by Gregory S. Smith
Strategic IT: Best Practices for Managers and Executives by
9. where appropriate. Neither the publisher nor
author shall be liable for any loss of profi t or any other
commercial damages, including but not limited to
special, incidental, consequential, or other damages.
For general information on our other products and services or
for technical support, please contact our
Customer Care Department within the United States at (800)
762-2974, outside the United States at (317)
572-3993 or fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and
by print-on-demand. Some material included
with standard print versions of this book may not be included in
e-books or in print-on-demand. If this book
refers to media such as a CD or DVD that is not included in the
version you purchased, you may download this
material at http://booksupport.wiley.com. For more information
about Wiley products, visit www.wiley.com.
Library of Congress Cataloging-in-Publication Data:
Smallwood, Robert F., 1959-
Information governance : concepts, strategies, and best
practices / Robert F. Smallwood.
pages cm. — (Wiley CIO series)
ISBN 978-1-118-21830-3 (cloth); ISBN 978-1-118-41949-6
(ebk); ISBN 978-1-118-42101-7 (ebk)
1. Information technology—Management. 2. Management
information systems. 3. Electronic
records—Management. I. Title.
HD30.2.S617 2014
658.4’038—dc23
10. 2013045072
Printed in the United States of America
10 9 8 7 6 5 4 3 2 1
http://www.copyright.com
http://www.wiley.com/go/permissions
http://booksupport.wiley.com
http://www.wiley.com
For my sons
and the next generation of tech-savvy managers
vii
CONTENTS
PREFACE xv
ACKNOWLEDGMENTS xvii
PA RT O N E — Information Governance Concepts,
Defi nitions, and Principles 1p
C H A P T E R 1 The Onslaught of Big Data and the
Information Governance
Imperative 3
Defi ning Information Governance 5
11. IG Is Not a Project, But an Ongoing Program 7
Why IG Is Good Business 7
Failures in Information Governance 8
Form IG Policies, Then Apply Technology for Enforcement 10
Notes 12
C H A P T E R 2 Information Governance, IT Governance, Data
Governance: What’s the Difference? 15
Data Governance 15
IT Governance 17
Information Governance 20
Impact of a Successful IG Program 20
Summing Up the Differences 21
Notes 22
C H A P T E R 3 Information Governance Principles 25
Accountability Is Key 27
Generally Accepted Recordkeeping Principles® 27
Contributed by Charmaine Brooks, CRM
Assessment and Improvement Roadmap 34
Who Should Determine IG Policies? 35
12. Notes 38
PA RT T W O — Information Governance Risk Assessment
and Strategic Planning 41g g
C H A P T E R 4 Information Risk Planning and Management
43
Step 1: Survey and Determine Legal and Regulatory
Applicability
and Requirements 43
viii CONTENTS
Step 2: Specify IG Requirements to Achieve Compliance 46
Step 3: Create a Risk Profi le 46
Step 4: Perform Risk Analysis and Assessment 48
Step 5: Develop an Information Risk Mitigation Plan 49
Step 6: Develop Metrics and Measure Results 50
Step 7: Execute Your Risk Mitigation Plan 50
Step 8: Audit the Information Risk Mitigation Program 51
Notes 51
C H A P T E R 5 Strategic Planning and Best Practices for
Information Governance 53
13. Crucial Executive Sponsor Role 54
Evolving Role of the Executive Sponsor 55
Building Your IG Team 56
Assigning IG Team Roles and Responsibilities 56
Align Your IG Plan with Organizational Strategic Plans 57
Survey and Evaluate External Factors 58
Formulating the IG Strategic Plan 65
Notes 69
C H A P T E R 6 Information Governance Policy Development
71
A Brief Review of Generally Accepted Recordkeeping
Principles® 71
IG Reference Model 72
Best Practices Considerations 75
Standards Considerations 76
Benefi ts and Risks of Standards 76
Key Standards Relevant to IG Efforts 77
Major National and Regional ERM Standards 81
Making Your Best Practices and Standards Selections to Inform
Your IG Framework 87
14. Roles and Responsibilities 88
Program Communications and Training 89
Program Controls, Monitoring, Auditing and Enforcement 89
Notes 91
PA RT T H R E E — Information Governance Key
Impact Areas Based on the IG Reference Model 95p
C H A P T E R 7 Business Considerations for a Successful IG
Program 97
By Barclay T. Blair
Changing Information Environment 97
CONTENTS ix
Calculating Information Costs 99
Big Data Opportunities and Challenges 100
Full Cost Accounting for Information 101
Calculating the Cost of Owning Unstructured Information 102
The Path to Information Value 105
Challenging the Culture 107
New Information Models 107
15. Future State: What Will the IG-Enabled Organization Look
Like? 110
Moving Forward 111
Notes 113
C H A P T E R 8 Information Governance and Legal Functions
115
By Robert Smallwood with Randy Kahn, Esq., and Barry
Murphy
Introduction to e-Discovery: The Revised 2006 Federal Rules of
Civil Procedure Changed Everything 115
Big Data Impact 117
More Details on the Revised FRCP Rules 117
Landmark E-Discovery Case: Zubulake v. UBS Warburg 119
E-Discovery Techniques 119
E-Discovery Reference Model 119
The Intersection of IG and E-Discovery 122
By Barry Murphy
Building on Legal Hold Programs to Launch Defensible
Disposition 125
By Barry Murphy
Destructive Retention of E-Mail 126
16. Newer Technologies That Can Assist in E-Discovery 126
Defensible Disposal: The Only Real Way To Manage Terabytes
and Petabytes 130
By Randy Kahn, Esq.
Retention Policies and Schedules 137
By Robert Smallwood, edited by Paula Lederman, MLS
Notes 144
C H A P T E R 9 Information Governance and Records and
Information Management Functions 147
Records Management Business Rationale 149
Why Is Records Management So Challenging? 150
Benefi ts of Electronic Records Management 152
Additional Intangible Benefi ts 153
Inventorying E-Records 154
Generally Accepted Recordkeeping Principles® 155
E-Records Inventory Challenges 155
x CONTENTS
Records Inventory Purposes 156
Records Inventorying Steps 157
17. Ensuring Adoption and Compliance of RM Policy 168
General Principles of a Retention Scheduling 169
Developing a Records Retention Schedule 170
Why Are Retention Schedules Needed? 171
What Records Do You Have to Schedule? Inventory and Classifi
cation 173
Rationale for Records Groupings 174
Records Series Identifi cation and Classifi cation 174
Retention of E-Mail Records 175
How Long Should You Keep Old E-Mails? 176
Destructive Retention of E-Mail 177
Legal Requirements and Compliance Research 178
Event-Based Retention Scheduling for Disposition of E-Records
179
Prerequisites for Event-Based Disposition 180
Final Disposition and Closure Criteria 181
Retaining Transitory Records 182
Implementation of the Retention Schedule and Disposal of
Records 182
Ongoing Maintenance of the Retention Schedule 183
18. Audit to Manage Compliance with the Retention Schedule 183
Notes 186
C H A P T E R 10 Information Governance and Information
Technology Functions 189
Data Governance 191
Steps to Governing Data Effectively 192
Data Governance Framework 193
Information Management 194
IT Governance 196
IG Best Practices for Database Security and Compliance 202
Tying It All Together 204
Notes 205
C H A P T E R 11 Information Governance and Privacy and
Security Functions 207
Cyberattacks Proliferate 207
Insider Threat: Malicious or Not 208
Privacy Laws 210
Defense in Depth 212
Controlling Access Using Identity Access Management 212
19. Enforcing IG: Protect Files with Rules and Permissions 213
CONTENTS xi
Challenge of Securing Confi dential E-Documents 213
Apply Better Technology for Better Enforcement in the
Extended Enterprise 215
E-Mail Encryption 217
Secure Communications Using Record-Free E-Mail 217
Digital Signatures 218
Document Encryption 219
Data Loss Prevention (DLP) Technology 220
Missing Piece: Information Rights Management (IRM) 222
Embedded Protection 226
Hybrid Approach: Combining DLP and IRM Technologies 227
Securing Trade Secrets after Layoffs and Terminations 228
Persistently Protecting Blueprints and CAD Documents 228
Securing Internal Price Lists 229
Approaches for Securing Data Once It Leaves the Organization
230
20. Document Labeling 231
Document Analytics 232
Confi dential Stream Messaging 233
Notes 236
PA RT F O U R — Information Governance for
Delivery Platforms 239y
C H A P T E R 12 Information Governance for E-Mail and
Instant Messaging 241
Employees Regularly Expose Organizations to E-Mail Risk 242
E-Mail Polices Should Be Realistic and Technology Agnostic
243
E-Record Retention: Fundamentally a Legal Issue 243
Preserve E-Mail Integrity and Admissibility with Automatic
Archiving 244
Instant Messaging 247
Best Practices for Business IM Use 247
Technology to Monitor IM 249
Tips for Safer IM 249
Notes 251
C H A P T E R 13 Information Governance for Social Media
21. 253
By Patricia Franks, Ph.D, CRM, and Robert Smallwood
Types of Social Media in Web 2.0 253
Additional Social Media Categories 255
Social Media in the Enterprise 256
Key Ways Social Media Is Different from E-Mail and Instant
Messaging 257
Biggest Risks of Social Media 257
Legal Risks of Social Media Posts 259
xii CONTENTS
Tools to Archive Social Media 261
IG Considerations for Social Media 262
Key Social Media Policy Guidelines 263
Records Management and Litigation Considerations for Social
Media 264
Emerging Best Practices for Managing Social Media Records
267
Notes 269
C H A P T E R 14 Information Governance for Mobile Devices
22. 271
Current Trends in Mobile Computing 273
Security Risks of Mobile Computing 274
Securing Mobile Data 274
Mobile Device Management 275
IG for Mobile Computing 276
Building Security into Mobile Applications 277
Best Practices to Secure Mobile Applications 280
Developing Mobile Device Policies 281
Notes 283
C H A P T E R 15 Information Governance for Cloud
Computing 285
By Monica Crocker CRM, PMP, CIP, and Robert Smallwood
Defi ning Cloud Computing 286
Key Characteristics of Cloud Computing 287
What Cloud Computing Really Means 288
Cloud Deployment Models 289
Security Threats with Cloud Computing 290
Benefi ts of the Cloud 298
23. Managing Documents and Records in the Cloud 299
IG Guidelines for Cloud Computing
Solution
s 300
Notes 301
C H A P T E R 16 SharePoint Information Governance 303
By Monica Crocker, CRM, PMP, CIP, edited by Robert
Smallwood
Process Change, People Change 304
Where to Begin the Planning Process 306
Policy Considerations 310
Roles and Responsibilities 311
Establish Processes 312
24. Training Plan 313
Communication Plan 313
Note 314
CONTENTS xiii
PA RT F I V E — Long-Term Program Issues 315g g
C H A P T E R 17 Long-Term Digital Preservation 317
By Charles M. Dollar and Lori J. Ashley
Defi ning Long-Term Digital Preservation 317
Key Factors in Long-Term Digital Preservation 318
Threats to Preserving Records 320
Digital Preservation Standards 321
25. PREMIS Preservation Metadata Standard 328
Recommended Open Standard Technology-Neutral Formats 329
Digital Preservation Requirements 333
Long-Term Digital Preservation Capability Maturity Model®
334
Scope of the Capability Maturity Model 336
Digital Preservation Capability Performance Metrics 341
Digital Preservation Strategies and Techniques 341
Evolving Marketplace 344
Looking Forward 344
Notes 346
C H A P T E R 18 Maintaining an Information Governance
Program
and Culture of Compliance 349
26. Monitoring and Accountability 349
Staffi ng Continuity Plan 350
Continuous Process Improvement 351
Why Continuous Improvement Is Needed 351
Notes 353
A P P E N D I X A Information Organization and Classifi
cation:
Taxonomies and Metadata 355
By Barb Blackburn, CRM, with Robert Smallwood; edited by
Seth Earley
Importance of Navigation and Classifi cation 357
When Is a New Taxonomy Needed? 358
Taxonomies Improve Search Results 358
Metadata and Taxonomy 359
27. Metadata Governance, Standards, and Strategies 360
Types of Metadata 362
Core Metadata Issues 363
International Metadata Standards and Guidance 364
Records Grouping Rationale 368
Business Classifi cation Scheme, File Plans, and Taxonomy 368
Classifi cation and Taxonomy 369
xiv CONTENTS
Prebuilt versus Custom Taxonomies 370
Thesaurus Use in Taxonomies 371
Taxonomy Types 371
Business Process Analysis 377
28. Taxonomy Testing: A Necessary Step 379
Taxonomy Maintenance 380
Social Tagging and Folksonomies 381
Notes 383
A P P E N D I X B Laws and Major Regulations Related to
Records Management 385
United States 385
Canada 387
By Ken Chasse, J.D., LL.M.
United Kingdom 389
Australia 391
Notes 394
A P P E N D I X C Laws and Major Regulations
Related to Privacy 397
29. United States 397
Major Privacy Laws Worldwide, by Country 398
Notes 400
GLOSSARY 401
ABOUT THE AUTHOR 417
ABOUT THE MAJOR CONTRIBUTORS 419
INDEX 421
xv
PREFACE
I
nformation governance (IG) has emerged as a key concern for
business executives
and managers in today’s environment of Big Data, increasing
30. information risks, co-
lossal leaks, and greater compliance and legal demands. But few
seem to have a clear
understanding of what IG is; that is, how you defi ne what it is
and is not, and how to
implement it. This book clarifi es and codifi es these defi
nitions and provides key in-
sights as to how to implement and gain value from IG programs.
Based on exhaustive
research, and with the contributions of a number of industry
pioneers and experts, this
book lays out IG as a complete discipline in and of itself for the
fi rst time.
IG is a super-discipline that includes components of several
key fi elds: law, records
management, information technology (IT), risk management,
privacy and security,
and business operations. This unique blend calls for a new breed
of information pro-
fessional who is competent across these established and quite
complex fi elds. Training
and education are key to IG success, and this book provides the
essential underpinning
31. for organizations to train a new generation of IG professionals.
Those who are practicing professionals in the component fi
elds of IG will fi nd
the book useful in expanding their knowledge from traditional fi
elds to the emerging
tenets of IG. Attorneys, records and compliance managers, risk
managers, IT manag-
ers, and security and privacy professionals will fi nd this book a
particularly valuable
resource.
The book strives to offer clear IG concepts, actionable
strategies, and proven best
practices in an understandable and digestible way; a concerted
effort was made to
simplify language and to offer examples. There are summaries
of key points through-
out and at the end of each chapter to help the reader retain
major points. The text
is organized into fi ve parts: (1) Information Governance
Concepts, Defi nitions, and
Principles; (2) IG Risk Assessment and Strategic Planning; (3)
IG Key Impact Areas;
(4) IG for Delivery Platforms; and (5) Long-Term Program
32. Issues. Also included are
appendices with detailed information on taxonomy and metadata
design and on re-
cords management and privacy legislation.
One thing that is sure is that the complex fi eld of IG is
evolving. It will continue
to change and solidify. But help is here: No other book offers
the kind of compre-
hensive coverage of IG contained within these pages.
Leveraging the critical advice
provided here will smooth your path to understanding and
implementing successful
IG programs.
Robert F. Smallwood
xvii
ACKNOWLEDGMENTS
33. I
would like to sincerely thank my colleagues for their support
and generous contribu-
tion of their expertise and time, which made this pioneering text
possible.
Many thanks to Lori Ashley, Barb Blackburn, Barclay Blair,
Charmaine Brooks,
Ken Chasse, Monica Crocker, Charles M. Dollar, Seth Earley,
Dr. Patricia Franks,
Randy Kahn, Paula Lederman, and Barry Murphy.
I am truly honored to include their work and owe them a great
debt of gratitude.
PA RT O N E
Information
Governance
Concepts,
Defi nitions, and
34. Principles
3
The Onslaught
of Big Data and
the Information
Governance Imperative
C H A P T E R 1
T
he value of information in business is rising, and business
leaders are more and
more viewing the ability to govern, manage, and harvest
information as critical
to success. Raw data is now being increasingly viewed as an
asset that can be
leveraged, just like fi nancial or human capital.1 Some have
called this new age of “Big
35. Data” the “industrial revolution of data.”
According to the research group Gartner, Inc., Big Data is defi
ned as “high-volume,
high-velocity and high-variety information assets that demand
cost-effective, inno-
vative forms of information processing for enhanced insight and
decision making.” 2
A practical defi nition should also include the idea that the
amount of data—both struc-
tured (in databases) and unstructured (e.g., e-mail, scanned
documents) is so mas-
sive that it cannot be processed using today’s database tools and
analytic software
techniques. 3
In today’s information overload era of Big Data—characterized
by massive growth
in business data volumes and velocity—the ability to distill key
insights from enor-
mous amounts of data is a major business differentiator and
source of sustainable com-
petitive advantage. In fact, a recent report by the World
Economic Forum stated that
data is a new asset class and personal data is “the new oil.” 4
36. And we are generating more
than we can manage effectively with current methods and tools.
The Big Data numbers are overwhelming: Estimates and
projections vary, but it
has been stated that 90 percent of the data existing worldwide
today was created in the
last two years 5 and that every two days more information is
generated than was from
the dawn of civilization until 2003. 6 This trend will
continue: The global market for
Big Data technology and services is projected to grow at a
compound annual rate of
27 percent through 2017, about six times faster than the general
information and com-
munications technology (ICT) market. 7
Many more comparisons and statistics are available, and all
demonstrate the
incredible and continued growth of data.
Certainly, there are new and emerging opportunities arising
from the accu-
mulation and analysis of all that data we are busy generating
and collecting. New
37. enterprises are springing up to capitalize on data mining and
business intelligence
opportunities. The U.S. federal government joined in,
announcing $200 million in
Big Data research programs in 2012.8
4 INFORMATION GOVERNANCE
Big Data values massive accumulation of data, whereas in
business, e-discovery
realities and potential legal liabilities dictate that data be culled
to only that
which has clear business value.
But established organizations, especially larger ones, are being
crushed by this
onslaught of Big Data: It is just too expensive to keep all the
information that is being
generated, and unneeded information is a sort of irrelevant
sludge for decision makers
to wade through. They have diffi culty knowing which
information is an accurate and
meaningful “wheat” and which is simply irrelevant “chaff.”
38. This means they do not
have the precise information they need to base good business
decisions upon.
And all that Big Data piling up has real costs: The burden of
massive stores of
information has increased storage management costs
dramatically, caused overloaded
systems to fail, and increased legal discovery costs. 9 Further,
the longer that data is
kept, the more likely that it will need to be migrated to newer
computing platforms,
driving up conversion costs; and legally, there is the risk that
somewhere in that
mountain of data an organization stores is a piece of
information that represents a
signifi cant legal liability.10
This is where the worlds of Big Data and business collide . For
Big Data proponents,
more data is always better, and there is no perceived downside
to accumulation of mas-
sive amounts of data. In the business world, though, the
realities of legal e-discovery
mean the opposite is true. 11 To reduce risk, liability, and
39. costs, it is critical for unneeded
information to be disposed of in a systematic, methodical, and
“legally defensible” (jus-
tifi able in legal proceedings) way, when it no longer has legal,
regulatory, or business
value. And there also is the high-value benefi t of basing
decisions on better, cleaner
data, which can come about only through rigid, enforced
information governance
(IG) policies that reduce information glut.
Organizations are struggling to reduce and right-size their
information footprint
by discarding superfl uous and redundant data, e-documents,
and information. But the
critical issue is devising policies, methods, and processes and
then deploying information technol-
ogy (IT) to sort through which information is valuable and
which no longer has business value
and can be discarded.
IT, IG, risk, compliance, and legal representatives in
organizations have a clear
sense that most of the information stored is unneeded, raises
costs, and poses risks.
40. According to a survey taken at a recent Compliance,
Governance and Oversight
Counsel summit, respondents estimated that approximately 25
percent of information
stored in organizations has real business value, while 5 percent
must be kept as busi-
ness records and about 1 percent is retained due to a litigation
hold. “This means that
The onslaught of Big Data necessitates that information
governance (IG) be
implemented to discard unneeded data in a legally defensible
way.
THE ONSLAUGHT OF BIG DATA AND THE INFORMATION
GOVERNANCE IMPERATIVE 5
[about] 69 percent of information in most companies has no
business, legal, or regulatory value.
Companies that are able to dispose of this data debris return
more profi t to sharehold-
ers, can leverage more of their IT budgets for strategic
investments, and can avoid
41. excess expense in legal and regulatory response” (emphasis
added). 12
With a smaller information footprint , organizations can more
easily fi nd what they tt
need and derive business value from it.13 They must eliminate
the data debris regularly
and consistently, and to do this, processes and systems must be
in place to cull valuable
information and discard the data debris daily. An IG program
sets the framework to
accomplish this.
The business environment has also underscored the need for
IG. According to
Ted Friedman at Gartner, “The recent global fi nancial crisis
has put information gov-
ernance in the spotlight. . . . [It] is a priority of IT and business
leaders as a result of
various pressures, including regulatory compliance mandates
and the urgent need for
improved decision-making.” 14
And IG mastery is critical for executives: Gartner predicts that
by 2016, one in fi ve chief
42. information offi cers in regulated industries will be fi red from
their jobs for failed IG initiatives. s 15
Defi ning Information Governance
IG is a sort of super discipline that has emerged as a result of
new and tightened legislation
governing businesses, external threats such as hacking and data
breaches, and the recog-
nition that multiple overlapping disciplines were needed to
address today’s information
management challenges in an increasingly regulated and
litigated business environment.16
IG is a subset of corporate governance, and includes key
concepts from re-
cords management, content management, IT and data
governance, information se-
curity, data privacy, risk management, litigation readiness,
regulatory compliance,
long-term digital preservation , and even business intelligence.
This also means
that it includes related technology and discipline subcategories,
such as document
management, enterprise search, knowledge management, and
43. business continuity/
disaster recovery.
Only about one quarter of information organizations are
managing has real
business value.
With a smaller information footprint, it is easier for
organizations to fi nd the
information they need and derive business value from it.
IG is a subset of corporate governance.
6 INFORMATION GOVERNANCE
IG is a sort of superdiscipline that encompasses a variety
of key concepts from
a variety of related disciplines.
Practicing good IG is the essential foundation for building
legally defensible
disposition practices to discard unneeded information and to
secure confi dential in-
44. formation, which may include trade secrets, strategic plans,
price lists, blueprints, or
personally identifi able information (PII) subject to privacy
laws; it provides the basis
for consistent, reliable methods for managing data, e-
documents, and records.
Having trusted and reliable records, reports, data, and databases
enables managers
to make key decisions with confi dence.17 And accessing that
information and business
intelligence in a timely fashion can yield a long-term
sustainable competitive advan-
tage, creating more agile enterprises.
To do this, organizations must standardize and systematize
their handling of in-
formation. They must analyze and optimize how information is
accessed, controlled,
managed, shared, stored, preserved, and audited. They must
have complete, current,
and relevant policies, processes, and technologies to manage
and control information,
including who is able to access what information , and when,
to meet external legal
45. and regulatory demands and internal governance policy
requirements. In short, IG is
about information control and compliance.
IG is a subset of corporate governance, which has been around
as long as corpora-
tions have existed. IG is a rather new multidisciplinary fi eld
that is still being defi ned,
but has gained traction increasingly over the past decade. The
focus on IG comes not
only from compliance, legal, and records management
functionaries but also from ex-
ecutives who understand they are accountable for the
governance of information and
that theft or erosion of information assets has real costs and
consequences.
“Information governance” is an all-encompassing term for how
an organization
manages the totality of its information.
According to the Association of Records Managers and
Administrators
(ARMA), IG is “a strategic framework composed of standards,
processes, roles, and
46. metrics that hold organizations and individuals accountable to
create, organize, secure,
maintain, use, and dispose of information in ways that align
with and contribute to the
organization’s goals.”18
IG includes the set of policies, processes, and controls to
manage information in compliance
with external regulatory requirements and internal governance
frameworks . Specifi c policiess
apply to specifi c data and document types, records series, and
other business informa-
tion, such as e-mail and reports.
Stated differently, IG is “a quality-control discipline for
managing, using, improv-
ing, and protecting information.” 19
Practicing good IG is the essential foundation for building
legally defensible
disposition practices to discard unneeded information.
THE ONSLAUGHT OF BIG DATA AND THE INFORMATION
47. GOVERNANCE IMPERATIVE 7
IG is “a strategic framework composed of standards,
processes, roles, and
metrics, that hold organizations and individuals accountable to
create, orga-
nize, secure, maintain, use, and dispose of information in ways
that align with
and contribute to the organization’s goals.” 20
Fleshing out the defi nition further: “Information governance is
policy-based man-
agement of information designed to lower costs, reduce risk,
and ensure compliance
with legal, regulatory standards, and/or corporate
governance.”21 IG necessarily in-
corporates not just policies but information technologies to
audit and enforce those
policies. The IG team must be cognizant of information
lifecycle issues and be able
to apply the proper retention and disposition policies, including
digital preservation
where records need to be maintained for long periods.
IG Is Not a Project, But an Ongoing Program
48. IG is an ongoing program , not a one-time project. IG provides
an umbrella to manage
and control information output and communications. Since
technologies change so
quickly, it is necessary to have overarching policies that can
manage the various IT
platforms that an organization may use.
Compare it to a workplace safety program; every time a new
location, team member,
piece of equipment, or toxic substance is acquired by the
organization, the workplace
safety program should dictate how that is handled. If it does
not, the workplace safety
policies/procedures/training that are part of the workplace
safety program need to be
updated. Regular reviews are conducted to ensure the program
is being followed and ad-
justments are made based on the fi ndings. The effort never
ends. s 22 The same is true for IG.
IG is not only a tactical program to meet regulatory,
compliance, and litigation
demands. It can be strategic , in that it is the necessary
49. underpinning for developing a c
management strategy that maximizes knowledge worker
productivity while minimiz-
ing risk and costs.
Why IG Is Good Business
IG is a tough sell. It can be diffi cult to make the business case
for IG, unless there has been
some major compliance sanction, fi ne, legal loss, or colossal
data breach. In fact, the largest
IG is how an organization maintains security, complies
with regulations, and
meets ethical standards when managing information.
IG is a multidisciplinary program that requires an ongoing
effort.
8 INFORMATION GOVERNANCE
impediment to IG adoption is simply identifying its benefi ts
and costs, according to the Economist
50. Intelligence Unit. Sure, the enterprise needs better control over
its information, but how
much better? At what cost? What is the payback period and the
return on investment? 23
It is challenging to make the business case for IG, yet making
that case is funda-
mental to getting IG efforts off the ground.
Here are eight reasons why IG makes good business sense, from
IG thought
leader Barclay Blair:
1. We can’t keep everything forever. IG makes sense
because it enables organiza-
tions to get rid of unnecessary information in a defensible
manner. Organi-
zations need a sensible way to dispose of information in order
to reduce the
cost and complexity of the IT environment. Having unnecessary
informa-
tion around only makes it more diffi cult and expensive to
harness informa-
tion that has value.
51. 2. We can’t throw everything away. IG makes sense because
organizations can’t
keep everything forever, nor can they throw everything away.
We need
information—the right information, in the right place, at the
right time.
Only IG provides the framework to make good decisions about
what infor-
mation to keep.
3. E-discovery. IG makes sense because it reduces the cost
and pain of discov-
ery. Proactively managing information reduces the volume of
information
exposed to e-discovery and simplifi es the task of fi nding and
producing
responsive information.
4. Your employees are screaming for it—just listen. IG
makes sense because it
helps knowledge workers separate “signal” from “noise” in their
informa-
tion fl ows. By helping organizations focus on the most valuable
informa-
tion, IG improves information delivery and improves
52. productivity.
5. It ain’t gonna get any easier. IG makes sense because
it is a proven way for
organizations to respond to new laws and technologies that
create new re-
quirements and challenges. The problem of IG will not get
easier over
time, so organizations should get started now.
6. The courts will come looking for IG. IG makes sense
because courts and regu-
lators will closely examine your IG program. Falling short can
lead to fi nes,
sanctions, loss of cases, and other outcomes that have negative
business and
fi nancial consequences.
7. Manage risk: IG is a big one. Organizations need to do
a better job of identi-
fying and managing risk. The risk of information management
failures is a
critical risk that IG helps to mitigate.
8. E-mail: Reason enough. IG makes sense because it helps
53. organizations take con-
trol of e-mail. Solving e-mail should be a top priority for every
organization. 24
Failures in Information Governance
The failure to implement and enforce IG can lead to
vulnerabilities that can have dire
consequences. The theft of confi dential U.S. National Security
Agency documents
THE ONSLAUGHT OF BIG DATA AND THE INFORMATION
GOVERNANCE IMPERATIVE 9
by Edward Snowden in 2013 could have been prevented by
properly enforced IG.
Also, Ford Motor Company is reported to have suffered a loss
estimated at $50 to
$100 million as a result of the theft of confi dential documents
by one of its own em-
ployees. A former product engineer who had access to
thousands of trade secret docu-
ments and designs sold them to a competing Chinese car
54. manufacturer. A strong IG
program would have controlled and tracked access and
prevented the theft while pro-
tecting valuable intellectual property. 25
Law enforcement agencies have also suffered from poor IG. In
a rather frivolous
case in 2013 that highlighted the lack of policy enforcement for
the mobile environ-
ment, it was reported that U.S. agents from the Federal Bureau
of Investigation used
government-issued mobile phones to send explicit text messages
and nude photographs
to coworkers. The incidents did not have a serious impact but
did compromise the
agency and its integrity, and “adversely affected the daily
activities of several squads.” 26
Proper mobile communications policies were obviously not
developed and enforced.
IG is also about information security and privacy, and serious
thought must be
given when creating policies to safeguard personal, classifi ed
or confi dential informa-
tion. Schemes to compromise or steal information can be quite
55. deceptive and devious,
masked by standard operating procedures—if proper IG controls
and monitoring are
not in place. To wit: Granting remote access to confi dential
information assets for
key personnel is common. Granting medical leave is also
common. But a deceptive
and dishonest employee could feign a medical leave while
downloading volumes of
confi dential information assets for a competitor—and that is
exactly what happened at
Accenture, a global consulting fi rm. During a fraudulent
medical leave, an employee
was allowed access to Accenture’s Knowledge Exchange (KX),
a detailed knowledge
base containing previous proposals, expert reports, cost-
estimating guidelines, and
case studies. This activity could have been prevented by
monitoring and analytics that
would have shown an inordinate amount of downloads—
especially for an “ailing” em-
ployee. The employee then went to work for a direct competitor
and continued to
download the confi dential information from Accenture,
estimated to be as many as
56. 1,000 critical documents. While the online access to KX was
secure, the use of the
electronic documents could have been restricted even after the
documents were down-r
loaded, if IG measures were in place and newer technologies
(such as information
rights management [IRM] software) were deployed to secure
them directly and main-
tain that security remotely. With IRM, software security
protections can be employed
to seal the e-documents and control their use—even after they
leave the organization.
More details on IRM technology and its capabilities is presented
later in this book.
Other recent high-profi le data and document leakage cases
revealing information
security weaknesses that could have been prevented by a robust
IG program include:
■ Huawei Technologies, the largest networking and mobile
communications
company in China, was sued by U.S.-based Motorola for
allegedly conspiring
to steal trade secrets through former Motorola employees.
57. Ford’s loss from stolen documents in a single case of
intellectual property (IP)
theft was estimated at $50 to $100 million.
10 INFORMATION GOVERNANCE
■ MI6, the U.K. equivalent of the U.S. Central Intelligence
Agency, learned that
one of its agents in military intelligence attempted to sell confi
dential docu-
ments to the intelligence services of the Netherlands for £2
million GBP
($3 million USD).
And breaches of personal information revealing failures in
privacy protection
abound; here are just a few:
■ Health information of 1,600 cardiology patients at Texas
Children’s Hospital
was compromised when a doctor’s laptop was stolen. The
information includ-
58. ed personal and demographic information about the patients,
including their
names, dates of birth, diagnoses, and treatment histories. 27
■ U.K. medics lost the personal records of nearly 12,000
National Health Service
patients in just eight months. Also, a hospital worker was
suspended after it was
discovered he had sent a fi le containing pay-slip details for
every member of
staff to his home e-mail account. 28
■ Personal information about more than 600 patients of the
Fraser Health
Authority in British Columbia, Canada, was stored on a laptop
stolen from
Burnaby General Hospital.
■ In December 2013, Target stores in the U.S. reported that
as many as 110 million
customer records had been breached in a massive attack that
lasted weeks.
The list of breaches and IG failures could go on and on, more
than fi lling the
59. pages of this book. It is clear that it is occurring and that it will
continue. IG controls to
safeguard confi dential information assets and protect privacy
cannot rely solely on the trustwor-
thiness of employees and basic security measures. Up-to-date
IG policies and enforcement
efforts and newer technology sets are needed, with active,
consistent monitoring and
program adjustments to continue to improve.
Executives and senior managers can no longer avoid the issue,
as it is abundantly
clear that the threat is real and the costs of taking such
avoidable risks can be high. A
single security breach is an IG failure and can cost the entire
business. According to
Debra Logan of Gartner, “When organizations suffer high-profi
le data losses, espe-
cially involving violations of the privacy of citizens or
consumers, they suffer serious
reputational damage and often incur fi nes or other sanctions. IT
leaders will have to
take at least part of the blame for these incidents.” 29
Form IG Policies, Then Apply Technology for Enforcement
60. Typically, some policies governing the use and control of
information and records
may have been established for fi nancial and compliance
reports, and perhaps e-mail,
but they are often incomplete and out-of-date and have not been
adjusted for changes
in the business environment, such as new technology platforms
(e.g., Web 2.0, social
IG controls to safeguard confi dential information assets
and protect privacy can-
not rely solely on the trustworthiness of employees and basic
security measures.
THE ONSLAUGHT OF BIG DATA AND THE INFORMATION
GOVERNANCE IMPERATIVE 11
media), changing laws (e.g., U.S. Federal Rules of Civil
Procedure 2006 changes), and
additional regulations.
Further adding to the challenge is the rapid proliferation of
61. mobile devices like
tablets, phablets, and smartphones used in business—
information can be more easily
lost or stolen—so IG efforts must be made to preserve and
protect the enterprise’s
information assets.
Proper IG requires that policies are fl exible enough not to
hinder the proper fl ow
of information in the heat of the business battle yet strict
enough to control and audit
for misuse, policy violations, or security breaches. This is a
continuous iterative policy-
making process that must be monitored and fi ne-tuned. Even
with the absolute best
efforts, some policies will miss the mark and need to be
reviewed and adjusted.
Getting started with IG awareness is the crucial fi rst step. It
may have popped up on an
executive’s radar at one point or another and an effort might
have been made, but many
organizations leave these policies on the shelf and do not revise
them on a regular basis.
62. IG is the necessary underpinning for a legally defensible
disposition program that
discards data debris and helps narrow the search for meaningful
information on which
to base business decisions. IG is also necessary to protect and
preserve critical infor-
mation assets. An IG strategy should aim to minimize exposure
to risk, at a reasonable
cost level, while maximizing productivity and improving the
quality of information
delivered to knowledge users.
But a reactive, tactical project approach is not the way to go
about it—haphazardly t
swatting at technological, legal, and regulatory fl ies. A
proactive, strategic program,
with a clear, accountable sponsor, an ongoing plan, and regular
review process, is the
only way to continuously adjust IG policies to keep them
current so that they best
serve the organization’s needs.
Some organizations have created formal governance bodies to
establish strat-
egies, policies, and procedures surrounding the distribution of
63. information inside
and outside the enterprise. These governance bodies, steering
committees, or teams
should include members from many different functional areas,
since proper IG ne-
cessitates input from a variety of stakeholders. Representatives
from IT, records man-
agement, corporate or agency archiving, risk management,
compliance, operations,
human resources, security, legal, fi nance, and perhaps
knowledge management are
typically a part of IG teams. Often these efforts are jump-started
and organized by
an executive sponsor who utilizes third-party consulting
resources that specialize in
IG efforts, especially considering the newness of IG and its
emerging best practices.
So in this era of ever-growing Big Data, leveraging IG policies
to focus on re-
taining the information that has real business value, while
discarding the majority of
information that has no value and carries associated increased
costs and risks, is criti-
cal to success for modern enterprises. This must be
64. accomplished in a systematic,
consistent, and legally defensible manner by implementing a
formal IG program.
Other crucial elements of an IG program are the steps taken to
secure confi dential
information by enforcing and monitoring policies using the
appropriate information
technologies.
Getting started with IG awareness is the crucial fi rst step.
12 INFORMATION GOVERNANCE
CHAPTER SUMMARY: KEY POINTS
■ The onslaught of Big Data necessitates that IG be
implemented to discard
unneeded data in a legally defensible way.
■ Big Data values massive accumulation of data, whereas in
business, e-discovery
realities and potential legal liabilities dictate that data be culled
to only that
65. which has clear business value.
■ Only about one quarter of the information organizations are
managing has
real business value.
■ With a smaller information footprint, it is easier for
organizations to fi nd the
information they need and derive business value from it.
■ IG is a subset of corporate governance and encompasses the
policies and
leveraged technologies meant to manage what corporate
information is re-
tained, where, and for how long, and also how it is retained.
■ IG is a sort of super discipline that encompasses a variety
of key concepts
from a variety of related and overlapping disciplines.
■ Practicing good IG is the essential foundation for building
legally defensible
disposition practices to discard unneeded information.
■ According to ARMA, IG is “a strategic framework
66. composed of standards,
processes, roles, and metrics that hold organizations and
individuals account-
able to create, organize, secure, maintain, use, and dispose of
information in
ways that align with and contribute to the organization’s goals.”
30
■ IG is how an organization maintains security, complies with
regulations and
laws, and meets ethical standards when managing information.
■ IG is a multidisciplinary program that requires an ongoing
effort and active
participation of a broad cross-section of functional groups and
stakeholders.
■ IG controls to safeguard confi dential information assets
and protect privacy
cannot rely solely on the trustworthiness of employees and basic
security
measures.
■ Getting started with IG awareness is the crucial fi rst step.
67. Notes
1. The Economist, “Data, Data Everywhere,” February 25,
2010, www.economist.com/node/15557443
2. Gartner, Inc., “IT Glossary: Big Data,”
www.gartner.com/it-glossary/big-data/ (accessed April 15,
2013).
3. Webopedia, “Big Data,”
www.webopedia.com/TERM/B/big_data.html (accessed April
15, 2013).
http://www.economist.com/node/15557443
http://www.gartner.com/it-glossary/big-data/
http://www.webopedia.com/TERM/B/big_data.html
THE ONSLAUGHT OF BIG DATA AND THE INFORMATION
GOVERNANCE IMPERATIVE 13
4. World Economic Forum, “Personal Data:The Emergence of
a New Asset Class”(January 2011), http://
www3.weforum.org/docs/WEF_ITTC_PersonalDataNewAsset_R
eport_2011.pdf
5. Deidra Paknad, “Defensible Disposal: You Can’t Keep All
68. Your Data Forever,” July 17, 2012, www
.forbes.com/sites/ciocentral/2012/07/17/defensible-disposal-
you-cant-keep-all-your-data-forever/
6. Susan Karlin, “Earth’s Nervous System: Looking at
Humanity Through Big Data,” www.fastcocreate
.com/1681986/earth-s-nervous-system-looking-at-humanity-
through-big-data#1(accessed March 5,
2013).
7. IDC Press Release, December 18, ,2013,
http://www.idc.com/getdoc.jsp?containerId=prUS24542113
New IDC Worldwide Big Data Technology and Services
Forecast Shows Market Expected to Grow to
$32.4 Billion in 2017
8. Steve Lohr, “How Big Data Became So Big,” New York
Times, August 11, 2012, www.nytimes.
com/2012/08/12/business/how-big-data-became-so-big-
unboxed.html?_r=2&smid=tw-share&
9. Kahn Consulting, “Information Governance Brief,”
sponsored by IBM, www.delve.us/downloads/
Brief-Defensible-Disposal.pdf (accessed March 4, 2013).
69. 10. Barclay T. Blair, “Girding for Battle,” Law Technology
News, October 1, 2012, www.law.com/jsp/lawtech-
nologynews/PubArticleLTN.jsp?id=1202572459732&thepage=1
11. Ibid.
12. Paknad, “Defensible Disposal.”
13. Randolph A. Kahn,
https://twitter.com/InfoParkingLot/status/273791612172259329,
November 28, 2012.
14. Gartner Press Release, “Gartner Says Master Data
Management Is Critical to Achieving Effective
Information Governance,”
www.gartner.com/newsroom/id/1898914, January 19, 2012
15. Ibid.
16. Monica Crocker, e-mail to author, June 21, 2012.
17. Economist Intelligence Unit, “The Future of Information
Governance,” www.emc.com/leadership/
business-view/future-information-governance.htm (accessed
November 14, 2013).
18. ARMA International, Glossary of Records and Information
Management Terms , 4th ed., 2012, TR 22–2012.s
19. Arvind Krishna, “Three Steps to Trusting Your Data in
2011,” IT Business Edge , posted March 9, 2011,
70. www.itbusinessedge.com/guest-opinions/three-steps-trusting-
your-data-2011 . (accessed November
14, 2013).
20. ARMA International, Glossary of Records and Information
Management Terms , 4th ed., 2012, TR 22–2012.s
21. Laura DuBoisand Vivian Tero, “Practical Information
Governance: Balancing Cost, Risk, and Pro-
ductivity,” IDC White Paper (August 2010),
www.emc.com/collateral/analyst-reports/idc-practical-
information-governance-ar.pdf
22. Monica Crocker, e-mail to author, June 21, 2012.
23. Barclay T. Blair, Making the Case for Information
Governance: Ten Reasons IG Makes Sense , ViaLumina
Ltd, 2010. Online at http://barclaytblair.com/making-the-case-
for-ig-ebook/ (accessed November 14,
2013).
24. Barclay T. Blair, “8 Reasons Why Information Governance
(IG) Makes Sense,” June 29, 2009, www.
digitallandfi ll.org/2009/06/8-reasons-why-information-
71. governance-ig-makes-sense.html
25. Peter Abatan, “Corporate and Industrial Espionage to Rise
in 2011,” Enterprise Digital Rights Man-
agement,
http://enterprisedrm.tumblr.com/post/2742811887/corporate-
espionage-to-rise-in-2011 .
(accessed November 14, 2013).
26. BBC News, “FBI Staff Disciplined for Sex Texts and Nude
Pictures,” February 22, 2013, www.bbc.
co.uk/news/world-us-canada-21546135
27. Todd Ackerman, “Laptop Theft Puts Texas Children’s
Patient Info at Risk,” Houston Chronicle , July 30, 2009, e
www.chron.com/news/houston-texas/article/Laptop-theft-puts-
Texas-Children-s-patient-info-1589473.
php . (accessed March 2, 2012).
28. Jonny Greatrex, “Bungling West Midlands Medics Lose
12,000 Private Patient Records,” Sunday Mer-
cury, September 5, 2010,
www.sundaymercury.net/news/sundaymercuryexclusives/2010/0
9/05/bun-
gling-west-midlands-medics-lose-12–000-private-patient-
72. records-66331–27203177/ (accessed March
2, 2012).
29. Gartner Press Release, “Gartner Says Master Data
Management Is Critical to Achieving Effective
Information Governance.”
30. ARMA International, Glossary of Records and Information
Management Terms. s
http://www3.weforum.org/docs/WEF_ITTC_PersonalDataNewA
sset_Report_2011.pdf
http://www3.weforum.org/docs/WEF_ITTC_PersonalDataNewA
sset_Report_2011.pdf
http://www.fastcocreate.com/1681986/earth-s-nervous-system-
looking-at-humanity-through-big-data#1
http://www.idc.com/getdoc.jsp?containerId=prUS24542113
http://www.nytimes.com/2012/08/12/business/how-big-data-
became-so-big-unboxed.html?_r=2&smid=tw-share&
http://www.delve.us/downloads/Brief-Defensible-Disposal.pdf
http://www.law.com/jsp/lawtech-
nologynews/PubArticleLTN.jsp?id=1202572459732&thepage=1
http://www.law.com/jsp/lawtech-
nologynews/PubArticleLTN.jsp?id=1202572459732&thepage=1
http://www.law.com/jsp/lawtech-
75. Information
Governance,
IT Governance, Data
Governance: What’s
the Difference?
C H A P T E R 2
T
here has been a great deal of confusion around the term
information gover-
nance (IG) and how it is distinct from other similar industry
terms, such as
information technology (IT) governance and data governance .
They are all
a subset of corporate governance, and in the above sequence,
become increasingly
more granular in their approach. Data governance is a part of
broader IT governance,
which is also a part of even broader information governance.
The few texts that exist
have compounded the confusion by offering a limited defi nition
of IG, or sometimes
76. offering a defi nition of IG that is just plain incorrect , often
confusing it with simple datat
governance.
So in this chapter we spell out the differences and include
examples in hopes of
clarifying what the meaning of each term is and how they are
related.
Data Governance
Data governance involves processes and controls to ensure that
information at the data
level—raw alphanumeric characters that the organization is
gathering and inputting—
is true and accurate, and unique (not redundant). It involves
data cleansing ( or data
scrubbing) to strip out corrupted, inaccurate, or extraneous data
and gg de-duplication,
to eliminate redundant occurrences of data.
Data governance focuses on information quality from the
ground up at the lowest
or root level, so that subsequent reports, analyses, and
conclusions are based on clean,
77. reliable, trusted data (or records) in database tables. Data
governance is the most rudi-
mentary level at which to implement information governance.
Data governance efforts
seek to ensure that formal management controls—systems,
processes, and accountable
employees who are stewards and custodians of the data—are
implemented to govern
critical data assets to improve data quality and to avoid negative
downstream effects of
poor data. The biggest negative consequence of poor or
inaccurate data is poorly and
inaccurately based decisions.
16 INFORMATION GOVERNANCE
Data governance is a newer, hybrid quality control discipline
that includes
elements of data quality, data management, IG policy
development, business process
improvement, and compliance and risk management.
Data Governance Strategy Tips
78. Everyone in an organization wants good-quality data to work
with. But it is not so
easy to implement a data governance program. First of all, data
is at such a low level
that executives and board members are typically unaware of the
details of the “smoky
back room” of data collection: cleansing, normalization, and
input. So it is diffi cult to
gain an executive sponsor and funding to initiate the effort. 1
And if a data governance
program does move forward, there are challenges in getting
business users to adhere
to new policies. This is a crucial point, since much of the data
is being generated by
business units. But there are some general guidelines that can
help improve a data
governance program’s chances for success:
■ Identify a measureable impact. A data governance program
must be able to dem-
onstrate business value, or it will not get the executive
sponsorship and funding
it needs to move forward. A readiness assessment should
capture the current
79. state of data quality and whether an enterprise or business unit
level effort
is warranted. Other key issues include: Can the organization
save hard costs
by implementing data governance? Can it reach more customers
or increase
revenue generated from existing customers?2
■ Assign accountability for data quality to business units, not
IT. Typically, IT has had
responsibility for data quality, yet it is mostly not under that
department’s con-
trol, since most of the data is being generated in the business
units. A pointed
effort must be made to push responsibility and ownership for
data to the busi-
ness units that create and use the data.
■ Recognize the uniqueness of data as an asset. Unlike other
assets, such as people,
factories, equipment, and even cash, data is largely unseen, out
of sight, and
intangible. It changes daily. It spreads throughout business
units. It is copied
and deleted. Data growth can spiral out of control, obscuring
80. the data that has
true business value. So data has to be treated differently, and its
unique qualities
must be considered.
■ Forget the past; implement a going-forward strategy. It is a
signifi cantly greater
task to try to improve data governance across the enterprise for
existing data.
Remember, you may be trying to fi x decades of bad behavior,
mismanagement,
and lack of governance. Taking an incremental approach with an
eye to the
future provides for a clean starting point and can substantially
reduce the pain
required to implement. A proven best practice is to implement a
from-this-
point-on strategy where new data governance policies for
handling data are
implemented beginning on a certain date.
Data governance uses techniques like data cleansing and de-
duplication to
improve data quality and reduce redundancies.
81. INFORMATION GOVERNANCE, IT GOVERNANCE, DATA
GOVERNANCE 17
Good data governance ensures that downstream negative
effects of poor data
are avoided and that subsequent reports, analyses, and
conclusions are based
on reliable, trusted data.
■ Manage the change. Educate, educate, educate. People must
be trained to under-
stand why the data governance program is being implemented
and how it will
benefi t the business. The new policies represent a cultural
change, and people
need supportive program messages and training in order to make
the shift. 3
IT Governance
IT governance is the primary way that stakeholders can ensure
that investments in IT create
business value and contribute toward meeting business
82. objectives.4 This strategic align-
ment of IT with the business is challenging yet essential. IT
governance programs
go further and aim to “improve IT performance, deliver
optimum business value and
ensure regulatory compliance.” 5
Although the CIO typically has line responsibility for
implementing IT gover-
nance, the CEO and board of directors must receive reports and
updates to discharge
their responsibilities for IT governance and to see that the
program is functioning well
and providing business benefi ts.
Typically, in past decades, board members did not get involved
in overseeing IT
governance. But today it is a critical and unavoidable
responsibility. According to the
IT Governance Institute’s Board Briefi ng on IT Governance ,
“IT governance is the re-
sponsibility of the board of directors and executive
management. It is an integral part
of enterprise governance and consists of the leadership and
organizational structures
83. and processes that ensure that the organization’s IT sustains and
extends the organiza-
tion’s strategies and objectives.” 6
The focus is on the actual software development and
maintenance activities of the
IT department or function, and IT governance efforts focus on
making IT effi cient
and effective. That means minimizing costs by following proven
software develop-
ment methodologies and best practices, principles of data
governance and information
quality, and project management best practices while aligning
IT efforts with the busi-
ness objectives of the organization.
IT Governance Frameworks
Several IT governance frameworks can be used as a guide to
implementing an IT
governance program. (They are introduced in this chapter in a
cursory way; detailed
discussions of them are best suited to books focused solely on
IT governance.)
84. IT governance seeks to align business objectives with IT
strategy to deliver
business value.
18 INFORMATION GOVERNANCE
Although frameworks and guidance like CobiT® and ITIL
have been widely
adopted, there is no absolute standard IT governance
framework; the combination
that works best for an organization depends on business factors,
corporate culture, IT
maturity, and staffi ng capability. The level of implementation
of these frameworks will
also vary by organization.
CobiT®
CobiT (Control Objectives for Information and related
Technology) is a process-T
based IT governance framework that represents a consensus of
experts worldwide.
Codeveloped by the IT Governance Institute and ISACA
(previously known as the
85. Information Systems Audit and Control Association), CobiT
addresses business
risks, control requirements, compliance, and technical issues. 7
CobiT offers IT controls that:
■ Cut IT risks while gaining business value from IT under an
umbrella of a glob-
ally accepted framework.
■ Assist in meeting regulatory compliance requirements.
■ Utilize a structured approach for improved reporting and
management deci-
sion making.
■ Provide solutions to control assessments and project
implementations to im-
prove IT and information asset control. 8
CobiT consists of detailed descriptions of processes required in
IT and also tools
to measure progress toward maturity of the IT governance
program. It is industry
agnostic and can be applied across all vertical industry sectors,
86. and it continues to be
revised and refi ned. 9
CobiT is broken out into three basic organizational levels and
their responsibili-
ties: (1) board of directors and executive management; (2) IT
and business manage-
ment; and (3) line-level governance, and security and control
knowledge workers. 10
The CobiT model draws on the traditional “plan, build, run,
monitor” paradigm of
traditional IT management, only with variations in semantics.
The CobiT framework
is divided into four IT domains—(1) plan and organize, (2)
acquire and implement, (3)
deliver and support, and (4) monitor and evaluate—which
contain 34 IT processes and
210 control objectives. Specifi c goals and metrics are assigned,
and responsibilities and
accountabilities are delineated.
The CobiT framework maps to the international information
security standard,
ISO 17799, and is also compatible with IT Infrastructure
87. Library (ITIL) and other y
“accepted practices” in IT development and operations.11
ValIT®
ValIT is a newer value-oriented framework that is compatible
with and complemen-
tary to CobiT. Its principles and best practices focus is on
leveraging IT investments
to gain maximum value. Forty key ValIT essential management
practices (analogous to
CobiT’s control objectives) support three main processes: value
governance, portfolio
management, and investment management. ValIT and CobiT
“provide a full frame-
work and supporting tool set” to help managers develop policies
to manage business
risks and deliver business value while addressing technical
issues and meeting control
objectives in a structured, methodic way. 12
INFORMATION GOVERNANCE, IT GOVERNANCE, DATA
GOVERNANCE 19
88. ITIL
ITIL (Information Technology Infrastructure Library) is a set
of process-oriented
best practices and guidance originally developed in the United
Kingdom to standard-
ize delivery of IT service management. ITIL is applicable to
both the private and
public sectors and is the “most widely accepted approach to IT
service management
in the world.”13 As with other IT governance frameworks,
ITIL provides essential
guidance for delivering business value through IT, and it
“provides guidance to or-
ganizations on how to use IT as a tool to facilitate
business change, transformation
and growth.”14
ITIL best practices form the foundation for ISO/IEC 20000
(previously BS15000),
the International Service Management Standard for
organizational certifi cation and
compliance. 15 ITIL 2011 is the latest revision (as of this
printing), and it consists of fi ve
core published volumes that map the IT service cycle in a
systematic way:
89. 1. ITIL Service Strategy
2. ITIL Service Design
3. ITIL Service Transition
4. ITIL Service Operation
5. ITIL Continual Service Improvement 16
ISO 38500
ISO/IEC 38500:2008 is an international standard that provides
high-level principles
and guidance for senior executives and directors, and those
advising them, for the
effective and effi cient use of IT. 17 Based primarily on AS
8015, the Australian IT gov-
ernance standard, it “applies to the governance of management
processes” that are
performed at the IT service level, but the guidance assists
executives in monitoring IT
and ethically discharging their duties with respect to legal and
regulatory compliance
of IT activities.
The ISO 38500 standard comprises three main sections:
1. Scope, Application and Objectives
90. 2. Framework for Good Corporate Governance of IT
3. Guidance for Corporate Governance of IT
CobiT is process-oriented and has been widely adopted as an
IT governance
framework. ValIT is value-oriented and compatible and
complementary with
CobiT, yet focuses on value delivery.
ITIL is the “most widely accepted approach to IT service
management in the
world.”
20 INFORMATION GOVERNANCE
It is largely derived from AS 8015, the guiding principles of
which were:
■ Establish responsibilities
■ Plan to best support the organization
■ Acquire validly
■ Ensure performance when required
■ Ensure conformance with rules
91. ■ Ensure respect for human factors
The standard also has relationships with other major ISO
standards, and embraces
the same methods and approaches. 18
Information Governance
Corporate governance is the highest level of governance in an
organization, and a
key aspect of it is IG. IG processes are higher level than the
details of IT governance
and much higher than data governance, but both data and IT
governance can be (and
should be) a part of an overall IG program. The IG approach to
governance focuses
not on detailed IT or data capture and quality processes but
rather on controlling the
information that is generated by IT and offi ce systems. d
IG efforts seek to manage and control information assets to
lower risk, ensure com-
pliance with regulations, and improve information quality and
accessibility while imple-
menting information security measures to protect and preserve
92. information that has busi-
ness value.19 (See Chapter 1 for more detailed defi nitions.)
Impact of a Successful IG Program
When making the business case for IG and articulating its
benefi ts, it is useful to focus
on its central impact. Putting cost-benefi t numbers to this may
be diffi cult, unless you
ISO 38500 is an international standard that provides high-
level principles and
guidance for senior executives and directors responsible for IT
governance.
IG is how an organization maintains security, complies with
regulations and
laws, and meets ethical standards when managing information.
INFORMATION GOVERNANCE, IT GOVERNANCE, DATA
GOVERNANCE 21
also consider the worst-case scenario of loss or misuse of
93. corporate or agency records.
What is losing the next big lawsuit worth? How much are confi
dential merger and
acquisition documents worth? How much are customer records
worth? Frequently,
executives and managers do not understand the value of IG until
it is a crisis, an ex-
pensive legal battle is lost, heavy fi nes are imposed for
noncompliance, or executives
go to jail.
There are some key outputs from implementing an IG program.
A successful IG
program should enable organizations to:
■ Use common terms across the enterprise. This means that
departments must agree
on how they are going to classify document types, which
requires a cross-
functional effort. With common enterprise terms, searches for
information
are more productive and complete. This normalization process
begins with
developing a standardized corporate taxonomy, which defi nes
the terms (and
94. substitute terms in a custom corporate thesaurus), document
types, and their
relationships in a hierarchy.
■ Map information creation and usage. This effort can be
buttressed with the use of
technology tools such as data loss prevention , which can be
used to discover
the fl ow of information within and outside of the enterprise.
You must fi rst
determine who is accessing which information when and
where it is going. Then
you can monitor and analyze these information fl ows. The goal
is to stop the
erosion or misuse of information assets and to stem data
breaches with moni-
toring and security technology.
■ Obtain “information confi dence” —that is, the assurance
that information has ”
integrity, validity, accuracy, and quality; this means being able
to prove that the
information is reliable and that its access, use, and storage meet
compliance and
legal demands.
95. ■ Harvest and leverage information. Using techniques and
tools like data min-
ing and business intelligence, new insights may be gained that
provide an
enterprise with a sustainable competitive advantage over the
long term,
since managers will have more and better information as a basis
for busi-
ness decisions.21
Summing Up the Differences
IG consists of the overarching polices and processes to
optimize and leverage informa-
tion while keeping it secure and meeting legal and privacy
obligations in alignment
with stated organizational business objectives.
IT governance consists of following established frameworks
and best practices to
gain the most leverage and benefi t out of IT investments and
support accomplishment
of business objectives.
96. Data governance consists of the processes, methods, and
techniques to ensure that
data is of high quality, reliable, and unique (not duplicated), so
that downstream uses
in reports and databases are more trusted and accurate.
22 INFORMATION GOVERNANCE
Notes
1. “New Trends and Best Practices for Data Governance
Success,” SeachDataManagement.com eBook,
http://viewer.media.bitpipe.com/1216309501_94/1288990195_9
46/Talend_sDM_SO_32247_EB-
ook_1104.pdf, accessed March 11, 2013.
2. Ibid.
3. Ibid.
4. M.N. Kooper, R. Maes, and E.E.O. RoosLindgreen, “On
the Governance of Information: Introducing
a New Concept of Governance to Support the Management of
Information,” International Journal of
97. Information Management 31 (2011): 195–120,
http://dl.acm.org/citation.cfm?id=2297895 . (accessed t
November 14, 2013).
5. Nick Robinson, “The Many Faces of IT Governance:
Crafting an IT Governance Architecture,”
ISACA Journal 1 (2007), www.isaca.org/Journal/Past-
Issues/2007/Volume-1/Pages/The-Many-Faces-l
of-IT-Governance-Crafting-an-IT-Governance-Architecture.aspx
6. Bryn Phillips, “IT Governance for CEOs and Members of
the Board,” 2012, p.18.
7. Ibid., p.26.
8. IBM Global Business Services/Public Sector, “Control
Objectives for Information and related Tech-
nology (CobiT®) Internationally Accepted Gold Standard for IT
Controls & Governance,” http://
www-304.ibm.com/industries/publicsector/fi
leserve?contentid=187551(accessed March 11, 2013).
CHAPTER SUMMARY: KEY POINTS
■ Data governance uses techniques like data cleansing and
de-duplication to
98. improve data quality and reduce redundancies.
■ Good data governance ensures that downstream negative
effects of poor
data are avoided and that subsequent reports, analyses, and
conclusions are
based on reliable, trusted data.
■ IT governance seeks to align business objectives with IT
strategy to deliver
business value.
■ CobiT is processoriented and has been widely adopted as an
IT governance
framework. ValIT is valueoriented and compatible and
complementary with
CobiT yet focuses on value delivery.
■ The CobiT framework maps to the international information
security stan-
dard ISO 17799 and is also compatible with ITIL (IT
Infrastructure Library).
■ ITIL is the “most widely accepted approach to IT service
management in the
99. world.”
■ ISO 38500 is an international standard that provides high-
level principles and
guidance for senior executives and directors responsible for IT
governance.
■ Information governance is how an organization maintains
security, complies
with regulations and laws, and meets ethical standards when
managing
information.
http://viewer.media.bitpipe.com/1216309501_94/1288990195_9
46/Talend_sDM_SO_32247_EB-ook_1104.pdf
http://viewer.media.bitpipe.com/1216309501_94/1288990195_9
46/Talend_sDM_SO_32247_EB-ook_1104.pdf
http://viewer.media.bitpipe.com/1216309501_94/1288990195_9
46/Talend_sDM_SO_32247_EB-ook_1104.pdf
http://dl.acm.org/citation.cfm?id=2297895
http://www.isaca.org/Journal/Past-Issues/2007/Volume-
1/Pages/The-Many-Faces-of-IT-Governance-Crafting-an-IT-
Governance-Architecture.aspx
http://www.isaca.org/Journal/Past-Issues/2007/Volume-
1/Pages/The-Many-Faces-of-IT-Governance-Crafting-an-IT-
101. 14. ITIL, “What Is ITIL?” www.itil-offi
cialsite.com/AboutITIL/WhatisITIL.aspx(accessed March 12,
2013).
15. Ibid.
16. Ibid.
17. “ISO/IEC 38500:2008 “Corporate Governance of
Information Technology” www.iso.org/iso/
catalogue_detail?csnumber=51639(accessed November 14,
2013).
18. ISO 38500 www.38500.org/ (accessed March 12, 2013).
19. www.naa.gov.au/records-
management/agency/digital/digital-continuity/principles/
(accessed November 14,
2013).
20. ARMA International, Glossary of Records and
Information Management Terms , 4th ed. TR 22–2012 (from s
ARMA.org).
21. Arvind Krishna, “Three Steps to Trusting Your Data in
2011,” CTO Edge , March 9, 2011, www.ctoedge
.com/content/three-steps-trusting-your-data-2011
103. expanding. Successful
IG programs are characterized by ten key principles, which are
the basis for best
practices and should be designed into the IG approach. They
include:
1. Executive sponsorship. No IG effort will survive and be
successful if it does not
have an accountable, responsible executive sponsor. The
sponsor must drive
the effort, clear obstacles for the IG team or committee,
communicate the
goals and business objectives that the IG program addresses,
and keep upper
management informed on progress.
2. Information policy development and communication. Clear
policies must be es-
tablished for the access and use of information, and those
policies must be
communicated regularly and crisply to employees. Policies for
the use of e-
mail, instant messaging, social media, cloud computing, mobile
computing,
and posting to blogs and internal sites must be developed in
104. consultation
with stakeholders and communicated clearly. This includes
letting employees
know what the consequences of violating IG policies are, as
well as its value.
3. Information integrity. This area considers the consistency
of methods used to
create, retain, preserve, distribute, and track information.
Adhering to good
IG practices include data governance techniques and
technologies to ensure
quality data. Information integrity means there is the assurance
that informa-
tion is accurate, correct, and authentic. IG efforts to improve
data quality
and information integrity include de-duplicating (removing
redundant data)
and maintaining only unique data to reduce risk, storage costs,
and informa-
tion technology (IT) labor costs while providing accurate,
trusted information
for decision makers. Supporting technologies must enforce
policies to meet
legal standards of admissibility and preserve the integrity of
106. reports) and
records should be retained and how they are to be disposed of or
archived.
Information, and particularly documents, should be classifi ed
according to a
global or corporate taxonomy that considers the business
function and owner
of the information, and semantically links related information.
Information
must be standardized in form and format. Tools such as
document labeling
can assist in identifying and classifying documents. Metadata
associated with
documents and records must be standardized and kept up-to-
date. Good IG
means good metadata management and utilizing metadata
standards that are
appropriate to the organization.
5. Information security. This means securing information in
its three states: at rest,
in motion, and in use. It means implementing measures to
protect information
from damage, theft, or alteration by malicious outsiders and
insiders as well
107. as nonmalicious (accidental) actions that may compromise
information. For
instance, an employee may lose a laptop with confi dential
information, but
if proper IG policies are enforced using security-related
information tech-
nologies, the information can be secured. This can be done by
access control
methods, data or document encryption, deploying information
rights manage-
ment software, using remote digital shredding capabilities, and
implement-
ing enhanced auditing procedures. Information privacy is
closely related to
information security and is critical when dealing with
personally identifi able
information (PII).n
6. Information accessibility. Accessibility is vital not only in
the short term but also
over time using long-term digital preservation (LTDP)
techniques when
appropriate (generally if information is needed for over fi ve
years). Accessibil-
ity must be balanced with information security concerns.
108. Information acces-
sibility includes making the information as simple as possible to
locate and
access, which involves not only the user interface but also
enterprise search
principles, technologies, and tools. It also includes basic access
controls, such
as password management, identity and access management , and
delivering t
information to a variety of hardware devices.
7. Information control. Document management and report
management software
must be deployed to control the access to, creation, updating,
and printing
of documents and reports. When documents or reports are
declared records,
they must be assigned to the proper retention and disposition
schedule to be
retained for as long as the records are needed to comply with
legal retention
periods and regulatory requirements. Also, information that may
be needed or
requested in legal proceedings is safeguarded through a legal
hold process.
109. 8. Information governance monitoring and auditing. To
ensure that guidelines and
policies are being followed and to measure employee
compliance levels, in-
formation access and use must be monitored. To guard against
claims of spo-
liation, use of e-mail, social media, cloud computing, and report
generation
should be logged in real time and maintained as an audit record.
Technology
tools such as document analytics can track how many
documents or reports
users access and print and how long they spend doing so.
9. Stakeholder consultation. Those who work most closely to
information are the
ones who best know why it is needed and how to manage it, so
business units
must be consulted in IG policy development. The IT department
understands
INFORMATION GOVERNANCE PRINCIPLES 27
110. its capabilities and technology plans and can best speak to those
points. Le-
gal issues must always be deferred to the in-house council or
legal team. A
cross-functional collaboration is needed for IG policies to hit
the mark and
be effective. The result is not only more secure information but
also better
information to base decisions on and closer adherence to
regulatory and legal
demands. 2
10. Continuous improvement. IG programs are not one-time
projects but rather
ongoing programs that must be reviewed periodically and
adjusted to account
for gaps or shortcomings as well as changes in the business
environment, tech-
nology usage, or business strategy.
Accountability Is Key
According to Debra Logan at Gartner Group, none of the
proffered defi nitions of IG in-
111. cludes “any notion of coercion, but rather ties governance to
accountability [emphasis added]
that is designed to encourage the right behavior. . . . The word
that matters most is
accountability .” The root of many problems with managing
information is the “fact that
there is no accountability for information as such.” 3
Establishing policies, procedures, processes, and controls to
ensure the quality, in-
tegrity, accuracy, and security of business records are the
fundamental steps needed to
reduce the organization’s risk and cost structure for managing
these records. Then it is
essential that IG efforts are supported by IT. The auditing,
testing, maintenance, and im-
provement of IG is enhanced by using electronic records
management (ERM) software
along with other complementary technology sets, such as workfl
ow and business process
management suite (BPMS) software and digital signatures.
Generally Accepted Recordkeeping Principles ®
Contributed by Charmaine Brooks, CRM
112. A major part of an IG program is managing formal business
records. Although they
account for only about 7 to 9 percent of the total information
that an organization
holds, they are the most critically important subset to manage,
as there are serious
compliance and legal ramifi cations to not doing so.
Principles of successful IG programs are emerging. They
include executive
sponsorship, information classifi cation, integrity, security,
accessibility, control,
monitoring, auditing, policy development, and continuous
improvement.
Accountability is a key aspect of IG.
28 INFORMATION GOVERNANCE
Records and recordkeeping are inextricably linked with any
organized business
activity. Through the information that an organization uses and
records, creates, or
113. receives in the normal course of business, it knows what has
been done and by whom.
This allows the organization to effectively demonstrate
compliance with applicable
standards, laws, and regulations as well as plan what it will do
in the future to meet its
mission and strategic objectives.
Standards and principles of recordkeeping have been developed
by records and
information management (RIM) practitioners to establish
benchmarks for how or-t
ganizations of all types and sizes can build and sustain
compliant, defensible records
management (RM) programs. t
The Principles
In 2009 ARMA International published a set of eight Generally
Accepted Recordkeep-
ing Principles,® known as The Principles 4 (or sometimes
GAR Principles), to foster
awareness of good recordkeeping practices. These principles
and associated metrics
provide an IG framework that can support continuous
114. improvement.
The eight Generally Accepted Recordkeeping Principles are:
1. Accountability. A senior executive (or person of
comparable authority) oversees
the recordkeeping program and delegates program responsibility
to appro-
priate individuals. The organization adopts policies and
procedures to guide
personnel, and ensure the program can be audited.
2. Transparency. The processes and activities of an
organization’s recordkeeping
program are documented in a manner that is open and verifi able
and is avail-
able to all personnel and appropriate interested parties.
3. Integrity. A recordkeeping program shall be constructed so
the records and
information generated or managed by or for the organization
have a reason-
able and suitable guarantee of authenticity and reliability.
4. Protection. A recordkeeping program shall be constructed
115. to ensure a reason-
able level of protection to records and information that are
private, confi den-
tial, privileged, secret, or essential to business continuity.
5. Compliance. The recordkeeping program shall be
constructed to comply with ap-
plicable laws and other binding authorities, as well as the
organization’s policies.
6. Availability. An organization shall maintain records in a
manner that ensures
timely, effi cient, and accurate retrieval of needed information.
7. Retention. An organization shall maintain its records and
information for an
appropriate time, taking into account legal, regulatory, fi scal,
operational, and
historical requirements.
8. Disposition. An organization shall provide secure and
appropriate disposition
for records that are no longer required to be maintained by
applicable laws
and the organization’s policies. 5
116. The Generally Accepted Recordkeeping Principles consist of
eight principles
that provide an IG framework that can support continuous
improvement.
INFORMATION GOVERNANCE PRINCIPLES 29
The Principles apply to all sizes of organizations, in all types
of industries, in both
the private and public sectors, and can be used to establish
consistent practices across
business units. The Principles are an IG maturity model, and it
is used as a preliminary
evaluation of recordkeeping programs and practices.
Interest in and the application of The Principles for assessing
an organization’s
recordkeeping practices have steadily increased since their
establishment in 2009. The
Principles form an accountability framework that includes the
processes, roles, stan-
dards, and metrics that ensure the effective and effi cient use of
117. records and informa-
tion in support of an organization’s goals and business
objectives.
As shown in Table 3.1 , the Generally Accepted
Recordkeeping Principles matu-
rity model associates characteristics that are typical in fi ve
levels of recordkeeping
capabilities ranging from 1 (substandard) to 5
(transformational). The levels are both
descriptive and color coded for ease of understanding. The eight
principles and levels
(metrics) are applied to the current state of an organization’s
recordkeeping capabili-
ties and can be cross-referenced to the policies and procedures.
While it is not unusual
for an organization to be at different levels of maturity in the
eight principles, the question
“How good is good enough?” must be raised and answered ; a
rating of less than “transforma-d
tional” may be acceptable, depending on the organization’s
tolerance for risk and an
analysis of the costs and benefi ts of moving up each level.
The maturity levels defi ne the characteristics of evolving and