The role of the Chief Information Governance Officer (CIGO) is not a one size fits all solution and some responsibilities will vary depending on factors such as the amount of litigation and regulations in an industry, company size and location, and maturity of the enterprise’s Information Governance (IG) program.
Still, the CIGO is a leader - owner of an enterprise's information problem.
The CIGO role could even be taken by others in the C-suite as long as the position is filled by a senior executive with the proper experience who is willing to take on the responsibilities of information leadership, coordinate information amongst key stakeholders, and make decisions based on understanding the potential value and risks of information.
Here's 8 ways a CIGO protects enterprise information governance!
- Authority To Mandate: The CIGO has the authority and mandate to lead information related activities. This includes the development, implementation, facilitation, and improvement of the IG program and advocating for information needs on behalf of all relevant stakeholders.
- Strategic Thinking: The CIGO enables long and short term business strategies and decisions to balance and prioritize the costs, risks, benefits, and value of information assets - managing all information, and determining how to gain maximum value from information while reducing risk exposure.
- Policy & Procedure Expertise: The CIGO is accountable for the policies and procedures of how the organization creates, uses, stores, identifies, classifies, maintains, secures, releases, acquires, preserves, retains, and disposes structured and unstructured information.
- The Ultimate Collaborator: Information Governance brings together the functional areas of IG such as IT, Legal, Records & Information Management, Privacy, Information Security, and Compliance which often intersect. The CIGO is the person who ensures the facets of IG across an enterprise are coordinated and working together by fostering communication between stakeholders to achieve the common goal of gaining value from information while also balancing risk. These IG facets must collaborate to avoid data bloat, compliance risks, and operational inefficiencies that waste time, resources, and money.
- Did Someone Say ... Compliance? The CIGO ensures that the company's IG policies and procedures comply with laws and industry regulations. Compliance also includes employee training to make sure that they follow and are knowledgeable of the procedures and policies laid out by the enterprise IG program.
- Dark Data Warrior: The CIGO oversees content/document/records management systems in tandem with IT. This includes working with department leaders to ensure that all functional information systems conform to defined IG program standards, defining information lifecycle requirements for the retention and disposition of information in all repositories, participates in requirements definition, vendor evaluation, and system selection efforts so that new systems comply with IG program standards, bring order to unassessed “dark” data, and expunge non-critical data past its retention period.
- Audit Baseline Creator: The goal of auditing and analyzing your records is to allow you to establish and enforce consistent policies and management across all records, whether they are paper or electronic. Achieving this consistency is critical to meeting e-discovery and compliance requirements, enabling the organization to find the records it needs in a timely manner and applying defensible retention rules enterprise-wide. The CIGO is the ultimate audit baseline creator. See 7 Reasons Data Integrity Audits Advance Records Management.
- Social Media Conscience: Today, digital enterprises must govern and manage all their information, including social media, in compliance with business requirements, laws, and regulations. Retaining records of social media activities is just as important as maintaining records of any business decision regardless of format - paper, e-mails, Word documents and much more. The CIGO embraces social media.
The need to control the hemorrhaging that results from poor information governance and records management is only increasing for today's digital enterprises - as even a modest review of current news of the day will demonstrate. With the realities of litigation and fines for non-compliance, organizations are forced to be more proactive and cautionary of the business risks associated with poor information management and records keeping. Welcome to the age of the CIGO.