This Paragon Perspective was originally featured in August 2016 by Document Strategy.
With the rapid growth of digital content, ever-changing compliance regulations, evolving rulings on legal e-discovery, and the persistence of a “keep everything” culture, few organizations are prepared to meet current threats head on.
- Businesses are under extreme pressure to evolve their business models as part of an enterprise-wide digital transformation that includes automating manual processes and increasing collaborative capabilities—all while balancing the cost of compliance and control mechanisms.
- Additionally, today’s firms need help in optimizing their data, document, and records management processes, enabling fast retrieval for only those customers that have a legitimate right to use the information while also protecting documents from breaches and improper use.
- With the realities of impending litigation and fines for non-compliance, organizations are forced to become more aware of the business risks associated with poor information governance, records, and document management and assure information is identified, classified, and managed throughout its life cycle.
- Technology obsolescence and the breadth of cloud services drive the need for information technology (IT) platform consolidation, system retirement, and application decommissioning and, in turn, the need for digital archiving services, which enable the benefits that consolidation and decommissioning affords.
The result? The need to control the hemorrhaging that results from poor information governance (IG) and document management is only increasing for today's digital enterprises.
What is information governance?
Information is an important business asset generated and managed across all functions of an organization. IG should work at the enterprise level in order to support the current and future business, legal, and regulatory requirements for information management.
IG means different things to different organizations but may be loosely defined as transparent and defensible control over data, information, and records throughout their life cycle, from creation to disposition, and is applicable whether the information becomes an official record or not. Often, these controls require bringing together people, processes, and policies and procedures, as well as technology.
Classification, data mapping, metadata management, and, in some cases, long-term digital preservation must all be taken into account.
- People: IG requires an executive leader or leaders that are accountable for the management of information assets, assuring that business owners of information understand their accountability for information through its life cycle. They understand the need for and establish controls.
- Policy, processes, and procedure: These are the tools used to demonstrate control over information, whether data, documents, or records. Each type of information must have a retention period defined and a business process to control the information through its life cycle and, of course, through any workflows as well.
- Technology: Infrastructure, applications, and tools are used to enable the controls that are needed to govern information. Technological tools can include retention schedule tools, document and records management platforms, ontologies, master data management, and archives.
- Loss of information control: While there is an ever-increasing number of electronic applications generating and carrying information and data across organizations, there still exists large amounts of paper records. When this is combined with electronic data, it demonstrates how enterprise information grows at an explosive rate.
Unfortunately, faced with escalating volumes of information, many organizations don’t know what to do with these large volumes of documents, records, and data, which, many times, are duplicated, out of date, inaccurate, or disconnected from current enterprise initiatives.
Classification, data mapping, metadata management, and, in some cases, long-term digital preservation must all be taken into account in order to locate, access, assess, analyze, and preserve stored information according to its retention period. Strategies must be employed to work against the backlog of information as well as to curb the proliferation of data, documents, and duplicates in the future—a two-pronged approach.
Managing key data is about taking control in a way that derives benefits and enables digital transformation in the process.
There is an increasing amount of big data as a proportion of the enterprise information that must be governed and managed to provide value through analytics and gain a competitive advantage. Coordination among the facets of IG allows an enterprise to make effective use of all of its information, regardless of ownership and stage of information life cycle.
This is particularly important in this era of "Big Data," where data retention policies may enable keeping data longer in order to maximize the extraction of new insights, gain new operating efficiencies, or drive new revenue streams. The value proposition is achieved only when the data is successfully identified, classified, and managed in such that it can be integrated with systems that enable the derivation of new insights.
Litigation and increasing disciplinary action and fines for compliance failures have forced organizations to be more proactive but, at the same time, cautious when dealing with the business risks associated with poor recordkeeping and information management. It is important to understand how to weigh retention risks across data and records and assure controls are in place based on the value the information provides to the enterprise.
When it comes to document management in the digital age, there are four points to keep in mind.
Risk mitigation: Avoid non-compliance and reduce the likelihood of litigation and penalties based on negligent information and recordkeeping practices. Data privacy and security is of paramount importance when firms begin to collect, store, analyze, and use information about the habits and routine behaviors of internal and external customers.
Storage and disposal control: Containment of the costs of storage and disposal is critical, whether considering physical or electronic records. Any strategy must define the types of information collected, the purpose for use, length of retention, and when and how defensible disposal will be carried out in line with corporate retention policies and schedules.
Efficient search: Reduce discovery, search, and retrieval costs by minimizing the volume of material to be searched while maximizing the efficacy of searches across all record types and formats. Collecting information on what records internal and external customers need will enable the analysis required to optimize processes and deliver higher value and additional services.
Enterprise classification and indexing: Collection alone is not good enough—the infrastructure and indexing capabilities must be in place to both leverage and control the information effectively. Efficient indexing depends on strong classification capabilities comprised of enterprise metadata standards, taxonomies, ontologies, and integration at both platform and application levels.
At this time, there is a transformation impacting business decisions, strategies, and growth—a digital transformation that is targeting the way enterprises manage information, including documents, data, and records.