Before discussing the role of the Chief Information Governance Officer we must first define Information Governance.
According to Gartner, Information Governance is “the specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving and deletion of information. It includes the processes, roles and policies, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.”
Information Governance (IG) goes beyond traditional records management by incorporating Legal, IT, Information Security, Privacy, Compliance, Risk Management, eDiscovery, Master Data Management, Archiving, etc. to manage information at the enterprise level in order to support current and future business, legal, and regulatory requirements.
Good Information Governance needs a leader who can own the information problem, coordinate information-related functions, and balance and prioritize the costs and value of information.
Enter the Chief Information Governance Officer (CIGO), a senior executive who oversees gaining value and reducing risks of information across an organization. The position is an evolving new concept, developed by the Information Governance Initiative’s first CIGO summit in May 2015.
The responsibilities of the Chief Information Governance Officer include:
Direction & Management: The CIGO has the authority and mandate to lead information related activities. This includes the development, implementation, facilitation, and improvement of the IG program and advocating for information needs on behalf of all relevant stakeholders.
Strategic Planning: The CIGO enables long and short term business strategies and decisions to balance and prioritize the costs, risks, benefits, and value of information assets. Strategic planning includes addressing any missing or underdeveloped facets of the IG program, managing all of an organization’s information, and determining how to gain maximum value from information (e.g., data analytics for better-targeted marketing) while reducing exposure to its associated risks (e.g., lawsuits). The CIGO spots information opportunities and risks that nobody else can identify and assess and incorporates them into the organization’s IG strategy.
Policies, Procedures, and Programs: The CIGO is accountable for the policies and procedures of how the organization creates, uses, stores, identifies, classifies, maintains, secures, releases, acquires, preserves, retains, and disposes structured and unstructured information. The CIGO also leads and oversees programs that support IG efforts such as Records & Information Management. This all must be done on a discrete budget while addressing any holes in policy as they come up.
Collaboration & Communication: Information Governance brings together the functional areas of Information Governance (IG) such as IT, Legal, Records & Information Management, Privacy, Information Security, and Compliance which often intersect. The CIGO is the person who ensures the facets of IG across an enterprise are coordinated and working together by fostering communication between stakeholders to achieve the common goal of gaining value from information while also balancing risk. These IG facets must collaborate to avoid data bloat, compliance risks, and operational inefficiencies that waste time, resources, and money.
Compliance: The CIGO ensures that the company's IG policies and procedures comply with laws and industry regulations. Compliance also includes employee training to make sure that they follow and are knowledgeable of the procedures and policies laid out by the enterprise IG program.
Data and Information Systems: The CIGO oversees content/document/records management systems in tandem with IT. This includes working with department leaders to ensure that all functional information systems conform to defined IG program standards, defining information lifecycle requirements for the retention and disposition of information in all repositories, participates in requirements definition, vendor evaluation, and system selection efforts so that new systems comply with IG program standards, bring order to unassessed “dark” data, and expunge non-critical data past its retention period.
Determining Third Party Access to Information: As the leader for information across an enterprise the CIGO defines standards for the access of business information by third parties (vendors, contractors). This includes developing processes to define scope of access and review/approve contract and policy language regarding information access.
Kaizen & Audits: Kaizen is the Japanese word for “improvement” and when applied to the business world refers to continuous improvement across all functions from the top down. Kaizen from an information governance perspective includes the identification and execution of information-related synergies and engaging in the continuing improvement of IG policies and procedures by actively seeking input from key stakeholders and facets of IG. The CIGO will implement audits of the IG program to determine efficacy, compliance, and ways to better gain value from information and mitigate risk
Professional Development: Staying current with constantly changing technologies and be aware of leading industry practices is important for everyone and the CIGO is no exception. The CIGO keeps up with new developments in IG and Records & Information Management by participating in professional associations, networking opportunities, continuing education, and research.
The CIGO Role
The CIGO role is not a one size fits all solution and some responsibilities will vary depending on factors such as the amount of litigation and regulations in an industry, company size and location, and maturity of the enterprise’s IG program. The CIGO role could even be taken by others in the C-suite as long as the position is filled by a senior executive with the proper experience who is willing to take on the responsibilities of information leadership, coordinate information amongst key stakeholders, and make decisions based on understanding the potential value and risks of information.
If you are not already a member of the Information Governance Initiative (IGI), join today! Your free membership will give you access to up to date IG resources, informative reports (such as the CIGO Task Force Report), and current events from the IGI and its partners and supporters.