Diverse Perspectives on Information Governance
On February 15th, Tina Teree Baker, IGP, the President of Cadence Group, led a panel on “Differing Perspectives on Information Governance” for the Northern Virginia Chapter of ARMA, International (ARMA NOVA). In order to paint an encompassing picture of Information Governance (IG), Ms. Baker was joined by thought leaders from different fields, including
- Scott Wandstrat, Esq., a partner at Arnall Golden Gregory LLP;
- Angela Dingle, CGEIT, CMC, the president and CEO of Ex Nihilo Management, LLC; and
- George R. Sturgis, Jr., the Deputy Chief of the Records, Privacy, and Declassification Division of the Washington Headquarters Service, offers support for the Office of the Secretary of Defense.
Ms. Baker started the discussion by defining the term “Information Governance,” augmenting ARMA’s definition from her Information Governance Professional certification and her own understanding from her IT and Records and Information Management experience. The definition was used as a springboard, to emphasize the value of understanding perspectives on IG, viewed through the lenses of the disciplines encompassed by IG as represented on the panel: eDiscovery, IT Governance, Security/Declassification, and Records & Information Management (RIM).
When asked about what kind of people should keep Information Governance on their radar, Ms. Baker had this to say: “Unless you are an Information Governance firm like Cadence Group, there may be data crucial to you that your team does not specialize in. In the world of Big Data, where businesses can have terabytes of electronically stored information, it is crucial to have a multi-faceted understanding of how to govern that information.”
One panelist emphasized that many organizations do not take Information Governance seriously until they are the subject of a legal discovery, stating that the most expensive eDiscovery initiative a firm will undergo is usually their first eDiscovery. After the very expensive — and sometimes embarrassing — process of eDiscovery organizations take the time and effort to establish sound IG policies and procedures, and ensure that they are enforcing them. Implementing robust IG policies and related procedures can dramatically reduce the cost of discovery and limit the amount of potentially damaging information that is released during the process.
However, another panelist noted that even the most comprehensive IG policies and monitoring mechanisms will not deter those individuals who are determined to do things their own way, regardless of policy. In some cases, these insider threats are people knowingly trying to do harm, but in most cases damage is caused by people who don’t understand the risks. Knowing that there are individuals with the determination and technical know-how to operate outside of the organization’s IG policy, what can organizations do to protect themselves? Simply put, it comes down to effective communication and training. Individuals are more likely to comply with policy if they are aware of the policy and, perhaps more importantly, why it exists.
We heard those sentiments echoed from an IT perspective, as well. The profession should not stay entrenched in infrastructure. Instead, IT professionals must take IG factors into consideration when designing, managing and decommissioning information systems. To get professionals who have spent their entire careers entrenched in network and infrastructure to adopt a complete information governance perspective requires the same communication and training principles described by the previous panelist.
The thought-provoking discourse between the panel members sparked a wider discussion among audience of records managers and Information Governance professionals. The inspired exchanges could have continued long into the night, but the reality of another looming workday set in and the audience left with a deeper understanding and appreciation of the diverse perspectives of people who work in different sectors of Information Governance.