Good Information Governance
Taking Records Management beyond Records
As projected by analyst firm IDC in a recent report ("The Diverse and Exploding Digital Universe," March, 2008) the world will create and replicate close to 1,800 exabytes (or 1,800 billion gigabytes) of digital information by 2011, 10 times the amount created and replicated in 2006. The annual compound growth rate between now and 2011 will be almost 60%. That suggests we are in a period of massive content growth. Bret Swanson, senior fellow at the Discovery Institute, calls this rapid expansion of the digital universe "the exaflood." And your enterprise sits squarely in its path.
Actually, the reality is that dealing with extraordinary growth in data volumes has been business as usual for most large enterprises for close to a decade. Business as usual, yes—but under control? Absolutely not. At best, companies seem to be keeping the tide at bay.
In fact, industry research estimates that as much as 90% of unstructured information—information not in databases—goes unmanaged. Moreover, it is often spread across hundreds of systems and applications, many of which do not allow easy access. It’s no wonder that across the information lifecycle—in which information is created, managed, delivered, archived and retired—as much as 80% of IT budgets can be consumed by simply maintaining infrastructure and multiple systems.
Beyond the issues of volume and complexity, the mismanagement of information poses serious legal and regulatory risks. From the seemingly trivial email message to the most closely guarded intellectual property, all information produced or managed by a company is subject to legal discovery—an area of growing concern for all organizations, particularly publicly traded companies. And companies in highly regulated industries must protect and secure information, make it available for defined time periods, document the processes and approval procedures with which it’s handled and provide proof that those procedures were followed.
It’s probably fair to say, then, that the explosive growth of information—coupled with the increasing number of regulations and legal discovery requests—is a significant concern for IT managers today. At the same time, the value of information for business users is increasing. Information refreshes the product development pipeline, supports sales and marketing, enriches collaborative efforts with partners, boosts innovation and helps sustain competitive advantage.
So what can organizations do to leverage the value of information, while mitigating cost and risk?
Good Information Governance for IT and Business
Good information governance is a proactive, policy-driven information management strategy for the global enterprise. A good information governance strategy integrates enterprise business objectives with information retention and destruction policies. It addresses compliance, e-discovery and privacy mandates holistically, and throughout the information lifecycle. It enables the business to reduce overall content volumes and associated storage costs. And it standardizes and automates processes and policies across line-of-business systems and IT infrastructure.
A good information governance strategy includes the deployment of flexible products and solutions that address local and global requirements while:
- Responding quickly to changing compliance demands;
- Reducing e-discovery costs and risks;
- Demonstrating a commitment to privacy;
- Enhancing the business value of archived content;
- Decreasing the volume of stored content and associated storage costs; and
- Delivering a sustainable competitive advantage.
Implementing Best Practices and Technologies
A good information governance strategy should simplify the demands and lessen the inherent difficulties of managing information. Here are a few best practices to bear in mind when implementing a good information governance strategy:
Sufficient, not excessive, foundation technologies. Look for products that are flexible enough to scale across your organization, but that also can address specific application and business needs. An enterprise content management (ECM) solution can easily do this; but if your organization is not ready for a full ECM solution, it can implement foundation technologies. These include (but are not limited to): retention policy management and disposition; controlled content lifecycles; classification, search and other content services; security; and integrated content archiving.
Proactive and enterprisewide. Take a holistic and proactive approach to information management. Look across organizations, geographies, applications and content types to determine what policies can be addressed across the organization. Take into consideration storage and bandwidth capabilities.
Adaptable to content and business requirements. After general policies are created, dig deeper to determine which organizations may have unique policy requirements. Specifically, look at organizations directly impacted by regulations and discovery requests, but also look to the lifetime value of information in different aspects of the business.
Balanced between risk mitigation and cost containment. Many organizations talk of retention, but not of disposition. Setting archiving and/or disposition policies can greatly reduce your risk and infrastructure costs. The opposite approach—that is, saving everything—can have the biggest negative impact on the bottom line.
Repeatable and programmatic. When the right solutions are used and the required workflows implemented, not only will organizations lower risk, they will also enable a structured process across the enterprise to help gain control of content. A repeatable and programmatic approach provides evidence for e-discovery, compliance and privacy situations, and ultimately, reduces costs.
With information, regulations and discovery requests growing exponentially, companies need to get control now to safeguard against the future. Suffice it to say, those who manage their content under good information governance today will have the competitive advantage tomorrow.
To learn more about good information governance, visit www.EMC.com/goodinformationgovernance.