It's More Than Governance. It's Value
Deidre Paknad | VP of Information Lifecycle Governance Solutions, IBM
One of the delights I enjoy in researching these "Meet The Leaders" articles is to discover people who are unique, skilled, successful and just plain cool. I confess this up front—I had never heard of Deidre Paknad before this project, and that is a damn shame. There is a LOT I could have learned from her. Maybe now we can make up for lost time.
Deidre's official title is vice president of Information Lifecycle Governance Solutions at IBM. She served as CEO of PSS Systems from 2003 to 2010 when it was acquired by IBM. That's pretty good in itself (better than I can say!). But she is also the founder of the CGOC—the Compliance, Governance and Oversight Council—which is a forum of more than 2,300 legal, IT, records and information management professionals from corporations and government agencies whose mission is, basically, to pull together professionals who care about information governance into a community of interest.
If you're wondering about credentials, don't. Deidre is also a member of several Sedona working groups and co-leads the EDRM Information Governance Reference Model. She also was inducted into the Smithsonian Institution for innovation in 1999 and again in 2000. If none of this means anything to you, look it up. What you will learn is that Deidre is at the leading edge of information governance in a time when that stuff matters a great deal. I wish I had met her sooner.
I was kinda awed by her, I admit. But that didn't stop me from trying to get to the basics of what makes her tick. What are the guiding principles in her work? What the heck does she do for a living? So my first question was this:
"What are some of the driving forces behind your toughest decisions? Are you thinking about the various stakeholders who have a financial interest in your company?"
And I think she gave me the greatest answer I ever heard: "One of the best words I know is ‘and.' You can run a company that addresses shareholder and customer and employee interests and business needs. It's not about ‘or,'" she said.
I absorbed that for a minute, and she continued. "Over the long haul, you probably can't really thrive without doing all three. Without customers and shareholders, you don't have payroll or employees; shareholders are generally well served when your employees engage in creating value for customers; and great employees typically find that rewarding." You get the trifecta, I guess, according to Deidre.
"I spend about 30 hours a week engaged with customers directly," she revealed. "And because I work in a very large organization, that just means I work a lot of hours a week! Regardless, my natural center of gravity and my deep personal interest is working with customers on thorny problems, process improvement and business and organization change issues. There is no greater insight and no greater satisfaction."
Now, the fast-driving, road-warrior, executive lifestyle is not something I'm particularly familiar with. I'm more of a sit-at-the-desk and ask-questions kinda guy. So I wanted to know from Deidre what her life was like. I know... maybe it's a personal question, but it intrigues me. "I traveled about 47 of 52 weeks in the last year, so that certainly makes it hard," she admitted. "My office is in my head and with a fast-growing international business, it can be a bit round-the-clock. I am hoping to dial back the travel this year and get to know my family and friends again." Good, I thought.
Getting To Governance
Deidre is obviously devoted to her work. Some might say "obsessed." But I don't. I get it. Because I asked her about the devotion to a subject like "information governance," and why that matters, and here's what she said:
"It's not information governance per se, it's the opportunity to help companies solve complex problems and achieve better cost and risk outcomes. In information lifecycle governance, that comes from finding the tough balance between revenue and profit pressures, growing data volumes and an incredibly complex and aggressive regulatory and litigation environment," she explained. "Without a strategy, clarity on problems and opportunities, and trusted advisors in strategy achievement, these conflicting pressures are not naturally balanced."
Thus, Deidre believes, organizations tend to overreact. "Organizations give up profit to over-pay their compliance ‘tax.' They over-retain and store information, they over-preserve and end up producing data debris to adversaries and regulators," she said. "But you CAN improve information economics and governance when legal and IT come together and when they shift the focus from ‘retain to comply' to ‘comply and don't over comply.' The savings from disposing and decommissioning unnecessary assets ranges from tens to hundreds of millions of dollars!" she said.
She remarked that her "former lives" have had a big impact on how she now views information governance. "For the first decade of my career, I worked in operations in several industries where I used, relied on, purchased and implemented software to automate and improve business processes. There is no better training for relating to software customers than to be one!"
That level balance of empathy and curiosity are important elements of Deidre's approach to her work, I think. "What are their truths, their concerns, their challenges and professional opportunities?" she posed. "I'm a big believer in direct inquiry as the best way to understand what customers think. I invest a tremendous amount of time in listening to customers and non-customers, too, to understand where they are, what they need, what friction and barriers they experience, and where they see breakthrough opportunities." She then said something really cool: "I like to triangulate direct investigation and dialogue with my own experience as a customer."
I'm liking her more every minute.
Balancing the Weight of Governance
Still not entirely sold on the compelling business value in governance, I had to ask: What the heck is it about governance that has captured so much of the business world's imagination? Is it necessary? Or is it compelled? (Knowing those are two very different motivators.)
"We are at a very interesting juncture right now," she answered. "For many organizations, investments in information governance can only be made where they clearly improve information economics, because revenue growth is slow and profit pressures are high. The tremendous growth in information volume, coordinated regulator investigations and increasing global information regulation now create a very clear link between information governance and economics." But, she added quickly, "Organizations often don't invest in compliance rigor, efficiency and automation unless there is significant concern about enforcement or some tangible penalty for failure. It's like how your compliance with the speed limit improves when you see the police officer with the radar gun!
"It isn't that they don't want ‘great' compliance, it's just that competition for budget dollars and organization energy and attention are fierce today. Governance for the sake of governance alone is a hard sell to executives in tough economic climates because it is hard to quantify."
So, the cost factor begs the question: Are there companies out there that are hoping to "dodge the bullet" by hoping nothing ever happens to them? Like an insurance policy... "maybe I won't need it..."?
"Yes, there certainly are companies like that. In the past two weeks, I've met with five of the world's largest banks. Four of them have very painful e-discovery situations... regulators have required them to produce a decade or more of data, application data was lost when it should have been preserved, data that could long ago have been disposed but wasn't..." It's a sad truth that even the largest organizations make cost/benefit calculations that don't always work out.
"We also find some compliance organizations may have a sense of confidence that they have policies and that those are being followed consistently across employees in the business and IT," added Deidre. "But when you have rules without tools, the strategy is effectively hope... which we all know isn't really a strategy."
Information governance is, at the end of the day, an insurance policy, I thought. You might dodge a bullet; you might not. "Dodging bullets was easier when no one was disposing of data and data wasn't growing so fast; it's a lot harder now, when IT is taking action and a decade of debris has accumulated," said Deidre.
That's for sure.
3565 Harbor Boulevard
Costa Mesa CA 92626-1420