The world is transforming. Businesses and governments capture more and more of our lives and our interactions with them in digital format. The explosion of digital information associated with this transformation is still in its’ formative years. A 2012 study (Gantz , John; Reinsel , David ;, 2012) completed by IDC and sponsored by EMC, estimated that from 2005 to 2020 the amount of digital data will grow by a factor of 300 to 40,000 exabytes . Business and government agencies have liability for about 80% of that data. It is critical to establish information governance structures that prioritise information management within organisations whilst we are in the infancy stage and prevent a future of loss of critical information.
The Information Value Chain
Knowledge of the information value chain establishes a basis for understanding why the information we hold is important, even when it may appear inconsequential currently. In the information value chain data is initially created or collected and stored to be made available to others as a single point of information. When it is analysed or edited by others in a collaborative manner the data is turned to information of greater value than the original data. As the efficient and effective management of information is integrated into business processes even more value is created. When new information is synthesised from existing sources of information to add new insights or wisdom even more value is added.
Figure 1: Information value chain
Organisations currently operate at the lower end of the digital information value chain. They create and store and view records of information, but according to the IDC study, less than 1% of information is currently analysed. To effectively move information further up the value chain and increase the value for organisations requires excellence in information management. Effective information management enables people to utilise complex data sources and improve business process.
The foundation in achieving the greatest value from information is an effective governance framework. Effectiveness can be measured by the degree of resistance to adoption and realisation of productivity gains and risk reduction resulting from controlling the flow and accessibility to information.
The Current Approach to Governance Frameworks
Most governance frameworks concentrate on the policies, processes and procedures that support generally accepted principles of records management, with legislative compliance being the foremost principle. Senior management therefore provide token support; in principle they support records management, in practice they provide the minimum leadership or initiative.
Yet senior management are well aware of the value of certain information they hold in achieving organisation strategies and goals. These gold nuggets of information are Information Assets. They are the currency senior management trade in, internally and externally. Governance frameworks that actively recognise and protect the organisations Information Assets gain leadership support and action. They drive the adoption of recordkeeping across an organisation.
Creating and sustaining an Information Asset Governance Framework contains six key components:
- Quality assurance
- Continuous improvement
These six components may be identifiable within the varied traditional governance frameworks, but the formality of approach to them, relationships and weighting are likely to be very different to that used in an Information Asset Governance Framework.
Traditionally the priority that forms strategy is compliance with regulations and recordkeeping principles. The records management strategy is determined in reaction to the RIM unit convincing the senior management team of a need to comply by a specified date. There is little consideration given to the management of the information value chain as a part of business strategy which, in turn, drives records management strategy.
Disconnecting the records management strategy from the business strategy in this manner creates a poor governance structure which has flow on effects for other components of good governance.
For example, return on investment for compliance is difficult to calculate with any precision and there is little motivation to calculate a return on investment. For small projects comprising small numbers of staff in a single location this is a small barrier, but for projects involving more than 500 staff or more than five locations this is a large barrier, mainly due to the project implementation time. Long project implementation times means that there are many opportunities for alternate projects to be proposed which have a definite return on investment and thus compete for ongoing budget to achieve the desired adoption rates and maturity of recordkeeping practices.
The RIM unit faces an uphill battle from the very beginning to drive recordkeeping adoption through a disengaged management hierarchy. Records and information management policy is then set in an environment where the only criteria set by the senior management team are those supporting compliance. When RIM units attempt to include in policy statements rules which support the broader aims of good records and information management practices they receive pushback from the senior management team.
System selection and configuration is developed with a compliance outcome rather than a productivity improvement and risk reduction outcome in mind. In the worst cases, the system is not seen as a critical system as information is not appropriately seen as an asset.
The systems view is limited to the selection of an EDRMS in isolation of a broader view of the role of all business systems now and in the future in the management of the information value chain. This causes sub-optimal decision making about the systems architecture of the organisation as it is uninformed of the benefits of future integration of systems.
The development and execution of support components such as training content and delivery, communications plan and content, change management approach, Help Desk resourcing, Super Users and procedures and processes for accessing support is inadequately governed. The design and development of crucial tools to engage the organisation and change individual behaviour are left to a collection of the RIM unit, learning and development and internal communications staff without appropriate oversight and challenge of their adequacy. Inappropriate and insufficient support is a key precursor of low levels of adoption.
Quality assurance is limited to the capture of records and correct titling much of the time, which although essential elements for value, are only a small component. Measures of success in the actual management of information and the business results are rarely developed and reported on. The lack of a visible connection with business outcomes sends a signal to managers that the results of the project are not business critical. Projects are thus further demoted in importance, interest levels of management lost, and momentum of skill improvement and EDRMS use evaporates. People revert to old habits and never make it through the digital transformation.
Formal continuous improvement processes to evaluate the benefit of future changes in policy, procedures or process do not take place. Feedback from measures of adoption, advances in EDRMS functionality and business processes and the challenges and opportunities they present are not undertaken. Improvements in the use of the EDRMS and recordkeeping practices are done in an ad-hoc manner and the management of the value chain of data is inconsistent and lags behind industry best practice. Higher risks and lower productivity levels are experienced than is necessary.
Unlocking Recordkeeping Resistance through Governance
A structured approach to Information Governance provides clarity on responsibility for input and outcomes for the RIM team, Senior Management and IT. The Information Asset Governance Framework provides that clarity for Senior Management and their role.
The mindset of data as an asset governs the development of strategy. Senior management are consulted by the RIM unit to identify the Information Assets. They proactively determine strategic requirements for the management of information and records using the RIM unit as subject matter experts. The strategy seeks to enhance the information value chain. In developing strategy in this way, senior management set the risk criteria for policy development for the RIM unit. The criteria cover both positive and negative risk.
The very act of the senior management team thinking about what information is an asset and to what level in the value chain they wish to see it managed defines what is important to them. It elevates records and information management within the organisation.
Compliance requirements remain a necessity of the strategy, but are secondary to the requirements of the business.
The criteria for the development of policy are set through Senior Management determination of the strategic value of information and thus provide the RIM unit with the information that the policy is based on. Examples of criteria are:
- Security in post disaster operations
- Retention of company knowledge
- Proof of company decisions
- Improvement to decision making
- Transparency of decision making
- Consistency of practice in operations / information storage across organisation
- Security of information
- Reduction of business risk
- Accountability for actions
- Flow of information
- Meeting legal requirements
- Find information
- Meeting regulatory compliance
This top down approach to determining what is covered by the policy generates business commitment from the senior management team to drive good recordkeeping practices.
Systems are specified as part of the overall IT strategy. In the Information Asset framework the IT function is well aware of the value that senior management place on information as an asset and the manner in which they want it managed. IT formulates their IT architecture strategy governed, in part, by the records and information strategy and policy. The RIM unit are regarded as subject matter experts contributing to the development of the specification and participating in the selection of the EDRMS.
Competition between IT and the RIM unit for primacy of advice and influence stemming from fundamentally different views of the value of information can be effectively managed within the Information Governance Framework, as the value is established by Senior Management. The framework is not specific to EDRMS. It acknowledges all business systems, and assesses them for their contribution to the management of the information value chain. The framework provides the opportunity for evaluating the ROI of integration of systems to improve the flow and control of information and progress the information along the chain.
The support model is determined by the needs of the business in managing the information value chain and to achieve the desired return on investment.
When the value of actual documents handled by staff has been established it is straight forward to identify the value of either required support, or distribution of support to achieve the objectives. Simple matrix evaluation tools can establish primary, secondary support requirements and the things you can safely ignore. This approach forms the basis of the training needs analysis and training model whether in implementation or adoption phase of a project, from which the required resourcing and tools are identified. Governance of support is ongoing. It also provides Employees with the foundation for understanding their role in managing information in whatever job role they are placed and why different sections of the business may receive priority support at a given time.
Quality assurance encompasses not only the quality of records management but also the Information Asset Governance Framework itself. It moves beyond titling and record quantity measures, extends to true ROI and measures the effectiveness of the governance framework’s ability to support the business objectives. The RIM unit can accurately design, develop and regularly assess measures of success to inform the senior management team, business units and the RIM unit of the impact of adoption of good recordkeeping practices. The measures include lead as well as lag indicators of adoption. For example, the attendance at training and the assessment of the level of knowledge retention from the training are both forerunners of adoption of good practices within a business unit. So, if knowledge retention is 20% lower than the targeted figure, then the % impact on business operations can be extrapolated.
Audit is engaged to include a review of information management practices against the policy and processes promulgated by the senior management team as part of their annual audit plan. The audit approach treats information as an asset to be managed. The combined measures from the RIM unit and audit inform senior management about progress or otherwise of achieving the desired strategic outcomes. Senior management take decisions based on the measures to ensure that deviations from the strategic vision of managing the information value chain are corrected.
A formal process of evaluation of the current state and recommendations for changes is established under the information management governance framework. A formal Information Asset approach designates responsibility and accountability for the evaluation of internal and external influences which may impact the strategy and policy settings for the management of the information value chain to specific roles.
Continuous improvement is rarely granted the formal structure within governance frameworks that is a necessity for proactive strategic improvement to be achieved. Most continuous improvement is reactive; effected as a direct response to an issue that needs an immediate solution. In reality this is daily management of quality assurance.
The process evaluates elements including but not limited to:
- Regulatory changes
- Business process changes
- Mergers acquisitions and divestments
- New applications and functionality of software
- Deviations from current strategic settings
- Business control incidents resulting from poor management of the information value chain
The results of the evaluation inform senior management of the risks and opportunities and recommended changes to strategy, policy, processes, systems, support, evaluation and continuous improvement processes needed under the overarching governance framework to maximise the value of information within the organisation.
And the cycle continues…
Gantz , John; Reinsel , David ;. (2012, December). Digital Universe. Retrieved June 13th, 2013, from IDC: www.emc.com/collateral/analyst…/idc-the-digital-universe-in-2020.pdf