GDPR – A CATALYST FOR INFORMATION GOVERNANCE PROGRAMMES
CD: Could you provide an insight into the meaning of information governance and its key principles?
Mahoney: Information governance (IG) is an enterprise-wide process focused on optimising the way an organisation manages its information assets. IG is not a collection of tasks or services, but a framework and mission. Back in 2011 ARMA International, a professional network for Records & Information Management (RIM) professionals, created the ‘Generally Accepted Recordkeeping Principles’ – now known as just ‘the Principles’. They are a foundational set of eight core areas of focus behind the major components of an effective IG programme. The Principles are accountability, transparency, integrity, protection, compliance, availability, retention and disposition.
CD: In your opinion, what are the business drivers behind building an information governance programme?
Mahoney: Successful IG programmes for organisations support four major value propositions. First, cost containment, which leads to reductions in offsite and onsite storage, supplies and e-discovery costs associated with subpoena requests. Second, collaboration, which means supporting and enhancing cross-function and the sharing of enterprise information. Third, customer satisfaction, such as improving customer response timeliness, which may lead to a competitive advantage through practice modernisation efforts. Fourth, compliance and risk mitigation, which provides protection from ethical, regulatory and industry requirements.
Oct-Dec 2018 issue