ebook img

Automating Information Governance PDF

31 Pages·2014·2.7 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Automating Information Governance

AIIM Market Intelligence Delivering the priorities and opinions of AIIM’s 80,000 community Industry Watch Automating Information Governance - assuring compliance Underwritten in part by: aiim.org l 301.587.8202 About the Research As the non-profit association dedicated to nurturing, growing and supporting the information management community, AIIM is proud to provide this research at no charge. In this way, the entire community can leverage the education, thought leadership and direction provided by our work. We would like these research findings to be as widely distributed as possible. Feel free to use individual elements of this I n research in presentations and publications with the attribution – “© AIIM 2014, www.aiim.org” d Wu s Rather than redistribute a copy of this report to your colleagues or clients, we would prefer that you direct t them to www.aiim.org/research for a download of their own. Permission is not given for other aggregators to ary t host this report on their own website. c Our ability to deliver such high-quality research is partially made possible by our underwriting companies, h without whom we would have to return to a paid subscription model. For that, we hope you will join us in thanking our underwriters, who are: -A au s ASG Software Solutions AvePoint CCube Solutions. sto 1333 Third Avenue South Harborside Financial Center, 13 Diamond Court urm Naples, FL USA 34102 Plaza 10 Opal Drive, Fox Milne ina TEeml:a 8il0: 0s-a9le3s2@-55a3sg6. c(UomSA Only) 3Je Srseecyo nCdit yS, tNreeewt, J9ethrs Felyo o0r7 311 MUKilt on Keynes MK15 0DU g ctin Web: www.asg.com Tel: +1-800-661-6588 Tel: 01908 677752 omg Email: [email protected] Fax: 01908 679444 pIn Web: www.avepoint.com Email: [email protected] liafo Web: www.ccubesolutions.com ncrm e a t io n G o v e Concept Searching, Inc IBM Corporation OpenText r n 8300 Greensboro Drive, Corporate headquarters: 275 Frank Tompa Dr, a Suite 800, McLean, VA 22102 1 New Orchard Road Waterloo, ON N2L 0A1 n Tel: +1-703-531-8567 Armonk, New York 10504-1722 Tel: +1-800-499-6544 c Tel Europe: +44-(0)1438-213545 Tel: +1-855-221-0702 Email: [email protected] e Web: www.conceptsearching.com Web: www.ibm.com/ILG Web: www.opentext.com/infogov Process Used and Survey Demographics While we appreciate the support of these sponsors, we also greatly value our objectivity and independence as a non-profit industry association. The results of the survey and the market commentary made in this report are independent of any bias from the vendor community. The survey was taken using a web-based tool by 531 individual members of the AIIM community between Mar 15, and Apr 08, 2014. Invitations to take the survey were sent via e-mail to a selection of the 80,000 AIIM community members. Survey demographics can be found in Appendix 2. Graphs throughout the report exclude responses from organizations with less than 10 employees, and suppliers of ECM products and services, taking the number of respondents to 487. ©2014 AIIM - The Global Community of Information Professionals 1 About AIIM AIIM has been an advocate and supporter of information professionals for 70 years. The association mission is to ensure that information professionals understand the current and future challenges of managing information assets in an era of social, mobile, cloud and big data. AIIM builds on a strong heritage of research and member service. Today, AIIM is a global, non-profit organization that provides independent I n research, education and certification programs to information professionals. AIIM represents the entire d Wu information management community: practitioners, technology suppliers, integrators and consultants. s t ary About the Author t c Doug Miles is head of the AIIM Market Intelligence Division. He has over 30 years’ experience of working h with users and vendors across a broad spectrum of IT applications. He was an early pioneer of document management systems for business and engineering applications, and has produced many AIIM survey reports on issues and drivers for Capture, ECM, Records Management, SharePoint, Mobile, Cloud, Social Business and Big Data. Doug has also worked closely with other enterprise-level IT systems such as ERP, BI and CRM. Doug has an MSc in Communications Engineering and is a member of the IET in the UK. -A au s sto u © 2014 rinma A11II0M0 -W Fainynde, CAvoenntruoel,, Saunidte O 1p1t0i0m, iSzeilv Yeor uSrp Irninfog,r mMaDt i2o0n910 g coting Phone: 301.587.8202 m www.aiim.org pliaInfo ncrm e a t io n G o v e r n a n c e ©2014 AIIM - The Global Community of Information Professionals 2 Table of Contents About the Research Multiple Repositories and Cloud About the Research . . . . . . . . . . . . . . . . . . . . . . 1 Multiple Repositories and Cloud...........20 Process Used and Survey Demographics ......1 Cloud .................................21 In About AIIM ..............................2 d Wu About the Author..........................2 Opinions and Spend Intentions s t ary Opinions and Spend Intentions ...........21 Introduction t Spend.................................22 c Introduction.............................4 h Key Findings.............................4 Conclusion and Recommendations Coping with Information Volumes.............4 Conclusion and Recommendations........23 Recommendations . . . . . . . . . . . . . . . . . . . . . . . 23 Maturity of Policies and Systems References.............................23 Maturity of Policies and Systems...........5 Paper v. Electronic ........................5 Appendix 1 - Survey Demographics -A IG/RM Policies ...........................6 au RM Systems.............................6 ASuprpveenyd Bixa c1k g- rSouurnvde y. .D.e.m..o.g.r.a.p.h.ic.s. . ..............2244 ssurtom Perception of IG . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Organizational Size ......................24 inga IG Risks and Rewards .....................7 Industry Sector..........................25 ctin og m Job Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Information Governance Policies pliaInfo Information Governance Policies...........9 Appendix 2 - Selective Comments ncrm e Maturity................................10 a Appendix 2 - Selective Comments .........26 t IG Policy Scope .........................10 io n Underwritten in part by: G Audit and Conformance o ASG Software Solutions...................27 v Audit and Conformance.................. 11 e AvePoint...............................27 r Training................................ 11 n CCube solutions.........................28 a Audit..................................12 n Concept Searching, Inc....................28 c Issues from Non-Compliance...............12 e IBM Corporation.........................29 Data Protection..........................12 OpenText ..............................29 Retention Policies........................13 About AIIM .............................30 Savings on Storage ......................14 Automated Classification Automated Classification ................14 Automated Agents .......................15 Automated Records Declaration.............16 Content Types ..........................16 Benefits................................17 Accuracy...............................17 Experiences ............................18 Email Archives Email Archives .........................18 Legal Hold .............................20 ©2014 AIIM - The Global Community of Information Professionals 3 Introduction What’s in a name? When it first came into vogue a few years ago, “information governance” (IG) was often considered to be just an updated form of records management (RM), extended to take account of the US legal discovery rules. If all electronically stored information can be requested prior to a court case, not just content that has been specifically declared as a record, then work-in-progress, content on laptops and I n mobiles, back-ups, and, in particular, email archives, are all discoverable, and need to be “governed”. d Wu However, in the past twelve months, the impact of data leaks and security breaches, most especially the s t Edward Snowdon activities, has brought the security and privacy elements of information governance ary strongly into play. Metadata has become an issue for front-page news, and heads-of-state discuss t c individuals’ rights to data privacy and information deletion. Meanwhile, massive data leaks of personal h information have damaged corporate reputations and hardened already strong views in some jurisdictions. We therefore need to work harder to protect live content and preserve content records, but the volume, velocity and variety of content generation makes it nearly impossible to manually maintain and enforce the policies we so earnestly set. Computers are more consistent than humans, but you still have to teach them - and trust them. We seem to be at an adoption tipping-point for automating real-time compliance processes, and for machine audit of existing content for metadata accuracy, content security, and de-duplication. Is this -A a silver bullet? What are the early adopter experiences? au s sto In this report we take an in-depth look at information governance policies, privacy and records management u rm issues, policy enforcement, and how well technology can set or correct metadata, detect security risks, and ina g enforce deletion policies. ctin og m Key Findings pIn liafo Coping with Information Volumes ncrm e n On the whole, organizations are stabilizing the volume of paper records, but electronic records are a t “increasing rapidly” in 68% of organizations surveyed. While 32% reported an actual decrease in their io n paper records, not one respondent could report a decrease in electronic records. G o n Only 12% of respondents feel confident that they store only what they need to store. 42% are not v e confident about what is safe to delete. r n a n 43% feel that automated classification is the only way to keep up with rapidly increasing information n c volumes. 14% are already using it, but a further 35% have immediate plans for adoption. e n Of those already using auto-classification, only 10% have been disappointed with the results. In particular, classifying scanned documents has performed better than or as well as expected for 83% of users. n Improved searchability, higher productivity and defensible compliance are given as the top three benefits from automated classification. IG Policies n The three biggest risks from failure of information governance are excess litigation costs, loss of intellectual property and damage to reputation. 24% have had a compliance issue around litigation and discovery in the last 2 years. n 40% of organizations have recently moved, or plan to move in the next year or so, from a traditional RM view to a much wider IG view. 33% are still working in classic RM mode, including 18% who are still taking a mostly paper-records view. n The three biggest benefits from good information governance are reduction in storage costs, exploiting and sharing knowledge resources, and faster response to events and inquiries. Users are also becoming more aware of the need to support big data analytics. n Getting senior level endorsement and involvement is the biggest issue in creating an IG policy. Then enforcement once the policy has been agreed. ©2014 AIIM - The Global Community of Information Professionals 4 n Only 10% have an IG policy in place that is respected and enforced – 21% have a policy in place but it is mostly ignored. For 55% the IG policy is a work-in-progress. n Of those who have information governance policies, only 19% regularly audit for compliance. 40% of organizations do not allocate any staff time for IG training, and only 4% specifically update senior management. I n d Email and Cloud Wu n RM policies for email are still very variable. 18% keep everything, 16% delete everything, 22% have no s t policy or strategy. 17% move emails to their ECM/RM system or a dedicated archive with RM retention ary functions, but only 5% use automation. t c n Use of cloud or SaaS systems for RM is up from 5% to 7% in the past year, with those actively planning h up from 11% to 14%. But those saying “unlikely” or “never” is up from 46% to 51%. Spending Plans n On the whole, users are likely to increase spend on all aspects of IG in the next 12 months, in particular IG training, email archive, search, RM systems and automated tools. Spend on back-file scanning of paper records is set to increase, but outsourced RM, both paper and electronic, is net-neutral. -A au s sto u Maturity of Policies and Systems rinma g Paper v. Electronic coting m The good news on paper records is that the number of organizations reporting a rapid increase has dropped pIn from 15% to 10% since our survey a year ago1, and that smaller organizations have balanced out, with liafo the same number reporting increasing volume to those reporting decreasing volume. The bad news is that ncerm a bigger organizations seem to have suffered a setback with 48% reporting an increase compared to 31% t reporting a decrease – a gap of 17% compared to a 3% gap last year. There is no obvious explanation for io n this. G o Figure 1: Is the volume of your paper/electronic records? v e (N=483) rn a n Decreasing c somewhat, e Decreasing Decreasing Increasing 0% rapidly, 0% rapidly, 7% rapidly, Stable, 4% 10% Decreasing somewhat, 25% Increasing Increasing somewhat, somewhat, 28% 32% Increasing rapidly, 68% Stable, 27% Paper Records Electronic Records When it comes to electronic records, the picture is much clearer: nWobeo ddoyn ’its h raevep orting a decrease, and around 70% of all sizes are repoWrtien hga v“rea rpoibdulsyt ,i ncreasing” volumesi.n forma(cid:31)on and enterprise-wide records informa(cid:31)on management governance policies, 7% We have definite policies, 15% plans to develop enterprise-wide informa(cid:31)on and records management policies, 14% We have ©2014 AIIM - The Global Ceosmtambulisnhitey do fp Ionlfiocriemsa tion Professionals 5 in some areas/ departments but not others, 26% We have informa(cid:31)on and records management policies but have nothing you could describe as mature, 38% 0% 10% 20% 30% It is incorporated in our ECM/DM system We have records management capability in our ECM/DM system but no plans to use it We plan to add/ turn-on records management in our ECM system in the next 12-18 months We have separate systems for ac(cid:31)ve content management and records management Our DM system doesn’t support records management We don’t have an ECM/DM system Records We have looked management is at things this way for quite some mostly about (cid:31)me (3+ years), paper files in our 18% organiza(cid:31)on, 18% Records Managers We have recently manage records, adjusted our view but the rest is not to align with this, so well managed, 16% 15% Records Managers We have plans manage records, to adjust and IT take good responsibili(cid:31)es in care of the rest, the next 12-18 9% months, 24% Decreasing somewhat, Decreasing Decreasing Increasing 0% rapidly, 0% rapidly, 7% rapidly, Stable, 4% 10% Decreasing somewhat, 25% Increasing Increasing somewhat, Decreasing IG/RM Policies somewhat, 28% somewhat, Decreasing Decreasing Increasing 32% 0% rapidly, 0% Beforrea pbidelyin, g7% too specific raapbiodluyt, all-encompassing informatioSnt agbolev, e4r%nance policies, it is useIfnuclr teoa slionog k at policies in general, and ma1t0u%rity levels of basic records management. Just 15% of respondernatpsi dfley,e l they Decrehaasivneg robust, enterprise wide IG policies, albeit rising to 22% for the largest organizations. The6 8re%st of the somewhaStt,a ble, picture is somewhat patchy. 28% have departmental or geographical variations, 38% feel they are still some 25% 27% Increasing I way from maturity, and 21% actuIanlclrye ahsainvge no policies in spolmacewe haast, yet - although two thirds of those have n good intenPtiaopnes.r IRt ewcoourldd sseem thsoamt 1ew2h%a to, f even the larges2t 8o%rganizaEtlieoncstr hoanviec Rnoe caogrrdeesd RM policies. Wdu 32% s t Figure 2: How mature are your information governance and records managemenItnr cparpeoiadlsilcyin,i ge s? ary (N=483) 68% t c Stable, We don’t have h 27% We have robust, informa(cid:31)on and enterprise-wide records Paper Records informa(cid:31)on managemEenlet ctronic Records governance policies, 7% We have definite policies, 15% plans to develop enterprise-wide informa(cid:31)on and records We don’t have We have robust, informa(cid:31)on and management -A enterprise-wide records policies, 14% au s informa(cid:31)on management sto u governance policies, 7% We have definite rm estinab sWloismhe eehd aa vrpeeoa liscp/i oesli cies, 15% pienlnafotnersrm ptoari (cid:31)sdeoen-vw ealinoddpe ing coating dneopta ortthmeerns,t s2 6b%ut inmpfooaWrlrrnmieeceacicae gooh(cid:31)serra,omdd v1nssee4 a n%nt d mpliance Inform management a estabWlishe ehda vpeo licies npootlhiciniegs ybouut choauvled tion in some areas/ describe as mature, G departments but 38% o not others, 26% v We have e informa(cid:31)on and r n RM Systems records a management n Supporting these policies, we see an equally wide range of system architecturepso.l icOiensl ybu 2t 3h%av eh ave what c e we would call the classic EDRMS system, combining content, document and renoctohrindgs ymoua cnoauglde ment. 27% describe as mature, have RM capability in their ECM/DM system but don’t use it – although most (22%) say they are planning 0% 10% 20% 38% 30% to turn it on in the next 12-18 months. A similar proportion, 25%, have separate systems for active content management and records management. Often this involves SharePoint as the DM system, with a more robust RM syIts itse imnc uornpdoerraltyeindg in i to. u2r6 E%C Mha/DvMe n soy sRteMm capability. FigWuree h 3av: eH roewco rwdos umladn yagoeum deenst ccaripbaeb iylitoyu inr mouerchanism for managing electronic records? (N=478) ECM/DM system but no plans to use it We plan to add/ turn-on records management 0% 10% 20% 30% in our ECM system in the next 12-18 months It is incorporated in our ECM/DM system We have separate systems for ac(cid:31)ve content management and records management We have records management capability in our OuEr CDMM/ DsyMst esymst demoe sbnu’tt nsuop pplaonrts rteoc uosrde si t management We plan to add/ turn-on records management in our ECM system in the next 12-18 months We don’t have an ECM/DM system We have separate systems for ac(cid:31)ve content management and records management Our DM system doesn’t support records management We don’t have an ECM/DM system Records We have looked management is at things this way for quite some ©2014 AIIM - The Global Community of mInfoosrtmlya atiboon uPtr ofessionals 6 (cid:31)me (3+ years), paper files in our 18% organiza(cid:31)on, 18% Records Managers Records We haveW leo ohkaevde recently manage recordsm, anagement is at thingsa tdhjuiss tweady o ur view but the rest is nomt ostly about for quitteo saolimgne with this, so well managepda,p er files in our (cid:31)me (3+ years1),6 % 15% organiza(cid:31)on, 18% 18% Records Managers We have plans Recordms Manaangaeg erersc ords, Wtoe ahdajvues tr ecently managaen rde cITo rtdask,e good resapdojnussitbeildi(cid:31) oeusr i nvi ew but the craerset iosf n tohte rest, thteo n aelixgtn 1 w2-i1th8 this, so well manag9e%d, months1, 264%% 15% Records Managers We have plans manage records, to adjust and IT take good responsibili(cid:31)es in care of the rest, the next 12-18 9% months, 24% Decreasing somewhat, Decreasing Decreasing Increasing 0% rapidly, 0% rapidly, 7% rapidly, Stable, 4% 10% Decreasing somewhat, 25% Increasing Increasing somewhat, somewhat, 28% 32% Increasing rapidly, 68% Stable, 27% Paper Records Electronic Records We don’t have We have robust, informa(cid:31)on and enterprise-wide records informa(cid:31)on management governance policies, 7% We have definite policies, 15% plans to develop enterprise-wide informa(cid:31)on and records management policies, 14% We have established policies in some areas/ departments but not others, 26% We have informa(cid:31)on and records management policies but have nothing you could describe as mature, 38% 0% 10% 20% 30% It is incorporated in our ECM/DM system We have records management capability in our ECM/DM system but no plans to use it We plan to add/ turn-on records management Perception of IG in our ECM system in the next 12-18 months As we noted in the introduction, information governance as a term has burst into popularity in the last few We have separate systems for ac(cid:31)ve content years – at least on the part of the vendors. Although this survey was self-elected against a title that included management and records management the word “information governance”, there is strong evidence that the term – and indeed the practice – has struOcku ra D cMho sryds twemith d uoseesnrs’t. sFuipgpuorert 4re schoordwss that the number of organizations changing their view from management I management of declared records to management of all electronically stored information has jumped from n d 18% to 34% in the last 2 years, with a further 24% planning to adjust their view in the next 12-18 months. Wu We don’t have an ECM/DM system s There is evidence that smaller organizations are more likely to have made the move – perhaps as they are t less likely to have had traditional RM roles. ary t Unfortunately, there are still some organizations that have yet to accept the reality of electronic records, and c continue to live in the paper world – 18% in this survey h Figure 4: To what extent would you say the perception of information governance in your organization has progressed from management of declared records, to management of ALL electronically stored information for privacy, security and e-discovery? (N=425) Records We have looked management is at things this way -A mostly about for quite some au paper files in our (cid:31)me (3+ years), ssto organiza(cid:31)on, 18% 18% urm ina g ctin og m Records Managers We have recently p In manage records, adjusted our view liafo bsou tw tehlel mreasnt aisg nedo,t to align1 6w%ith this, ncerm 15% a t io n Records Managers We have plans G manage records, to adjust o and IT take good responsibili(cid:31)es in v e care of the rest, the next 12-18 r 9% months, 24% n a n c e 40% of organizations have recently changed, or are about to change, from a declared records view of information management and control to an IG view across all of their stored information. IG Risks and Rewards So accepting that the majority of our respondents understand the wider implications of IG, we asked what they considered to be the three biggest risks associated with IG failures. Excess litigation costs or damages heads the list, followed by loss of valuable information and then loss of customer confidence – all of which would be considered major business disasters. Understandably, loss of intellectual property is of the most concern to smaller businesses, and inability to respond to information requests is a particular concern of mid-sized organizations. ©2014 AIIM - The Global Community of Information Professionals 7 Figure 5: Which of the following do you consider to be the biggest risks to your company from a failure of information governance? (Max THREE) (N=482) 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% Excess li(cid:16)ga(cid:16)on costs or damages resul(cid:16)ng from poor records keeping In d Loss of intellectual property or company Wu s confiden(cid:16)al informa(cid:16)on t 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% ary Loss of customer confidence or bad publicity t from data loss c Excess li(cid:16)ga(cid:16)on costs or damages resul(cid:16)ng from h Inability to respond to reqpuoeosrt rse (ceo.grd.,s F kreeeedpoinmg of Informa(cid:16)on) Loss of intellectual property or company confiden(cid:16)al informa(cid:16)on Audit qualifica(cid:16)ons due to inadequate records Loss of customer confidence or bad publicity Regulator ac(cid:16)on from lforossm/e dxaptoas luorses of personally iden(cid:16)fiable informa(cid:16)on Inability to respond to requests (e.g., Freedom of Infringement of industry-speciIfincfo crommap(cid:16)loiann)ce - aAu regula(cid:16)ons ssto u AudPito qoura oliufitccao(cid:16)moen so df ucue sttoo mineadr/esquupaptleie rre dciosprdustes rinma Reguladtuoer taoc (cid:16)goanp sf rionm co lmosms/uenxipcoas(cid:16)uornes o tfrail g ctin personally iden(cid:16)fiable informa(cid:16)on omg Fines resul(cid:16)ng from poor records keeping p In Infringement of industry-specific compliance liafo Criminal prosecu(cid:16)on for allowirnegg puelar(cid:16)soonnaslly ncrm sensi(cid:16)ve data to be lost e Poor outcome of customer/supplier disputes a t due to gaps in communica(cid:16)ons trail io n On the positive side, users see many benefits from good information governance, the most significant of G which is toF riendesu crees uslt(cid:16)onrag gfreo amn pdo ionrf rraesctorrudcst ukreee pcionsgts – and this is a tangible cost-saving benefit. Next comes o exploitation and sharing of knowledge, followed by faster response to events, accidents, press activities, etc. v Criminal prosecu(cid:16)on for allowing personally 0% 20% 40% 60% e – and in the modern era of s2e4n hsio(cid:16)uver ndeatwas t oa nbde lsoosctial media comment, this can be vitally important to prevent rn reputational damage, and, indeed, to saving lives. a Reduce storage and infrastructure costs n c e Figure 6: Which three of the following do you consider to be the biggest benefits to your company Exploit and sfhroarme oguoro kdn oiwnfleodrgmea rteisoonu rgcoesvernance? (max THREE) (N=478) Faster response to events, accidents, pres0s% 20% 40% 60% ac(cid:16)vi(cid:16)es, FOI enquiries, etc. MReodruec pee srtsoornaagleiz eadn da nindf raacsctururactteu rsee rcvoisctes to customers ExploitS uapnpdo srhta froer opuort eknn(cid:16)oawl lbeidgg dea rteas/oaunracley(cid:16)scs ini(cid:16)a(cid:16)ves Faster response to events, accidents, press Be“er cuasct(cid:16)ovmi(cid:16)eers/,s uFOppI leienrq rueilraie(cid:16)so, nesthc.ips More personalized and accurate service to Pro-ac(cid:16)vely support patents, li(cid:16)ga(cid:16)on, customers healthcare, tax collec(cid:16)on, etc. Support for poten(cid:16)al big data/analy(cid:16)cs Be“er reputa(cid:16)on/improved shareholder ini(cid:16)a(cid:16)ves value Be“er customer/supplier rela(cid:16)onships Faster and cheaper financial audits Pro-ac(cid:16)vely support patents, li(cid:16)ga(cid:16)on, healthcare, tax collec(cid:16)on, etc. Be“er reputa(cid:16)on/improved shareholder value Faster and cheaper financial audits 0% 10% 20% 30% 40% 50% Ge•ng senior management endorsement It is also worthy of note that support for big data initiatives has moved up from 6th last year to 5th place. Having the right people at the table Ge•ng anybody to be interested ©2014 AIIM - The Global Community of Information Professionals 8 0% 10% 20% 30% 40% 50% Enforcing it once it is completed GAe•lloncga (cid:16)senng isour ffimcaiennatg e(cid:16)mmeen ftr oemnd tohrese dmaye njotbs ExtHeanvdiningg t choev reirgahgte p teoo apllle s atot rtehde ctoabnlteent TransGlae(cid:16)•ngn gt haen ypboolidciye sto in bteo isnytsetreemst erudles NailingE dnofwornc icnlga sist iofincace(cid:16) oitn i sa ncodm tapxloetneodmy AllocaB(cid:16)eningg s ouvffiecr iaemntb (cid:16)i(cid:16)moeu sfr ionm sc tohpee d aanyd j odbestail ExtendinTgr ycionvge troa gcoe vteor a tlol ost moraendy c socnetneanrtios Transla(cid:16)nIdge tnh(cid:16)ef pyionlgic itehse i nletgoa sl yrsetqeumir erumleesnts Nailing down classifica(cid:16)on and taxonomy Being over ambi(cid:16)ous in scope and detail Trying to cover too many scenarios 0% 5% 10% 15% 20% 25% 30% Iden(cid:16)fying the legal requirements The RM/IM/Compliance department takes responsibility Each line of business or department manages their own records 0% 5% 10% 15% 20% 25% 30% IT are mostly responsible The RM/IM/Compliance department takes The IG Commi“ee set and supervise responsibility policies for all departments Each line of business or department The legmala dneapgearst tmheeinrt o twakne rse tchoer dlesad TherITe aisr en om foosrtmlya rle aslploocnas(cid:16)ibolne of responsibili(cid:16)es The IG Commi“ee set and supervise policies for all departments The legal department takes the lead There is no formal alloca(cid:16)on of responsibili(cid:16)es 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% Excess li(cid:16)ga(cid:16)on costs or damages resul(cid:16)ng from poor records keeping Loss of intellectual property or company confiden(cid:16)al informa(cid:16)on Loss of customer confidence or bad publicity from data loss Inability to respond to requests (e.g., Freedom of Informa(cid:16)on) Audit qualifica(cid:16)ons due to inadequate records Regulator ac(cid:16)on from loss/exposure of personally iden(cid:16)fiable informa(cid:16)on Infringement of industry-specific compliance regula(cid:16)ons Poor outcome of customer/supplier disputes due to gaps in communica(cid:16)ons trail Fines resul(cid:16)ng from poor records keeping Criminal prosecu(cid:16)on for allowing personally sensi(cid:16)ve data to be lost 0% 20% 40% 60% Reduce storage and infrastructure costs Exploit and share our knowledge resources Faster response to events, accidents, press ac(cid:16)vi(cid:16)es, FOI enquiries, etc. More personalized and accurate service to customers Support for poten(cid:16)al big data/analy(cid:16)cs Information Governancieni(cid:16) aP(cid:16)voeslicies Creating a comBper“eehre cnussitvoem ienrf/osrumpaptliieorn r geloav(cid:16)eornnsahnipcse policy can be daunting, and the key to success is to obtain senior management endorsement. However, even with support from the top, other senior managers Pro-ac(cid:16)vely support patents, li(cid:16)ga(cid:16)on, need to sign-up to take part. Our users also identified enforcement of the policy once in place as a big issue, healthcare, tax collec(cid:16)on, etc. which we will return to later. I Be“er reputa(cid:16)on/improved shareholder n d The scope of extending coverage from recordvsa lutoe include all stored content is considered to be an issue, Wu especially for mid-sized businesses, but identifying the legal requirements does not come high on the list, s t despite changing (Faansdte cr oannfdu cshinega)p elar wfisn aonnc idala atau dpitrsotection. For smaller organizations, finding time and ary resources is obviously difficult, and this heads the list for them. t c h Figure 7: What have been the three biggest issues with creating an information governance policy? (N=387) 0% 10% 20% 30% 40% 50% Ge•ng senior management endorsement Having the right people at the table -A au s Ge•ng anybody to be interested sto u rm Enforcing it once it is completed ina g ctin Alloca(cid:16)ng sufficient (cid:16)me from the day jobs og m Extending coverage to all stored content pliaInfo Transla(cid:16)ng the policies into system rules ncrm e a Nailing down classifica(cid:16)on and taxonomy t io n Being over ambi(cid:16)ous in scope and detail G o Trying to cover too many scenarios v e Iden(cid:16)fying the legal requirements rn a n c e Most respondents have had to fight to gain involvement and support from senior management for creating 0% 5% 10% 15% 20% 25% 30% an IG policy. Enforcing it once complete is a further issue for many. The RM/IM/Compliance department takes responsibility Each line of business or department manages their own records Responsibility IT are mostly responsible As we have moved from the paper records era to electronic records, the involvement of IT has increased steadily. Moving Tohne aIGg aCionm tom tih“ee eIG se et raan dw shuepreer vailsl estored content needs to be managed for security, accessibility and lifecyclep,o tlhiceie isn fvoorl vaell mdeepnatr otmf IeTn tiss paramount, even if the ultimate responsibility still lies with the Records Manager or increasingly the Compliance Officer. However, we can see from Figure 8 that in 28% of organizaTtihoen sle rgeacl odredpsa rmtmaennatg teamkeesn tth ree lsepaodnsibility resides within each line of business or department – a situation which is unlikely to be conducive to a coordinated, enterprise-wide information governance There is no formal alloca(cid:16)on of initiative. Only 10% have a formal IG committee to oversee activities, policies and systems. In 24% of responsibili(cid:16)es organizations, responsibility has not been formally or specifically allocated. ©2014 AIIM - The Global Community of Information Professionals 9

Description:
Delivering the priorities and opinions of AIIM's 80,000 community. Automating Information Governance. - assuring compliance aiim.org l 301.587.8202.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.