At the end of an information governance webinar we hosted with Bennett Borden from the IGI last month, attendees had the opportunity to ask us questions about data remediation and IG processes—and we got some great ones. Here are the answers to some of those questions to help start a dialog in your own organization.
Which department in an organization should take ownership of an IG policy, if any? Do you think records and information management should be a contributor in addition to IT and legal?
Bennett: They’re definitely a contributor. IG has been a big boom to records management (RIM). Frankly, RIM’s been ignored for a lot of years by companies, and this new focus on IG will be a breath of life to these really smart professionals. They’re about what to keep and what not to keep—and evaluating what’s important and what’s not based on how it affects the objectives of the company. So their input is really important to have in IG, especially data remediation projects.
As far as who runs IG, we’ve found it’s all over the place inside of companies. The critical thing is that you’re able to balance these stakeholder voices and you’re willing to seek them out. When you have an information-related decision like this to make, you want to be able to elicit all of these stakeholder opinions and also balance them. Sometimes all of these interests don’t align, and when you make a choice you’ll be taking a risk of one kind or another. Eliciting and balancing these voices—and having someone running the group with the right authority to effectuate the decisions—will help you address how your organization can handle each decision and its risks. Mostly we see some combination of legal, IT, and sometimes information and records management, privacy, and security teams.