Congratulations to Robert F. Smallwood on the publication of his new book, “Safeguarding Critical E-Documents: Implementing a Program for Securing Confidential Information Assets,” published by Wiley. Bob asked me to write the foreword to the book, which I have provided below, to help get you juiced up into an Information Governance frenzy so you rush out and buy his book (we authors need all the help we can get, right?)
Today, yet another organization will be forced to admit that it has lost control of its information. It will be forced to admit this by a court, by a regulator, by a reporter, or even by a hacker. It will admit that it really has no idea what information it owns, where that information resides, or what value it has. Finally, it will have to admit that this fundamental lack of information oversight has put the company, its shareholders, and its customers and partners at risk.
We are suffering a plague of information mismanagement. And yet, each year, we spend more on hardware and software to take control of this mess. What’s broken?
Let’s start here.
Imagine a world where your Chief Privacy Officer doesn’t care about privacy. Where your Chief Operations Officer thinks operations are someone else’s problem. Or, where your Chief Financial Officer thinks that her job is managing spreadsheets – not money.
Welcome to the world of information management: a world where we have C-level executives who, despite having the word “information” in their title, are not actually responsible for information. Most organizations have had Chief Information Officers for at least two decades, and yet, most still cannot answer this question:
“Appointing a chief information officer also raises the question of who owns databases — those who maintain them or those who produce them?”
A question, which by the way, was raised in 1984, by Modern Office Technology Magazine.
The failure of institutions worldwide to clearly answer this question is at the root of the problems Robert addresses here. It’s not the CIO’s fault – in fact, most CIOs are very clear about their role. Most view themselves more as Chief Infrastructure Officers, i.e., stewards of the information systems; the people who keep the lights on but who do not generate the electricity; the owners of the storage tanks, pipes, and faucets, but not of the water itself. Pick your analogy.
Rather, fault lies with CEOs and boards who have failed to understand that information governance lies at the heart of corporate governance. Who fail to listen to the CIO when he talks about the real scope of his job. Who are stuck in a different decade (century?) because they think the problem is about moving boxes of paper from facility to facility. And who, finally, have failed to adapt the CIO role, delegate the problem to another C-level executive, or create a new assignment.
This is the world that Robert’s book enters. And, it couldn’t be more timely.
In this book, Robert lays out a framework for understanding this problem, and a plan for dealing with the details – from strategy to software. Both elements are essential. We need to redefine the way we look at the information problem, which Robert helps us to do. But we also need a practical manual for information governance action, which Robert has also provided in the form of authoritative and seasoned guidance.
Information Governance is a long journey. This book should help make your journey shorter and less painful. Safe travels!