Unlike many buzzwords, however, IG is not old concept dressed up in new clothes—it’s a new way of looking at information management that combines the best of what’s come before with new perspectives and approaches to keeping information secure, accessible and available.
Bryn and Samantha do a great job in the latest issue of Legal Technology News describing the emerging executive role for IG professionals in law firms. Bryn has been working with several law firm clients to proselytize the role of the Chief Information Governance Officer, with some success. I would not be surprised to hear from Bryn about a CIGO being appointed in a law firm in 2015.
Law firms are strange creatures. They are not conventional businesses (some might say they are not businesses at all). They are collections of small businesses, each headed by partner with his or her own ideas about how their fiefdom should run. More law firms are trying to modernize their approach to business management, but the incumbent model is dominant.
This makes it particularly challenging to do “enterprise” things at law firms. It is hard – harder even than at traditionally managed corporations – to make anyone do anything. You have the additional challenge that the orthodox impetus for investing in IT – increased efficiency – is often politely acknowledged but bureaucratically resisted in law firms.
Ironically, law firms are organizations who would benefit most from IG. After all the document is the most common and concrete manifestation of what they do everyday. Documents enter in the form of research, evidence, legal instruments, and they go out in the form of pleadings, memos, briefs, and contracts. Improved management, security, access, workflow – the bedrock of content management and other disciplines that form the heart of IG – uniquely benefit law firms.
In addition, law firms have much to lose by not paying attention to IG. Law firms are awash in troves of incredibly sensitive and potentially market-shifting data. The bad guys are starting to wake up to this, as are the regulators.
In the wake of this summer’s massive hack attack at several Wall Street institutions, New York State’s top financial regulator convened a meeting with those institutions to talk about the security holes created by their suppliers – including law firms. In fact, the regulator has requested that the banks provide “any policies and procedures governing relationships with third-party service providers” and has said that banks must describe the process they use to assess the security of those providers.
“It is abundantly clear that, in many respects that a (financial services) firm’s level of cybersecurity is only as good as the cybersecurity of its vendors.”
Benjamin M. Lawsky, New York State financial regulator (as quoted here)
Law firms are called out for special attention, and for good reason. Law firm’s atavistic suspicion of technology must come to an end. When big, powerful clients realize that their gold-plated IG programs have gaping holes skinned only with balsa wood because of poor planning, coordination, and management by their law firm partners, law firms will be in for a shock.
Surely we are all realize that a security breach at Company X does not only affect Company X. The current disaster at Sony which revealed private and sensitive information about hundreds of business partners is a stark reminder of that.
Organizations have little hope of tackling the complex morass of information issues without a central, senior coordinating function.
That is why I believe the only way out of this problem is the Chief Information Governance Officer. That is why the IGI will be focusing heavily on this in 2015 and will be hosting our national Chief Information Governance Officer Summit on May 20-21 2015 in Chicago. Come join us.
Just published, over on LinkedIn, an exclusive mine case study about how Rio Tinto, one of the world’s largest mining companies, is using Active Navigation to remediate over a petabyte of unstructured content (over a billion files) that’s spread out over 5 continents. So far they have found that at least 40% of it can be thrown away or archived. However, the most interesting part of the story is the deal structure. Rio Tinto and Active Navigation designed a shared risk/reward approach where the vendor only gets paid when it delivers. The money flows when the vendor identifies content that can be deleted or archived to Amazon Web Services. But, it also gets paid when it identifies the good stuff – the content that has true value to the business. In other words, Active Navigation is compensated for generating customer value, whether that value comes from identifying chaff or identifying wheat.
We Don’t Know Ourselves
Imagine that you want to lose weight. You have tried cutting back, but it hasn’t really helped. Maybe you should get a little more exercise. Maybe you should eat less fat. Or is it sugar? Greek yogurt is supposed to help. Am I really drinking enough coconut water? Who knows? So you mention it to your doctor, or make an appointment with a dietician, or perhaps sign up with a club or clinic that specializes in weight loss. What is the first thing that they ask you to do? Keep a food log. A diary. Write down what you eat, record the exercise you do, and then report back in a couple of weeks so they can give you a customized recommendation.
Great! You have a made a positive decision to take charge of your health.
The first day you are on top of it, and even pretty honest. That corned beef hash that you accidentally ate at the diner when you stopped in for coffee? In the diary. The late-night bowl of sugary flakes? In the diary. Day two, only the good stuff goes in the diary, and a few days later you are still making a half-hearted attempt until finally, you just find yourself scribbling down a bunch of made up stuff in the waiting room moments before your next appointment.
For decades, the self-reported diary has been the primary research tool for studying and measuring our eating, sleeping, and other behaviors; the foundation of efforts to help us change those behaviors. But, it doesn’t really work. It is a fantasy.
The Quantified Self
New technology offers a different approach. In the past few years we have spent millions of dollars on a host of devices and apps that passively track our behaviors. Products from FitBit, Nike, Jawbone, Garmin and others. The theory of this technology, or movement (called “The Quantified Self” by some), is that more data – and more accurate data – about our behavior will help us understand ourselves better, and thus provide a foundation and methodology for improving ourselves.
Today’s technology tracks our steps, sleep patterns, communication habits, and more. Tomorrow’s technology will automatically log the food we eat, its caloric and nutritional components, and its effect on our bodies. This passive tracking of data clearly is a more realistic approach for us fragile, distracted, willpower-exhausted humans. The machine collects the data in clever way. The algorithms automate the analysis of the data to give us insight into our habits and patterns, and help us track our progress towards a goal.
Of course this approach to problems – any kind of problem – is de rigueur. We know it as Big Data and it is prescribed as a solution to everything from unemployment to world hunger.
We are bringing the Quantified Life philosophy to companies, governments, and to entire nations. Tomorrow we will have the Quantified Organization, with the promise that decisions based on tradition and superstition are replaced by decisions based on facts and evidence.
The Quantified Organization
It is easy to be cynical about Big Data. Sometimes I am. But mostly I get it and I believe it. Clearly it raises a host of business, policy, legal, ethical, and societal issues. In any case, it doesn’t matter whether I get it or not: it will be the way that we function as organizations – and increasingly, as individuals – moving forward.
The idea that we should make decisions based on facts or evidence as opposed to tradition, intuition, and superstition of course derives from the Enlightenment and the scientific method itself. But even in areas where you might expect that this approach is already baked in, there has been a push to focus on the evidence. In the 1990s, for example, the concept of “evidence-based medicine” (or “evidence-based practice”) was introduced into the medical field and has since taken hold as an operating philosophy in branches of medicine from optometry to dentistry.
Evidence-based practice is defined as:
Applying the best available research results (evidence) when making decisions about health care. Health care professionals who perform evidence-based practice use research evidence along with clinical expertise and patient preferences. Systematic reviews (summaries of health care research results) provide information that aids in the process of evidence-based practice.
If the practice of medicine – which has embraced the scientific method for over a century – can benefit from a heightened focus on evidence-based decisions and policy, then surely there are other practices that could benefit from it as well. Any come to mind?
How about Information Governance?
Evidence-Based Practice and Information Governance
Today in IG we make so many decisions, and craft so many policies, based on nothing more that tradition and superstition. This is especially prevalent in the records and information management (RIM) facet of IG, but it exists elsewhere as well. Why do we have 1000 categories in our records retention schedule? Because that’s the way the last guy did it. Because we inherited the schedule from a company we acquired. Because Janice liked it that way. Because that’s the right way. Because that’s what makes the most sense to me. Because that’s what my old boss told us to do. Because that is what the consulting company sold us.
Where is the evidence?
What is true?
Are these justifications based on anything more than tradition, superstition, or office politics?
I propose a new focus for IG practitioners – a focus on Evidence-Based Information Governance. This philosophy should be embedded in everything we do in IG. It is egregious that we wave our hands magically and use purely anecdotal evidence to create fear around information risk. The risk of a spoliation charge in a litigation, for example. How often does it happen? What is the risk of it happening? Go look it up for yourself.
We need to bring evidence into the practice of IG. We need evidence to quantify value. To quantify risk. Evidence to make decisions about how much time, money and effort we should put into managing specific kinds of information.
It is shameful that today, in 2014, this is the exception rather than the rule in IG.
Today we have incredible tools that can easily shed light on our information to give us the visibility and the evidence we need to make good decisions. Go take a look at the providers who support the IGI as an example, as a starting point.
Anyway this post is getting a little long.
But I am passionate about this idea, and will write and work to advance this idea.
Let me know what you think.
On August 11, 2014, the Information Governance Initiative (IGI) released its Annual Report 2014: Information Governance Goes to Work, a comprehensive analysis of the information governance (IG) industry. The report offers a definition of IG and its core concepts, discusses the projects organizations are undertaking and the products and services they are buying, looks at predictions for the state of IG, and provides practical tools and insights for IG practitioners. The IGI Annual Report 2014 and related infographics are available for download now at: www.iginitiative.com/community (registration required).
Below is a roundup of coverage of the Annual Report following its release:
Monica Bay | August 11, 2014
“The Information Governance Initiative, which launched in February, has released its first annual report, announced Executive Director Barclay Blair, who also is president of consulting company ViaLumina.” Read More.
Robert Smallwood | August 11, 2014
“The first annual report from the Information Governance Initiative on the state of the information governance (IG) industry was released today. ‘2014 IGI Annual Report: Information Governance Goes to Work’ is chocked full of distilled insights based on a wide-ranging survey of IG practitioners, providers, and analysts. In it, IG comes into focus and we are provided some additional clarity on what IG is, where it is being implemented, who is responsible, how IG programs are justified, and more. You can find it here, after registering on the site: http://iginitiative.com/blog/.” Read More.
Robert Smallwood | August 12, 2014
“The report advocates the creation of a new, inter-disciplinary role: the Chief Information Governance Officer (CIGO), a viewpoint also recommended by the Sedona Conference in 2013. Some IG programs are being run by practitioners who are effectively taking on the role of the CIGO, but under a different title, and the researchers state that some organizations are actively creating the CIGO role and job description.
For CIOs who have hit the career ceiling, your next step up may be CIGO. Not just expert in IT, but privacy-savvy, security-savvy, legal-savvy, records management-savvy, and business-savvy. Solidify your credentials, get more security, privacy, e-discovery, and IG training, then groom your successor and lobby your CEO for this new role as CIGO.” Read More.
Tamir Sigal, | August 13, 2014
“If you live and breathe information governance, chances are you heard about the IGI (Information governance Initiative). Simply put, the IGI is a think tank and consortium on advancing information governance in the market and within organizations.” Read More.
Chris Dale | August 13, 2014
“Its purpose is to encourage and support those who are responsible for the multiple components which make up IG with well-sourced statistics and analysis, a definition of IG, and practical help towards selling the subject to the board, promoting awareness and designing and executing IG strategy within a company.” Read More.
Ben Dipietro | August 15, 2014
”Information Responsibility: Twenty-eight percent of organizations surveyed said they delegate their information governance accountability to one person, according to a report from information governance services firm Viewpointe and the Information Governance Initiative.” Read More.
Laurence Hart | August 15, 2014
“Read the report. Realize that nobody has Information Governance conquered yet. Get smart people with open minds to help you on your journey because things are going to change a lot before you are finished.” Read More.
Nick Inglis | August 15,2014
“On August 11, 2014, InfoGovCon Partner, the Information Governance Initiative, announced the release of its 2014 Annual Report: Information Governance Goes to Work. The comprehensive report on the information governance industry, among other things, puts forward a definition for IG, reports on research data collected about the state of the IG market, and provides practitioners practical tools and insights relevant to putting IG into practice.” Read more.
Geoff Bourgeois | August 18, 2014
“The Information Governance Initiative (IGI) published their 2014 annual report on information governance (IG) “Information Governance Goes to Work” – the first comprehensive analysis of the information governance industry.
The report is chock-full of great insights including a definitive explanation of what IG actually is: IG is the activities and technologies that organizations employ to maximize the value of their information while minimizing associated risks and costs. In our experience, one of the biggest problems many organizations experience in trying to start an IG initiative is trying to explain to management what IG really is and how it can benefit the organization.” Read More.
Nick Inglis | August 18, 2014
“Information governance, as an industry, has been maturing and coming to the forefront at many leading organizations. I’ve had the opportunity to see much of this maturation at various organizations firsthand. We’ve seen the Information Governance Initiative form and release a new definition of information governance. I’ve been a part of the formation of a major conference around the topic. We’ve seen the topic move to the top of discussions at both ARMA, AIIM, AHIMA and other leading industry associations.” Read More.
Robert Cruz | August 19, 2014
“Semantics aside, we seem to be over-complicating the business case question. Sure, gaining executive sponsorship, aligning multiple functional stakeholders, and selecting the appropriate technologies are not trivial tasks. But, as noted in the Information Governance Initiative (IGI) Annual Report, 92% of surveyed organizations see “value and risk as equal partners” in InfoGov projects, and 68% indicated that establishing a clear, quantifiable metric is essential to their organization.” Read More.
Jennifer Zaino |August 19, 2014
“This month saw the release of the Information Governance Initiative’s Annual Report for 2014, a study aiming to report the perceptions of information governance practitioners, providers and analysts as well as advance information governance as a concept, market and operational model.” Read More.
David Brown|August 19, 2014
“The Information Governance Initiative (IGI) released its 2014 Annual Report last week, which was billed as the industry’s first ever comprehensive analysis of the Information Governance (IG) industry. While not all information contained therein is aligned with the way HP views Information Governance, this body of work still represents a significant step forward in removing some ambiguity and providing the market with some clear direction and best practices.” Read More.
Nick Patience | August 21, 2014
“Information governance is real, but projects are taking too long to get going and need better C-level support. They are some of the findings of the inaugural report of the Information Governance Initiative – the launch of which we have covered previously. Those findings may not strike you as revelatory, but now we have some clues as to why. The report is based on interviews with senior IG practitioners and a survey of practitioners, providers and analysts.” Read More.
August 25, 2014
“The following is a summary of a webcast in which Barclay T. Blair, Founder and Executive Director of the Information Governance Initiative (IGI) and President of the consulting firm Via Lumina, presents the results of IGI’s 2014 survey (see link below). An internationally recognized expert on information governance, Barclay is an advisor to Fortune 500 companies and software and hardware vendors. He is the award-winning author of several volumes, including Information Nation: Seven Keys to Information Management Compliance; Information Nation Warrior; and Privacy Nation.” Read More.
August 25, 2014
“Information Governance Initiative (IGI) has released its 2014 Annual Report, which was billed as the industry’s first ever comprehensive analysis of the Information Governance (“IG”) Industry. Download the report to learn some best practices for your organization to be prepared and take advantage of the growing IG market.” Read More.
Rachel Teisch | August 27, 2014
“This report is particularly relevant to clients. It rises above the ‘noise’ in the industry surrounding information governance, providing on-the-ground insight into what is occurring right now within many organizations, practical guidance based on real-life experience, and a peek into what the not-so-distant future holds for many corporations.” Read More.