P2P

Spring2021

Peer to Peer: ILTA's Quarterly Magazine

Issue link: https://epubs.iltanet.org/i/1356436

Contents of this Issue

Navigation

Page 66 of 94

I L T A W H I T E P A P E R | I N F O R M A T I O N G O V E R N A N C E 67 Effective Information Governance protocols reduce organizational risk while increasing business efficiency Three types of actors exist when analyzing behavior: Proactive; Reactive; and Inactive. Examining how organizations address their Information Governance (IG) obligations using those three classifications provides useful insight. Most organizations fall into the reactive category, and are seeking process improvements while trying to avoid business interruption. Inactive organizations are engaging in risky behavior, while proactive organizations have established data governance programs crafted to improve their ability to achieve regulatory compliance. A proper IG program focuses on managing information throughout the entire information management lifecycle. Through the use of a proper combination of people, process; and technology, metrics can be established to ensure satisfaction of certain legal and regulatory requirements for managing information. IG programs assist in enforcing records retention requirements, protecting data privacy, safeguarding data security; and enhanced knowledge management capabilities. Determining the Scope of an Information Governance Program Organizations are similar to an octopus in that there are multiple separate moving parts controlled by one centralized brain. Business entities have various departments performing their own distinct tasks that have little impact on the others in the organization however, technology resources are often shared beyond just one business unit. Often separate business departments have little insight or visibility into other parts of the organization yet there is a centralized overarching group that manages technology shared across the enterprise. Organizations of all types, including corporations; law firms; government agencies; consultancies; and third-party services providers, face obligations compelling them to manage the information within their possession. Business entities must also fulfill the data privacy and data security obligations incumbent upon them whenever they provide third-parties access to corporate information. B Y J O S E P H C . B A R T O L O , J . D . Considerations for Creating or Revising an IG Program

Articles in this issue

Archives of this issue

view archives of P2P - Spring2021