Published/updated: February 2008
by Martin Atherton and Jon Collins
Forward thinking organisations no longer just talk about governance, risk and compliance. They actively use these concepts to drive business activities and IT requirements. Getting to grips with information governance, a key component of a broader business strategy, gives organisations a much stronger chance of longer term success as well as protecting the business from costly errors.
Governance now actively drives requirements. The time for ‘broad and deep’ is here.
The market is starting to appreciate the value that founding business strategy on good governance, risk management and compliance can bring. Governance and risk management are key strategic and capability drivers in a growing number of organisations. Now that business success depends on the timely exploitation of information, many capabilities traditionally introduced only to ensure compliance to industry regulations need to be extended to all operational areas.
Information management is the Achilles heel in most organisations.
An information governance strategy should be given high priority due to the need for better control over information assets. This avoids costly mistakes and enables action on business opportunities faster than the competition. Organisations cannot implement a successful information governance strategy without first exploring their information management capabilities. The majority of organisations cite multiple and significant challenges at this level, regardless of whether they have rules and process in place. Currently, capabilities do not match requirements.
Information classification is pivotal to a sustainable information governance strategy.
The majority of organisations acknowledge that their information classification capabilities are weak. Information cannot be adequately exploited and protected if there is no way of tracking its location, value, and sensitivity to leakage. These challenges and risks are magnified as an increasing volume of governance-sensitive information propagates outside centralised control in today’s business environment. The ability to classify information according to business criteria has multiple impact points, including dictating security, archiving, retention and destruction requirements. Without it, information cannot have a lifecycle.
Organisations can take practical steps to kick start an information governance strategy.
A strategy as centrally important to the long term health of an organisation needs a central point of ownership, currently lacking in most organisations. Internal input is worth seeking out due to the differing levels of attitude to risk, levels of corporate governance projects and localised information management capabilities across different regions.
The broadest possible view of risk should be taken during business planning and exploring the areas which could be improved by better information classification should go hand in hand with personnel training to ensure that operational activities support strategic goals.
The study upon which this report is based was independently designed and executed by Freeform Dynamics. During the study, which was sponsored by CA, insights were gathered and analysed from 495 senior business and IT leaders. Respondents were from a broad cross section of industries and organisation sizes with a focus on USA, EMEA and Asia Pacific.
This report is free of charge. Click above to download the PDF or view the interactive e-document.
If you experience any problems during this process please contact us at;
firstname.lastname@example.org or call +44 (0)1425 626501 / 620008
By Jack Vile & Dale Vile
As both company and personally owned mobile devices are increasingly used in business, understanding and dealing with the associated risks has become a significant concern for many. In this report we explore some of the trends in mobile technology adoption. ...more
By Dale Vile & Tony Lock
If it has been a while since you thought about your DR measures, or a review has been prompted by a risk assessment, compliance audit, actual disaster or some other scare, it’s worth taking some time to understand what can be achieved in light of important changes that have taken place over the past few years. ...more
By Tony Lock
With the advent of digitisation, all public sector environments generate and capture a significant amount of electronic data. Against this background, this paper explores how to manage costs and risks while meeting these changing needs through ‘active archiving’. ...more
By Dale Vile
In some organisations, the tension between IT and business teams has come to a head around the topic of devices & the so called ‘Bring Your Own Device’ phenomenon.It’s time for IT and business managers to get together & start a proper dialogue about to deal with evolving requirements. ...more
By Dale Vile
By Dale Vile
Organisations of all sizes are trying to understand the security implications of mobile working, device proliferation and BYOD. But with IT vendors offering up a broad range of options, it can be hard to know where to focus your efforts ...more
By Tony Lock
While the importance of business information is almost universally recognised, few organisations have enjoyed either the time or the resources required to ensure that the data they store across an expanding range of computer systems is adequately protected. ...more