The IT department might keep on top of the core information systems, making sure they stay up and running, but companies often fail to manage these systems within a wider structure of information governance. Usually, that’s because they don’t think the issue is important.
This is a big mistake, and a symptom of the fact that too few businesses give their IT director a seat on the main board. Without a top-table voice, IT becomes a back-office issue, not the strategic concern that it should be.
A recent survey by the Economist Intelligence Unit shows the extent to which companies, globally, lack information governance strategies. Only sixty-two percent of the companies in its study had a formal governance strategy in place; fewer than half felt that information governance was important to their company’s success today.
This is a complacent and high-risk approach. People are less likely to make the right business decisions if they are using potentially unreliable data. And in the current climate regulators and investors will be tough on companies that release data that turns out to be wrong.
The majority of the respondents in the EIU study realised that their lack of a proper governance strategy would soon become untenable; getting governance right would be very important to their company’s success over the next three years, they said.
They were looking to adopt policies on issues such as information storage and sharing and how information is distributed inside and outside the company (not surprising given the series of recent scandals over the lack of security around personal information).
This is progress, but companies need to get a move on. Information governance issues will only become more complex in future.
Obstacles in the way to better governance include the difficulty of identifying information risks and the cost of managing them, a lack of support from company management, and the difficulty of enforcing policies over multiple locations, said respondents in the EIU survey. True, information governance is not easy, but too many companies have ignored the challenge for too long.
Information sharing issues need to be tackled now – ‘baddies’ don’t wait around for us to come up with ways to prevent them from stealing our data. Every business needs to start from the beginning with basic information security training. It is amazing what people will throw away without thinking twice about what it is they’re dumping.