We often get customers asking what the difference is between Information Management and Information Governance, and which one do they need – or do they need both? Let’s start by defining what these two concepts actually are:
Information Governance is the set of structures, policies, controls and metrics that specify how the organization’s information is managed as a business asset.
Information Management is the set of individual activities and tasks carried out by an organization in order to organize, retrieve, acquire, secure and maintain information within the business.
We can position Information Governance as the STRATEGY for guiding the management of information, i.e. the what we need to manage and why we need to manage whilst Information Management is more the TACTICS used and how the information is managed.
Can you have Management without Governance?
The majority of IT projects deliver some aspect of information management. Whether it is about managing capacity, deleting old data or responding to a freedom of information request, the list of information management projects is long and varied.
When an organization is justifying an IT project, it will focus on the need to address particular situations or requirements. Even implementing a proactive strategy such as automated compliance data capture is anticipating the specific need to be able to react to future investigations and audits.
Most of these projects or tasks will still take place even if the organization doesn’t have an overall information governance strategy, as the business or technical needs still have to be met. Information management projects in isolation will be largely reactive as IT organizations balance operational requirements with strategic direction, and this can be quite independent from any overall concept of information governance.
If an organization is successfully managing its IT projects based on specific needs and requirements, it could be argued that it really doesn’t have a need for information governance. After all, there will almost certainly be a strategy underlying each of these projects and a justification for each of them, otherwise they wouldn’t gain approval.
How Information Governance fits into the process
Information governance suffers from the perception that it is difficult to accomplish. It requires an organization to re-think how it approaches the management of data as information, and it can impact every function and every department which works with that data. Organizations have consistently struggled with the notion of the “value” of information and how it relates to their management policies and processes.
The strength of information governance is that it provides an organization with the framework it needs to deliver an overall information management strategy. It gives the ability to follow a consistent approach, by leveraging common processes and strategies across all the various IT projects.
This will bring value in terms of cost savings, in terms of better outcomes, in terms of reduced risks, and in terms of better overall corporate information.
Top-down or bottom-up?
Organizations can implement Information Governance using either a “top-down” approach or a “bottom-up” approach.
In my next two blogs I will look at the pros and cons for each of these approaches, and the reasons why companies follow one path or the other.