Everteam: EDM to Information Governance (part 2)
16 November 2022
EDM : From Digital Content to Information Governance
Information Governance to manage your information assets
Governing information is now a necessity for companies that, in a context that is both more competitive and more regulated (i.e. GDPR), do not have the tools and the approach to carry out this mission. Indeed, the task is colossal for many companies:
- Many of them do not know how to define the types of data they process or their values.
- They cannot use or maintain them properly.
Visionary in this approach, Everteam has naturally evolved to become a pioneer in Information Governance.
However, poor information management can have serious financial, legal and image consequences for companies, particularly if they are condemned for non-compliance with the regulations in force. Information governance is an essential tool to reduce these risks as much as possible.
Gartner defines information governance as:
“A framework of accountability ensuring appropriate behavior in the creation, evaluation, use, archiving, deletion, and storage of information. It includes standards and statistics, roles and policies, and processes required to ensure effective use of information and enable businesses to achieve their objectives.”
The need to have processes for information management:
Only then can companies achieve a return on investment for the processes, technology and people involved in information management.
In addition to the definition of acceptable data and content types, the following level of security is required
- Data typology,
- Records retention schedules,
- File management, sharing policies (both internal and vis-à-vis third parties), and information storage,
- Confidentiality, regulatory and legal compliance,
- Management of personal information.
It is necessary to plan procedures to be applied in the event of a problem, including:
- How to report possible breaches and losses of information,
- How to manage incidents, incident recovery processes,
- Business continuity strategies, especially in the event that information system data is no longer accessible,
- As well as how to audit these disaster recovery and business continuity processes.
In fact, information is now considered an asset, an organizational resource that, like the equipment, buildings and financial resources needed to run the business, requires a high level of oversight and coordination to ensure accountability, protection, integrity and proper preservation of information.
This maximizes the value of information and reduces the risks associated with creating, storing, using and sharing information:
- Large companies can store up to 10 petabytes of information each year, which is a significant cost.
- Information governance saves storage costs by identifying and storing only valuable data and reducing unnecessary duplication.
- By optimizing the search for reliable information, it also helps companies provide better customer service and employee productivity by providing the minimum number of versions of information or documents, facilitating storage and quick and efficient access to information.
“On average, it’s 18 minutes a day that an employee loses looking for what he needs, weighted by the cost of time/man, the induced drop in productivity can quickly be very significant if the information is not well governed.”
The multiple benefits of true information governance
By scaling the risk according to data type, so that, for example, the focus is on high security only when necessary:
- Information governance can considerably reduce the costs of the Information System infrastructure while optimizing it in terms of security
- and thus help reduce cyber risks.
Laws, business needs, and regulations are increasingly governing how companies must store their information.
They must dispose of it according to a lifecycle schedule based on legal, regulatory and business requirements. By supporting compliance with regulatory requirements, good information governance limits the risk and cost of litigation for non-compliance, while being part of a digital sobriety approach.