information asset management

From the CTO: From Information Governance to Information Asset Management

There is an evolution that needs to happen in the world of enterprise information management, but it’s going to take some time. We need to change our thinking from a pure information governance perspective – which today is very much about risk mitigation – to one that is more focused on the value side of the coin and on helping corporate users understand the quality and business value of the corporate information assets they try to use. There are already a few companies trying to get there, but this remains a slow process for many reasons.

On the Horizon: Putting a Value or Quality Score on an Information Asset

Imagine you are accessing some of your corporate data – structured or unstructured (it doesn’t matter), from within one of your line of business applications which taps into some internal or external data sources. When you are trying to access an information asset, a window pops up with a description of that asset, assessing its level of quality, value, and risk according to several dimensions. You would be able to see this information regardless of where the asset is located: from within your CRM, your SharePoint site, your Line of Business application, and so on. You use this information like an information scorecard, helping you better understand the asset you are looking at and trying to use.

Augmenting Information Assets Users Access

The first “InfoGov” wave we are starting to see is a way to show people augmented information about an information or data asset, based on how it is governed in terms of cost, risk, quality, security or value within your company.

It’s not about assigning a dollar value yet or being able to translate the different factors in dollar value. Instead, it’s about being able to dynamically provide some additional information about a given data set or information asset which can help the user make a better-informed decision about the integrity, accuracy, and trustworthiness of the information he needs to access.

Bottom-up vs. Top-Down Approaches

Most approaches currently are based on a bottom-up approach, focused on applying some risk labels (e.g. sensitivity or retention labels) to information assets. This is the traditional approach records management used for years to tag information at the discrete physical or digital document level. However, such an approach only works for a finite set of data and falls short when the volume of information explodes.

Now, regulations such as GDPR require you to identify personal information (PII/PCI/PHI), tag this data as sensitive and measure the level of risk, wherever it resides, at scale. Scaling a bottom-up approach for every content or data set which could potentially contain personal information is not possible. It is time to move to a top-down approach and automate the tagging and labeling function.

The challenges then reside in defining what will be the right criteria to allocate various levels of risk, cost, quality or value and how to propagate them down the different content repositories and data lakes available within your organization from as automated a manner as possible knowing that not all information is equal.

There are several allocation keys to consider, such as time. The value of an asset declines over time, and that means the criteria to score it will change from one day to another, which makes things more complex. The business value will also vary according to the audience. For example, the length of time a particular asset is important differs from one department to another.

A consulting agreement may only be valuable a couple of months for the business line that outsourced a given service to a third party consultant; useful at the end of the year for the accounting department to close the books; a couple of additional years for the Legal team because the company went into litigation with this consultant, and several decades for the information manager to comply with recordkeeping laws and other internal directives.

Through their unique lens, each audience will put a different value score to the same information. This is just one example of one criterion among many others.

There are immediate benefits to this first “InfoGov” wave. Some of them include enhanced compliance and security, and improved quality. It also provides ways to potentially improve the recycling of information within the enterprise before getting rid of it.

Coming Next: Putting a Dollar Value on an Information Asset

During the first wave, organizations can define a number of key indicators relevant to qualify information and data assets better within a company with a certain number of key scores. The next wave will be towards treating and managing information like any other assets available on a company balance sheet and assign a dollar value to it. This is what Gartner calls: “infonomics,” the contraction of information and economics.

Business Accelerators for Infonomics

There will be the need for a certain number of business triggers with clearer value-added benefits for a company to accelerate market adoption of the infonomics theory aside from compliance, quality or security enablers.

This may, for example, come from:

  1. Reducing the cost of cybersecurity insurance: Insurance to protect against cyber vulnerabilities is always increasing, often based on obscure criteria. How do you evaluate the cost damage for a data loss or a data leak if both the insurance company and the company don’t know what they have insured, the level of risk they take and the business value of stored information? Infonomics principles properly applied in coordination with your insurance company might certainly lower this level of FUD (and thus the cost of your insurance) and will help justify the ROI to apply some improved information economics principles in your organization.
  2. Mergers and Acquisitions: During an M&A, especially in information-savvy industries such as IT, valuation is really about the ability to monetize the company goodwill. But defining and quantifying company goodwill is not a trivial task. You have to think about how easy it will be to leverage the information left in the acquired company and determine its quality and value. How badly managed was it? How complex will it be to clean it up? What kind of mess is in there? Will the information left be sufficient in case of massive employee turnover post-acquisition? An M&A activity is very much about boosting the value of the company – and information assets are a key component of the goodwill. Being able to apply infonomics principles before an acquisition can certainly help reduce the level of risk for the acquirer. It can also ensure a better deal transaction with a higher valuation which should compensate for the extra cost of having to treat information like any other corporate assets.

Accounting principles, however, are currently not designed to support the valuation of information assets and won’t recognize these assets on the standard corporate financial balance sheet (minus some exceptions such as valuing patents, for example). The industry currently lacks best practices and recognized methodologies to assign a dollar value to the information easily and amortize it over time (impairment principle for accounting-savvy people).

Defining an Infonomics Maturity Model and a Reachable Journey

There is currently a need in the industry to develop an open and recognized information economics maturity model to help simplify its larger adoption. Don’t look at this discipline as a black or white approach. Such a framework could help an organization increase its infonomics maturity level over time, by getting some immediate benefits from phase one. Of course, the more mature your company is, the more accurate it will be. However, perfection should not be the enemy of the good.

Having some tools in place to provide indicative values of your information assets, even if they’re not really accounting figures in an initial phase, can help your organization make better-informed decisions. For example, having IT be able to better align its yearly budget with your most sensitive and valuable information assets, instead of spreading its budget across all stored items regardless of what is important, can certainly help prioritize investments.

How can you develop different levels of cost, risk and value criteria? This is where the development of a recognized “Infonomics Maturity Model” in the industry would help.

Wrapping it Up

As mentioned previously, there are a number of clear benefits to applying information governance and infonomics principles within your organization, be they around risk mitigation, cost-saving or efficiency boosts. But without a recognized approach and methodology companies need to figure out creative ways to apply them, one step at a time, through a series of small iterative wins, to progress and mature in their level of information economics maturity over time.

One of the first actions your company can take now is the creation of a unified inventory of all your information assets wherever they reside. Information Discovery, Inventory and Cataloging tools such as everteam.discover can certainly help you pave the road towards the right direction.

Want to learn what everteam.discover can do to help your organization get on the path towards information asset management? Request your customized demo today.