Whether you call it a strategy or a policy or indeed, a policy about your IG strategy, many organizations struggle to identify where and how to begin the process of creating one. What needs to be considered? Who should be responsible for the IG strategy? Where exactly, should you even start? Today we offer a brief summary of what an organization should consider when drafting an individualized solution for their organizations information governance.
While it is not quite like the question of which came first, the chicken or the egg, designing an IG strategy or policy does first require you to identify what type of data you have and where it is stored. If you want to apply a policy to something, it makes sense that you must first have an accurate understanding of what exactly it is you want to apply that policy to. Information governance can only be “governed” when you know what information you have to be governed. Makes sense when you think about it.
Therefore, the best place to probably start in terms of identifying your sources of data and information is with email. First of all, the volume of email is astronomical in our current business environment and likely you already have some understanding of where your email is stored. Often, email is one of the first evidentiary pieces of information called for in any court case. If you know where your email is stored, what your organization demands in terms of retention and have done an inventory of sorts to determine how much data you have in this category – then you can begin to define and devise a policy around its governance.
It’s likely that through the email identification process you will come to realize how many other types of data your organization has. Files stored on desktops, servers, USB’s and files that are stored on centralized servers – all need to be identified in order to develop, then put in place, an appropriate IG policy or IG strategy that addresses each. It’s important to remember as well that data is never stagnant and while this may seem counterintuitive (why put a policy in place if things are always changing) it actually reinforces all the more reason why you must enforce an IG policy: in our litigious environment, it important an organization is able to at least demonstrate due diligence in the application of any policy concerning the protection of its data. Even if it does change, if you can prove you are governing the maintenance of your data, it will help to prove intent to safely store and manage it vs. ignoring the importance or necessity of a strong IG policy in the first place
To summarize – a rose by any other name still smells the same. Whether a IG strategy or a IG policy, an organization must have one in place when it comes to IG Strategy and Policy and if you would like to learn more about how to initiate this process, contact FLEXIMATION today.
Share this information with your colleagues or send us your questions, comments and feedback to: mailto:email@example.com . Please click here to find more information about Altitude IG or on our web site www.flexnetsoftware.com . We look forward to answering any eDiscovery | Information Governance or IG Strategy questions you may have; Contact us at 1 (800) 263-8733