By Benjamin Robbins, eDiscovery and Information Governance at LinkedIn.
Information Governance initiatives are notoriously complicated programs to launch and successfully institute. This is often the case due to competing priorities, complicated cost benefit analyses, and the need for long-term oversight. Governance initiatives that produce a soft return on investment are easier to deprioritize when pitted against projects with clear gains for the organization. Additionally, executives may find it difficult to justify the operational overhead associated with the implementation of a governance program that could slow productivity or cause more harm than good if executed poorly.
Despite these realities, the necessity of establishing a governance program remains critical for proper information risk management, privacy control, and securing sensitive content. The longer an organization waits to manage information, the higher the likelihood for department segmentation, unknown repositories, legacy systems, and inefficient business processes to manifest, the natural consequence of which is a proliferation of sensitive, duplicate, obsolete, and/or transitory discoverable content.
The approach to a governance program can be simplified into a tactical roadmap based on the goals an organization seeks to accomplish. Of course, a prerequisite to any plan within an organization is executive sponsorship and buy-in. Upon executive approval, an organization should first establish a realistic records policy to enforce retention schedules, support a data classification table, and define roles and responsibilities for a steering committee. In order to create a retention schedule, partners within each business vertical should be identified who can provide transparency into record types, systems, and where information resides. Below are some general considerations to keep in mind as a plan is executed:
- Pilot The Program. Start small by working with a department that either stands to gain the most from improvement of business processes, or that poses the largest regulatory risk. Working through the complications of identifying content types, storage locations, record origination, and risk profile will be complicated and assuredly will uncover other issues. Navigating through these complications will prove invaluable in planning for and working with other business units.
- Set Quarterly Goals. Identifying what can be accomplished per quarter can help set a cadence for evaluating progress. Each step of a governance execution strategy requires substantial legwork to enable advancement to the next step in the plan. It is inevitable that delays will occur and department priorities will shift, therefore, progress evaluation should be measured in reasonable increments to help maintain momentum and manage expectations.
- Avoid Over-Scoping. Many consultants, service providers, and law firms are gladly playing into the governance hysteria that has overtaken discovery and compliance forums. Proper execution of a governance plan can be complicated and time-consuming. As a result, assistance from an outside expert is often necessary. Internal diligence, planning, and goals should be fully evaluated so any external engagement produces impactful work product, as opposed to an overpriced bundle of material that cannot be operationalized.
- Select Governance (not e-discovery) Technology. To reduce data volumes and target relevant information, the e-discovery software industry innovated processing, assisted review, and early case assessment software capable of presenting data insights, categorizing, indexing, filtering, de-duplicating, and coding. These innovations are certainly imperative for document review, investigations, and risk scanning. However, these software types also constitute another costly expenditure that does not actually achieve an impactful long-term win for a governance program. It is, therefore, important to keep end-state goals in mind when considering different technologies and validating all potential technologies to ensure there have been comparable successes.
- Gather Requirements Early. Enterprise content management (ECM) software has historically been expensive, clunky, and inefficient. ECM software is a complex platform, requiring intricate customization to uniquely conform to each environment. For ECM software to integrate property, an understanding of each business unit's current and future state is necessary. To gain an understanding of each business unit's business processes, it is imperative to gather requirements early to understand what integrations will be necessary to achieve the goals of the governance program. One thing to keep in mind is that different departments will have individualized requirements based on their underlying systems. Therefore time is needed for intelligent procurements that meet the needs of each department in scope.
Governance program owners have to be strategic to efficiently implement a program often perceived as a costly and complicated long-term initiative. Moreover, the market is ripe with expensive technologies that either misbrand their products for governance purposes and/or fail to provide long-term solutions. Incremental successes will be won by working with business partners across the organization, setting realistic quarterly expectations, managing external assistance carefully, and selecting useful modern technology based on requirements that support the end goal of the particular organization.
Click here to download the ACC Docket article “Creating an ROI for Information Governance, with No Budget” by Linda G. Sharp, associate GC at ZL Technologies and an expert in the areas of information governance, management and eDiscovery, for further reading.