I have spent a lot of time reading feedback this week from our latest IBM Information Integration and Governance Forum events and they are quite interesting. As you would get with any audience, some think of it as too technical, while others not technical enough. So, that means we hit the right spot for the most part being in the middle. That however isn’t the interesting part, it is “as I expected”. What is interesting and I guess in many ways not surprising after speaking at many of these is the consistent comments about the growing desire to learn more about how to bring information governance to the forefront of their organization, how to sell it internally.
What are some of the comments? “Universally, organizations don’t know what data they have, we need to get a better handle on it to garner the value within it”. “It is hard to prioritize where our organization should begin: Lifecycle Management, Quality Management or Security and Privacy.” “Everything we do today is about integration and we require better governance to ensure we manage correctly”. “I would like to hear more about how others have built momentum for information governance within their organization?”
This leads me to the focus of today’s blog, how do you get the buy in internally to your information governance program. No, I won’t solve this issue with today’s blog, but hopefully can get the discussion rolling.
We need to start with some small successes to show that good information governance adds value to the organization and isn’t just another overlay big brother program. So, pick a project and start to apply the principles of governance to that program. Often people will ask me my opinion of the difference between information management and information governance. I generally sum it up like this: Information management is reactive putting something in place after a breach, after you cannot meet filing deadlines, after a lawsuit, etc. Information governance is proactively putting the processes in place (sometimes after one of these things) to ensure that you are prepared for what may happen. Yes a little simplistic, but I think also very true. This is why we need to be sure that your project is not though of as a one off, however, put the right policies or rules in place and continue to track and improve them over time. This is something that you will be measuring and looking at as the key driver to your governance program moving forward.
With policies comes measurement. You need to put strong measures and key performance indicators (KPIs) in place to show the effectiveness or lack there of and to understand where and how to improve. Don’t just put those metrics in place; communicate the heck out of them. Make sure the people know what is being measured, how it is being measured, the results of the measurements and how you are going to act based on the measurements moving forward. Process usually doesn’t fail because the process is bad; it fails because people don’t understand it and it isn’t well communicated. We need to have full disclosure to help build the momentum needed to drive the success of the program.
Gain executive sponsorship, but also build ground up momentum. Yes, have an executive sponsor is critical, as you need funding, guidance, support and even the ability to reward, but that alone will not lead to success. You need to have the buy in from the folks doing the work. Some of the myths I hear consistently about information governance include:
- Big brother
- More audits
- Extra overhead
- Reports, reports and more reports
- Yet another initiative driven by compliance that adds little value to me or the business
Well, some of these may be true in part, but we need to overcome them because this is not the reason for governance nor is it why we are doing it. We are putting the program in place to improve our ability to deal with the influx of information coming into our organizations. Without good governance, it is difficult to meet the business initiatives that are in place, comply with regulations and reduce overall business risk. But then again, does the “worker bee” really care?
What do they care about? On a personal level, over time, a good governance program can increase the “fun” work and reduce the tedious stuff. It can improve their insight into the overall objectives and therefore provide better feeling of value to the organization and prepare them for future initiatives before they are thrust upon them. AS far as caring about the company or organization, it can lead to better profitability, lower costs, reduced risk, higher levels of compliance and increased security. Is that enough to make them buy in, likely not, but it is a start. That is why we need incentives in place, executive support and I cannot say it enough, communication, communication, communication. We need to communicate the metrics, the successes, the failures and the value that the program is adding to the organization. Also, communicate the changes that are being made to policies and metrics based on learning. An information governance program needs to live and grow and that means show how it is evolving based on what is learned and grow through the roof.
I think this is enough for today, come check out the Information Integration and Governance Forums ibm.com/iigforum and talk to you next time.