Insights hero banner (short)


Bringing our best ideas and thinking to you.

  • Blog Post
  • Information Management
  • Information Management
  • Information and Analytics Consulting
  • Information Governance

Blog Post

August 25, 2017

Share this page:

Establish your Information Governance Foundation

By John Desborough

We are creating information at an unprecedented rate and most of it is unstructured. And this unstructured, and mostly unmanaged data sprawl, has become increasingly attractive to the unsavoury side of society.

Based on reports in the news, billions of data records were exposed over the last year in cyber attacks. If you talk to the firms involved in these breaches, many of them were not even aware of the amount of data that they held. Information governance, underpinned by strong security, is critical to keeping data sprawl in check and security threats at bay.

Kick start your review of your Information Governance by asking and addressing these three simple questions:

  • How are you employees and end-users working?
  • Where is your organization's information stored?
  • Do you have full control of that information?

For most organizations, email and email systems put tremendous amounts of valuable information at risk - most organizations use email as a content management platform. Seriously. Email is extremely vulnerable to external threats and yet many employees use email as the channel to share sensitive information. Even though you may have good protection on documents within the organization, as soon as someone sends the document outside you lose control.

You can shift your information governance into gear with four simple things:

  • Audit your information: investigate and understand the range of information that you have, what needs to be managed and where is it being currently stored.
  • Prioritize the information and the associated management processes: assess the level of risk - compliance risk, regulatory risk, reputational risk, etc.
  • Retain only what you really need to keep: what needs to be kept, for how long and accessed by which employees?
  • Review on a regular basis the information that you retain: pruning old information and data saves costs, reduces sprawl and limits exposure.

Life cycle management is an important piece of your Information Governance foundation - if you can automate it, you will find it easier to control your information estate. However, you will have to find the balance between making the information accessible to the right users, extracting actionable intelligence from the data and keeping it secure. This will help promote business agility and decision making while managing security risks with increased confidence.



John Desborough is a Director, Consulting and Technology Solutions at MNP. He is an accomplished business solutions program manager and business transformation architect with 30+ years in the information and technology consulting domain. John has extensive background in information/data management and governance with both public and private sector clients on a global scale. Drop John a line to discuss this topic in more detail: [email protected]