IMPLEMENTATION OF AN INFORMATION GOVERNANCE PROGRAM

RC: In what ways has the nature, volume and importance of information produced by companies evolved over the years? How has the associated risk profile changed?

Van Gils: Since the industrial age, there has been a slow but steady increase in the amount of information that companies use and produce. While manual, and often ad hoc, information management processes were sufficient in the past, in the modern technological era this is no longer the case. The introduction of the computer has made it easier for companies to store and reproduce data, the web has made it easier to share data, and currently we are experiencing the effects of big data and the internet of things. Companies are increasingly dependent on data and information. Without these key assets, many industries would collapse. Accordingly, the risks associated with information have changed drastically, both in terms of probability and impact. Perhaps the most discussed example at the moment is the privacy issues that result from large scale combinations of social and big data. There is wide recognition of this fact, given the amount of legislation around information quality and governance, the attention for data and information management processes and discussions about information valuation in academic and professional literature.

Bhandari: Information has become multi-faceted and is generated across multiple systems. The ease of generating information has led to an annual growth rate of about 40 percent in the enterprise, according to IDC. The importance of structured and unstructured information in the organisation has also increased significantly in terms of business intelligence, operational efficiencies and regulatory compliance. It is for this reason that information needs to be proactively managed. The associated risk profile of the information landscape has changed dramatically in terms of the challenges of managing a growing volume of data across multiple applications. That challenge is exacerbated by the often marked absence of appropriately evolved information governance practices. Information is also increasingly shared with third parties, can be transferred and processed in countries outside EEA and hosted in the cloud, which adds complexity to control and security.

Jan-Mar 2015 Issue

BIZZdesign

EY

IBM Global Business Services (GBS)

Linklaters LLP

MetaGovernance Solutions LLC