In an ongoing series of articles, The Content Group tackles burning questions from the world of knowledge management. This week, Alison North, chief consulting officer at TCG, looks at who within the organisation should be responsible for information governance?

The short answer is everyone, the challenge is that not many people know exactly what those responsibilities are and even if they do they are not too sure how to include them in their day to day work. The first real question to ask, however, is what does information governance mean to the organisation? My quick answer is that “information governance is the ‘way’ you handle information in accordance with those policies, laws, regulations and practices that rule your sector”. This ‘way’, in turn, has to be placed within the context of your business strategy and the processes that deliver ‘the goods’ or outputs.

Figure 1 shows Information governance at the heart of the business strategy and, linked to Figure 2, it shows it is part of the overall information strategy coming from the business strategy and including its siblings information management, that includes records management and disposition as well as knowledge management; information technology, that includes infrastructure and tools; and, information assurance, that includes risk and security as well as integrity and accuracy of the information.

But it is people that are responsible for information not diagrams and strategies and only people, even if they are assisted by technology, can apply policies if they are aware of them and they can be understood. One of the most oft repeated sentence I hear in offices is, “why did we not know about this ‘xxx’ policy, it would have saved so much time and confusion had we been told?”

Communication on policy within all organisations is poor. Consistency and alignment of policies across the whole business are rarely addressed. The templates may look the same but the content contradicts and confuses the staff. Take, for example, a retention policy, which might be called disposition, data, document, archive, records management or information governance policy to name but six alternatives. What does it cover; who wrote it; who is responsible for delivery of it; who updates it; who checks if it ‘overlaps’ with other policies; who audits the compliance with it internally; who implements it; who knows about it? Development of a policy in one corner of a business that relates to the whole of the business should be communicated to, and clearly understood by, the whole of the business and in many cases, if it relates to information governance, its suppliers should also be told.

So who is responsible for an information governance policy? It emanates from the top and cascades through the business. The people responsible for the drafting of the policy must have knowledge of the processes within the business and should also be able to deliver the advice and guidance on the internal compliance with the policy and a clear structure of who is responsible for the delivery and implementation of the policy, in the various units. The release of the policy should not come as a surprise as news of its birth should have been communicated the moment the first words were drafted, allowing comment and contribution from all quarters. This early communication will allow those responsible for connected or similar policies to ensure consistency not contradiction, and those charged with responsibilities that include information governance, time to comment and explain their needs.

But how do your people know that their responsibilities include information governance? Prior to such a heavily regulated business environment and a less litigious society, honesty, integrity, law abiding and transparency were taken for granted. We worried little about governance of information – it was contained on paper documents, in books and in journals. It was duplicated, yes, but not multiplied ad infinitum and littered across multiple computers, remote back-ups and in the ‘cloud’. We all understood the need to deliver, with the appropriate security, the most accurate and up-to-date information that we could.

We still do, and that is my point. We are all responsible and if we explain information governance in a consistent and simple way and provide our colleagues with guidelines and tools to assist them, then the mystery of information governance will be solved and the responsibilities will all fall into place.

Alison North is chief consulting officer at The Content Group. Establishing herself as a records management professional as the first woman to work on a North Sea oil platform in the 1970s, Alison went on to work worldwide developing information and records management systems. Leaving the oil industry in 1986, Alison set up her consultancy which became the Genuine Group. Establishing the company as leading experts in data retention and information governance, Alison merged her company’s unique offerings with The Content Group in 2011. Alison holds the IRMS Lifetime Achievement Award for her service to the industry over 40 years.