Information Governance Is


Over the last few weeks some pretty bright minds have been talking / writing about what Information Governance (IG) is and isn’t. Unfortunately, I couldn’t find the restraint to stay out of it. To get some of the background of what’s been going on, read a few posts from these guys (I don’t always agree with them, but I do have a great deal of respect for them and their smarts):

There’s also been a bit of a conversation going on on Twitter involving the folks mentioned above, along with Jeffrey Lewis, Ron Layel, Ron Miller, Bryant Duhon, et moi. Had I been prescient I would have captured / saved the stream and included it here. Oh well.

First things first … the definition of Information Governance I use is the one I wrote: “Information governance is all the rules, regulations, legislation, standards, and policies with which organizations need to comply when they create, share, and use information.

The thing to remember about IG is that it’s really about policies that put constraints and roadblocks in the way of working with information.  Implementing the policies, via procedures, is where value gets added; using the right technologies helps take the burden off of people. Information Governance without appropriate procedures and tools is just not going to work. Don’t even bother to try.

I am definitely in the camp with those who view IG as an overarching thing that covers a vast array of disciplines that determine every aspect of managing, using, storing, sharing, and disposing of information. And therein lies the problem with IG; it is too broad to be of real interest to any single executive in the C-suite, unless that executive’s job is IG and only IG. That said, oversight for IG has to be centralized in order to be effective on a broad scale, and it has to be centralized in a manner that allows no bias.

Putting oversight for IG in the hands of the CMO, the CIO, the CLO, or anyone else in the C-suite, assuming they actually wanted the job, would likely end up biasing IG towards a specific agenda. IG implemented has to be good for the overall business. Granted, there are various drivers, but those drivers cannot be used as justification to sacrifice or jeopardize other business concerns. Does that mean we need a new title in the C-suite? Maybe, maybe not. Personally, I’d like to see the CIO role redefined on a global basis to be the information equivalent of the CFO and let the various disciplines report into it.

If an organization is a litigation magnet for sure that organization needs to do whatever is necessary to reduce the risk and the burden. But it can’t be done in a way that compromises business effectiveness of other parts of the organization. The policies need to be implemented via procedures and tools that support the business moving forward. There is no legitimate reason that one cannot implement litigation risk mitigation that also benefits the rest of the organization. The immediate need may be related to litigation, but the long play has to be holistic. By the same token, getting field manuals to engineers cannot expose the organization to unnecessary risk or exposure.

During the past few weeks there was also talk about splitting out Information Governance and Information Management. The short version is that governance is the policies and management is the procedures. I don’t think that there’s anything wrong with splitting things out like that, but does it make a huge difference when trying to convince clients or execs about the need for governance? I’ve been guilty of using the terms interchangeably, but I’ve made progress so I don’t care. The fact is some of my clients get the shakes when I mention IG, but they’re cool when we talk about IM. The end result is the same except that I have not “educated” the client about the right terminology. Again, who cares? My clients don’t hire me to teach them the right terminology so that they can sound hip when having beverages with the IG illuminati; they hire me to solve problems or leverage information better.

I really like Barclay’s sentiment: it doesn’t matter what you call it as long as the concepts are understood and progress is being made. Ultimately, that’s the bottom line.

We can bang on all we want about IG vs IM or whatever, and continue to struggle to get buy in and move things forward. Or, we can compromise our principles a little (it’s not like it’ll matter in the long run anyways) and focus on telling clients, sponsors, and executives what they need to hear in a way they understand, are comfortable with, and ultimately buy into. As long as I do right by my clients, I personally don’t care whether we call it IG or IM. We can have the philosophical conversations next time we’re gathered at some conference and it’s only us nerds talking.

During the Twitter conversation, Ron Layel asked me if I thought that information is the currency of business. I don’t think so. If an organization has a bunch of cash sitting in the bank, idle, the cash doesn’t expose the organization to risk, and it appreciates in value. If information is just sitting around, it potentially causes risk, and has no value. Information accumulates, morphs, and transmogrifies too fluidly to really be considered currency. To be sure, businesses couldn’t run without information or currency, but unlike information you can fake currency (think about letters of credit, loans, debentures, IPO’s, etc.).

One last little point … peeve, actually … there are vendors out there (hardware, software, services, associations) that tout themselves as Information Governance vendors. They’re not. They may solve portions of what IG is, but they don’t do it all.

From the Podium – My Perspective on AIIM and ARMA Canada Conferences


PHIGs God Cow

On June 10th I presented, for the third time, at the ARMA Canada regional conference. Earlier this year, in April, I presented for the first time at AIIM’s annual conference. The experiences were both positive, but very different. This post isn’t really about those experiences; it’s about a comment I received on the evaluation forms from my ARMA Canada session.

The comment was that I was “preaching to the choir”. Uhm, yeah, I was. The topic of my session wasn’t related to the “why” of information governance, it was about a variant of how to do it. I’d fully expect that the session would be attended by people that already understood why information governance is necessary. That said, I fully agree with the sentiment.

Whether it’s at industry conferences, at vendor events, at analyst events, or on online communities, we (IG / IM practitioners) do spend a lot of our time preaching to the choir. But, it’s not always our fault. And I’m going to keep my focus on conferences …

Pick a conference you’re fond of attending, go back over the last few years’ agendas and pick out what’s really fresh/new/exciting year after year. Not much, really. Even at a single conference you can see tons of repetition, albeit using different PowerPoint templates. So, what are we going to do about it? My guess is not very much, but here’s a few suggestions anyways.

Presenters need to give themselves a kick in the hindquarters to get out of their comfort zones. I’ve got my topic for this year, but I will go on to something different next year, or I won’t bother to submit a proposal. Here’s a thought … try something new that doesn’t just address the latest SharePoint release or, if you’re a vendor, the latest version of your product (new branding doesn’t count).

Attendees, you need to get active in conference planning and let the organizers know what you want to hear and see. I know that some of you are there primarily for the networking opportunities and vendor swag, but the sessions can be pretty useful too. In order to make them useful you need to jump in and provide direction. Here’s a little secret … YOU’RE PAYING THE FRICKIN’ FEES YOU ARE THE FRICKIN’ CUSTOMER!!!

Conference organizers need to do a better job of screening and selecting content. Before you slit my throat, I do appreciate that your lot isn’t easy, and you really do a pretty terrific job. I do realize that it’s not easy to get people and organizations to show up and speak for however long you need them to. But, I’d rather see a two day conference with stellar content, than three days that includes some pretty mediocre content. If you’ve got one session that addresses “the state of IM in 2020 and beyond”, you really have more than enough.

As for getting people not in the choir to attend … I don’t know. But I would start with making sure the content to be presented is appealing to them. When was the last time you heard a CMO say “I am so gonna attend that session on managing documented images as records in SharePoint 2013!”? I’d love to see more attendance from IM beneficiaries instead of practitioners.

As for comparing my AIIM experience to the ARMA Canada experience … sorry AIIM, ARMA Canada wins by a landslide because the session was way more a discussion than a lecture. And the credit for that goes to the 39 people that came out at 8:15am (though some did linger a bit over their breakfast). So here’s my proposal for next year’s AIIM conference: I’ll put up a slide with my contact info only. I’ll field questions, challenges, comments from the audience and we’ll all have nice chat for 25 minutes or so. We can call it IM Improv. Deal? Oh, I’ll also try not to step off any stages this time. :-)

To those in the audience being critical – if you do it the right way, I appreciate it because it makes me better the next time. My contact info is included on every slide deck I use; call or email me to offer criticisms and suggestions. I received some criticism after my AIIM presentation and used it to make my ARMA Canada session, I hope, better. As long as you’re not just being mean I’ll use the input to improve.

Lastly, to those of you sitting in the choir and not singing, get up on stage and join us. I’m certain you’ve got stories, wisdom, and experience that we could all benefit from. The experience is always rewarding, whether it’s by making new connections, learning something, or seeing that “aha” look on someone’s face. It’s hard work and can be nerve-wracking, but it is so worth it.

Internet of Intimate Things


Last week I read this news story about vaginal rejuvenation surgery very closely (time wise) after seeing some Twitter items about the Internet of Things. I’m one of these people that draws mental connections between things, but I also tend to have a very juvenile sense of humour (there’s a horny adolescent lurking in here somewhere). Of course, I naturally thought “Hey! Marital aids should be connected to the internet.”

Now, I’m not 100% certain, but I’m pretty certain that there’s a few OBGYN’s out there who could team up with some sensor manufacturer and an adult toy manufacturer to build a marital aid that could measure what’s measurable and significant in helping to diagnose women’s health issues, then hook it to the web and send the stats (properly secured) to healthcare providers. Up the creep factor a bit and you’ve got some pretty intimate, 1-1 advertising opportunities there, too. I’m not certain that’s a good idea, though. Remember the retailer that told some teenager’s dad that she was pregnant? That didn’t go so well.

Scales, electric toothbrushes, thermometers, ear wax vacuum-sucker things … If / when connected to the internet, any of these things that many of us use on a daily basis open us up to truly helpful yet intrusive interactions. I don’t wanna be on my scale and receive ads for some weight loss clinic.

Anyways, what started out as a puerile dirty joke kinda got me thinking …

Samsung’s latest offerings (phone and watch) include a heart rate monitor. Could you hook it up like GM’s OnStar and contact emergency services if there’s a sudden change in BPM? Sure. Hell, combine it with the pedometer function and get some advice and ads targeted to your running goals / achievements.

Walk into any number of retailers today and they offer free wifi, distribute iBeacons, and track your every move through the store.  Linger too long near the heartburn medicine then head to deep-fried, spicy goodness? Get a message telling you to head to fruits and veggies instead.

It’s easy to envision the day when you’re watching your smart TV, wearing your Google glasses and you suddenly receive a message from Health Canada or some political party, based on your programming choices and number of hours sitting on your duff.

My point is that there are endless possibilities and opportunities to positively impact the quality of life for all of us, by making use of technology (the devices and the data). On the other hand, how intimately do we want to be monitored and marketed to? Are we okay with having our intimate, personal, private moments being leveraged to sell us something or to advise us to take a certain course of action? How far is too far?

We bitch and moan about privacy but we demand immediacy and relevance from those selling and serving us. Personally, I’m sort of okay with being “advised” by brands when I’ve opted in. I’m not certain I’d be too cool with walking into an adult emporium and getting suggestions based on previous boudoir activities.