Information Governance in Business - Coursework Example

INFORMATION GOVERNANCE IN BUSINESS of the of the Introduction This study shall represent information as the most valuable asset of a business organization. Information is usually considered to be third capital asset of an organization and it holds same level of significance such as human resources and financial capital. Information governance has evolved as a new concept in the recent years. This concept considers information as a strategic asset. It helps in formulating new strategies as well as plays a key role in sustaining business position. Business value is eventually maximized through the approach of information governance. Information governance is associated with enhancing business value, decreasing ownership cost of managing wide base of information, and simultaneously protecting security, facilitating compliance and managing high level of risks. The term governance is common within all business organizations. It is closely knitted with activities undertaken by board of directors so as to address stakeholder’s interests. Governance is all about controlling or regulating management behaviour, which further helps in execution of day-to-day operations. Information and communication technology area also now focuses on the concept of governance. This concept enables an organization to protect information from external threats. Information technology system is a part of corporate governance discipline. It also comprises of risk and performance management. Information governance is gaining importance in recent scenario due to increasing compliance initiatives and transformation of IT into strongest pillar of large scale business operations. Information technology infrastructure supports an organization in terms of addressing its set objectives and strategies (Tallon, Ramirez and Short, 2015). Digitized data can be easily accessed across organizational boundaries and this has led to organizations adopting security measures in order to protect confidential information. Decision making rights and rules are encompassed within information governance. This approach relates to distribution, valuation, collection, storage, creation, control and usage of information. In this particular study, importance of corporate governance will be considered along with its implications for individuals and organizations. Why Information Governance There is increasing interest towards usage and protection of information. Business leaders state that organizational success is dependent on acquiring, controlling and securing obtained information. Information is becoming important for businesses since it helps to formulate corporate strategies. The term ‘information explosion’ is widely known across business sector. Advanced technology forms the basis of information explosion. There are many established organizations which are data driven. Organizations like Sony or any retail firm relies highly on wide set of data. This information not only ensures effective decision making process but also contribute in day-to-day operations (Wacks, 2010). There are billions of people who use Sony mobile phones and continuously exchange information amongst themselves. Information growth is triggered as individuals become more literate. Adult literacy rate as per UNESCO statistics has increased over the years and by the end of 2015 majority percentage of children shall be literate. Figure 1: Adult Literacy Rate (Source: UNESCO, 2014) According to figure 1, there has been gradual increase in literacy rate across the globe. This is directly linked with increasing concern towards information security. Individuals who are literate can easily access wide range of information. Digitized information which is currently available leads to information explosion. The amount of data being created or transmitted has increased in current scenario. This is simply because of greater dependency of individuals on digital information. Millions megabytes of information is produced by a small business firm annually. Information creation includes downloading files, writing emails, entering information in Word files, etc. This information being created is either stored in computer systems or is moved across Internet or mobile networks. The size of storage chips or computer storage space is doubled with increased usage of digital information. Emergence of information governance is deeply rooted with the concept of privacy. Privacy can be defined as securing relationship of an individual with external society (Beath, Fernandez, Ross and Short, 2012). Recent business methods or inventions have outlined the new right –“to be let alone.” United States have earlier passed bill of rights. As per this right, no warrants shall be issued against people who are exhibiting unreasonable searches as long as they do not violate information. In current scenario Internet is used for everything possible and this has led to privacy in digital age. On the basis of this approach, one believes that his or her every move on digital platform is being watched. ‘Right to Forget’ is closely associated with this form of privacy in digital era. As per Court of Justice in European Union, individuals do possess certain fundamental rights whereby they can command Google to eradicate certain results concerning them (Benkler, 2006). After this bill was passed, search engine had to accept request of individuals to remove specific information and they were allowed to display only certain information which holds public interest. There were a total of 778,265 URLs which have been evaluated and eliminated by Google. Google has even received requests of removing links of various financial crimes. The company has not eliminated such links which is beneficial for public. Privacy controls also plays an integral role in Facebook. This form of privacy governs the entire operational framework of facebook as stated by Zuckerberg. The major challenge brought forth by technology is information breach. It has been difficult to sustain compliance with large base of individuals interacting daily with information. People using advanced technology devices have recently increased and this provided immense opportunities to hackers. Information governance is required because it helps to distinguish between what information is required and what is not essential (Wacks, 2010). This framework portrays reliable information which can be trusted by organizations so as to undertake key decisions. There are three main problems with information governance such as problem of poor guidance, privacy issues and breaching of personal information or leakage of confidential information of an organization. What Information Governance Information governance is considered to be a strategic alternative, where focus is on creation, finding, usage, exchange of information and is not only inclined towards production of information. Information governance model was structured against some basic models of compliance, risk and governance. The concept of information governance evolved as a collaborative approach in order to manage information throughout its lifecycle. There are some common business activities based on information management such as records management, knowledge management, document management, information security, enterprise content management, storage management, library services, data privacy management, information risk management, customer relationship management, web governance, etc. Records management is not the only area of concern but other risks related to information also needs to be handled efficiently. When information governance is aligned with compliance and risk it tends to enhance program visibility. Information governance as a discipline has evolved in recent decades due to strict legislative framework. This concept was able to address the need of eradicating information management challenges (Benkler, 2006). Information governance forms a vital component of corporate governance. There are three types of corporate governance structure such as information governance, data governance and information technology governance. Different information governance models are available to measure and assess governance maturity and information management. Certain principles exist which are responsible for governing records and information management standards. These principles are compliance, transparency, accountability, protection, availability, disposition, integrity and retention (Abu-Musa, 2010). Each of the characteristics is applicable for specific level of maturity. These maturity levels are in development, transformational, essential, proactive and sub-standard. The entire structure of information management has been well represented in figure 1. Figure 2: Information management structure (Source: Tallon and Scannell, 2007) This particular model outlined in figure 2, has been further modified by incorporating components of compliance, security risks and privacy. Information lifecycle management model is developed by IBM in order to highlight various aspects of information governance. The major categories of this model are organizational awareness or structures, policy, compliance or data risk management, stewardship, value creation, data architecture, information security, metadata and classification, data quality management, audit information, information lifecycle management and big data (Smallwood, 2014). The governance model is demonstrated in figure 3. Figure 3: Governance Model (Source: Hagmann, 2013) As per figure 3, this governance model denotes effective management to be summation of information asset value and legislative duty. On the basis of this model, it can be stated that information governance revolves around three components such as duty, value and asset. Duty mainly resembles legal obligation. This outlines specific information which is used by organizations within information technology framework. Value is related to business purpose or utility that gains significance in case of specific information. Asset is specific information that is required by business organizations to formulate innovative strategies (Lemieux, Gormly and Rowledge, 2014). The information management cycle represents the entire procedure which is followed by business organizations to efficiently handle wide set of information. Figure 4 portrays the information management cycle. Figure 4: Information management cycle Organizational functions or capabilities are represented in terms of information which is then processed efficiently in order to deliver required outcomes. The need for information facilitates an organization to acquire information. This information is then stored by an organization so as to meet set goals or objectives (Tallon and Scannell, 2007). The stored information is later distributed throughout the organization. Information is finally used by all team members and necessary changes are then incorporated in overall behaviour. The importance of information governance emerged when information was started to be treated as a valuable resource. Data governance is related to minimizing costs and efficiently utilizing resources. Organizations recognize the need for storing data and consider good data to be most valuable asset. Businesses have to own data so as to facilitate data leverage. It is essential that the entire process is managed efficiently from where data is sourced. Organization wide governance structure is enabled through adopting information governance framework. Information governance has some key principles to follow like executive sponsorship (Hulme, 2012). Sponsor is given responsibility to eliminate all possible obstacles related to information governance. Secondly, communication and development of information policy are in context of social media, instant messaging, e-mail, mobile computing, cloud computing, internal sites posting, etc. These policies are basically framed by consulting stakeholders. Information integrity is another principle of information governance. It is about giving assurance that data is authentic, accurate and correct. Information organization is about scheduling information in appropriate formats and then transmitting them as and when required. Standardizing formats are maintained throughout organizational system (Khatri and Brown, 2010). Information or records are categorized so that they can be accessed easily and retained within the system. Information security is an important principle of information governance. There are three stages in which information can be secured such as at rest, while using and when information is in motion. Information control states that reports or documents have to be assigned properly in order to retain them for longer time period. This kind of information retention needs to comply with regulatory framework and legal retention periodic structure. Information auditing and monitoring is a key aspect of information governance. Policies are undertaken by organizations in order to evaluate compliance level of team members. This in turn helps to monitor information which is being used in the system. Stakeholder consultation is an essential component when it comes to formulating information governance policies. Those individuals who are closely related information are the ones who know importance of managing information efficiently within organizational system. All business units are generally consulted while developing information governance policies (Kooper, Maes and Lindgreen, 2011). Continuous improvement is one of the critical factors in information governance. Information governance programs are not regarded as one-time program but are an ongoing process. They are reviewed in due course of time so as to eradicate all possible gaps. This even includes any form of changes within technological usage, business strategy and business environment. Record keeping policies of an organization are firstly scrutinized and later new policies or procedures are incorporated so as to secure wide set of information. How Information Governance Information governance structure plays a significant role in development and retention of valuable information. Information lifecycle management is an innovative strategy which is used to align information technology infrastructure with business environment. There are four different aspects of this model such as ILM stage, information value, storage architecture and storage issues or concerns. Figure 5: Information lifecycle management (Source: Tallon and Scannell, 2007) As per figure 5, information life cycle management stage indicates the type of storage architecture or storage concerns that needs to be taken into consideration by an organization. All the stages of this model are required in order to manage information (Rolfe, 2015). National Health Service has been able to develop appropriate information governance structure. The national standards of NHS are currently being modified in order to address set objectives. These standards are related to information provision available to patients, information confidentiality or security, record management and information quality. The information governance policies of NHS encompass clinical care values. These values are basically in terms of good quality records, improved standards and reliable information. Credible information denotes efficiency level of clinical care processes. Governance approach of NHS aims to establish a linkage between standard approach and individual governance initiatives. The key governance initiatives are specific governance responsibilities undertaken by NHS staff, reduced litigation bills and incident rates, NHS systems’ integration, partnership of trustworthy information and development of performance indicators. Information governance is not just a framework for NHS but it is rather a comprehensive approach to develop interdependencies between clinical and corporate governance. The high level objectives of such governance structure are well represented in figure 5. Figure 6: IG objectives of NHS (Source: Donaldson and Walker, 2004) The high level objectives of this organization can be categorized into five aspects. These aspects are Held, Recorded, Obtained, Shared and Used. It is also denoted as HORUS approach. There is flexibility within information governance structure of NHS organizations. This helps to monitor effect of initiatives being undertaken by an organization. NHS has set plans for modernizing its information technology infrastructure. There are certain factors which should be delivered by NHS governance framework. They are standards, arbitration in context of deciding information ownership, extended support for organizations which work within governance framework and regulation exhibited through performance monitoring. Governance programs are structured as per local needs of NHS organization (Smallwood, 2014). These programs are based on reporting requirements of NHS organizations and should be well aligned with Controls Assurance. Corporate policies are to be followed by NHS organizations which are framed by top management. A wide range of policies are covered such as data protection, record management, information security management, data quality and confidentiality. The new policies which are being framed by NHS organizations shall consider factors like corporate scope, attainment targets, reporting structures, accountabilities, job roles, protocols or standards, human resource policies, effectiveness of monitoring arrangements, etc. NHS organizations are also planning to include central support services. This kind of support services shall facilitate helpdesk services particularly to NHS organizations. It would help in analyzing and monitoring effectiveness of strategic initiatives. Monitoring and validation of data shall enable NHS to meet future needs and develop necessary mechanisms to address such needs. Information governance can be considered as a combination of practices and capabilities (Donaldson and Walker, 2004). Practices are usually of three types such as structural, relational and procedural. Procedural practice is related to aging of information. It is based on cost management, information valuation, archival, data migration, cost recovery, etc. Bottom-up and top-down approaches are encompassed within procedural practices. Structural practice is all about setting locus of decision making related to information technology. Other high level of monitoring groups is also included in this practice. Relational practices are inclined towards knowledge sharing, conflict resolution and education. Implications for Organizations and Individuals Information governance is required to control and manage information. This control is necessary so as to ensure that stored information is not violated. Regular compliance and lower risk levels are facilitated through information governance. This enhances accessibility and quality level of information. Information security measures are implemented to safeguard information which holds high business value for an organization. Information is third most valuable asset for a business organization. Corporate strategies are based on such collected information. Information explosion might lead to ineffective strategy formulation. Information governance program is beneficial for organizations. This structure helps an organization to easily locate complete and productive information. Standardized format is developed through corporate governance framework. The corporate taxonomy format encompasses common terms, hierarchical relationships and document types (Smallwood, 2014). Information erosion can be well addressed through information governance. When an organization relies on its information base it has to undertake appropriate security mechanisms. Information misuse can be stopped only on the basis of information governance (Tallon, Ramirez and Short, 2015). Data breaches are also stemmed with the support of this innovative technique. Often organizations witness data reliability issue. There are circumstances when it becomes difficult for organizations to choose amongst available information. Confidence level in context of information management is enhanced through this information governance structure. This structure provides reliable information to organizations which can be used to address short term as well as long term objectives. Hence information governance does not only give assurance to organizations but also facilitates validity, quality, integrity and accuracy. Sustainable competitive advantage can be accomplished only through information governance. It supports an organization to access wide set of information and utilize most essential one (Abu-Musa, 2010). Information cannot be controlled in absence of such framework. In case of individuals, only limited set of information is accessed but large volumes of data are handled in business organizations. Later thus require a regulatory framework to check inflow and outflow of information. Conclusion This paper has clearly revealed various aspects of information governance. Importance of information governance within organization has been mentioned in this paper. There are three parameters addressed in the study such as – why information governance is required, what is information governance and how it can be implemented within a system. At the end of the study, implications of this kind of framework are also mentioned. Information explosion resulted due to increasing percentage of literate people. There are large volumes of data being created and transmitted by individuals annually. Exploitation of information has led to increased need towards security measures. Information governance facilitates usage of information with confidence along with retention of competitive advantage. An intelligent organization is totally based on the concept of information governance. Information governance encompasses the approach of IT governance, which in turn includes the structure of data governance. Information life cycle management portrays certain stages through which data can be managed. References Abu-Musa, A. (2010). Information security governance in Saudi organizations: an empirical study. Information Management & Computer Security, 18 (4). Beath, C., Fernandez, I. B., Ross, J. and Short, J. (2012). Finding value in the information explosion. MIT Sloan Management Review, 53(4). Benkler, Y. (2006).The wealth of networks: how social production transforms markets and freedom. London: Yale University Press. Donaldson, A. and Walker, P. (2004). Information governance—a view from the NHS. International Journal of Medical Informatics, 73(1). Hagmann, J. (2013). Information governance – beyond the buzz. Records Management Journal, 23 (3). Hulme, T. (2012). Information governance: sharing the IBM approach. Business Information Review, 29(2). Khatri, V. and Brown, C. V. (2010). Designing data governance. Communications of the ACM, 53(1). Kooper, M. N., Maes, R. and Lindgreen, R. (2011). On the governance of information: Introducing a new concept of governance to support the management of information. International Journal of Information Management, 31(1). Lemieux, V. L., Gormly, B. and Rowledge, L. (2014). Meeting Big Data challenges with visual analytics. Records Management Journal, 24 (2). Rolfe, O. (2015). Information governance for enterprise social software. Business Information Review, 32(1). Smallwood, R. (2014). Information governance: concepts, strategies and best practices. Hoboken (NJ): Wiley. Tallon, P. P. and Scannell, R. (2007). Information life cycle management. Communications of the ACM, 50(11). Tallon, P.P., Ramirez, R. V. and Short, J. E. (2015). The information artifact in IT governance: toward a theory of information governance. Journal of Management Information Systems, 30(30. UNESCO. (2014). EFA global monitoring report – 2013–2014. Paris: UNESCO. Wacks, R. (2010). Privacy: a very short introduction. Oxford: OUP. Read More