Introduction to Information Governance (IG) and Certification
Business leaders may be aware of the importance of information governance. But are they taking a proactive approach to implementing it within your organization?
Consider your company’s processes for your financial management and human resources departments. More than likely, these areas have processes in place to run your organization’s operations like a well-oiled machine. Do you have a similar process in place for governing your information assets? If not, this is where you, the information governance professional, come into the picture.
What is Information Governance (IG)?
According to Gartner, information governance (IG) is “the specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving and deletion of information. It includes the processes, roles, policies, standards, and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.” Essentially, the critical component is to ensure the proper management, protection, and retention of information assets to accomplish its primary objectives.
Why is Information Governance Important?
Information governance is more important than ever due to the myriad of risks associated with business assets. These risks include the mishandling of data, attacks, the loss of information, and cybersecurity attacks from cybercriminals and foreign governments.
With endless volumes of data to manage, organizations face the tireless challenge to stay compliant with federal and state regulations. With some of the most noteworthy data breaches occurring in 2018, risk heightens as data volume increases yearly. Needless to say, information governance is crucial to business nowadays.
Tackling Information Governance
So how do you ensure your IG program is running well? More importantly, how do you know you’re addressing your organization’s needs while protecting its assets? Here are some tips to keep in mind when implementing your organization’s IG strategy:
- Don’t get lost in the details – With so many terms for information governance out there, such as data governance, records management, information security, etc., it’s easy to get sidetracked. Stay focused and don’t obsess over the terminology.
- Speak up – Your organization may already have information governance incorporated in its IT department. However, your business needs individuals outside of IT, like you, to execute a comprehensive IG program.
- Find the right framework – All businesses have different needs, so find a methodology that works best for your company. Additionally, promoting the program’s benefits helps to create buy-in from all team members.
- Cover all the basics – Consider the “who, what, where, when, how, and why” in all your business processes, keeping in mind vendor accountability. Remember to map out how the application accesses PHI and PII and who has access to it to determine gaps.
- Make IG part of your infrastructure – An all-hands-on-deck approach is essential to implement your IG program and get the needle moving. From onboarding, employment, evaluations to exits, be sure to infiltrate information governance in your employee lifecycle and business processes.
- Keep testing – External testing of your network identifies opportunities for improvement and areas exposed to potential risk. With the ongoing measurement of your IG policy, your company will avoid noncompliance and costly legal fines in the long-run.
- Take the lead – When it comes time to implement your IG strategy, lead by example to show others your commitment to the program’s successful rollout. After all, you play an essential role in helping it reach its full potential.
By becoming a certified information governance professional (IGP), your career and organization will benefit substantially. Not only will your company be assured your practitioners, vendors, and consultants are aware of IG best practices, but that the vital components are present to develop and maintain an effective RIM program.
There are several certifications available, so it’s important to choose a certification that meets your organizational needs and goals. Further, you may pursue multiple certifications to expand your knowledge of IG. Some of the most popular industry certifications include the following:
- Information Governance Professional (IGP) by ARMA International
- Certified Record Manager (CRM) and Certified Record Analyst by the Institute of Certified Record Managers (ICRM)
- Certified Information Professional (CIP) by AIIM
- Certified Information Privacy Professional (CIPP) and Certified Information Privacy Manager (CIPM) by the International Association of Privacy Professionals (IAPP)
- Certified Information Systems Auditor (CISA) by ISACA
- Certified Archivist (CA) by the Academy of Certified Archivists
- Certified E-Discovery Specialist (CEDS) by the Association of E-Discovery Specialists (ACEDS)
- Certified Information Governance Officers Association (CIGOA)
Lastly, it’s worth noting some associations offer certificate programs. Certificate programs are more accessible to complete and don’t require continuing education. For any professional looking to become a key player in your organization’s information governance, becoming certified is the ideal way-to-go.
Outsourcing Your Data Governance Needs
Implementing an information governance program in your organization can be an extensive task to take on. By partnering with a professional information management provider to outsource your records retention requirements, you’ll be enabled to stay on task with your company’s data governance objectives.
At Vital Records Control, we’re here to help you with all your governance and records retention needs. From document storage to document destruction, we design a customized solution to manage your information assets throughout their life cycle with your organization’s goals in mind.
About the author:
Andrew Ysasi, MS, CRM, FIP, CIPM, CIPP, CISM, PMP, IGP is the Vice President, Advocacy of Vital Records Control, and President of IG Guru®, an IG news organization to ensure relevant IG news is shared with the IG community.