Recommind has released the findings of independent research into policies adopted for Information Governance (IG) in the United States and United Kingdom. The surveys were designed to discover what companies currently have in place to govern their growing data reserves and determine if these practices are effective at mitigating risk and compliance issues.
Information Governance is a cross-departmental approach to optimising the value of information while simultaneously managing associated risks and costs. In the UK, 75% of organisations claim to have a policy in place to manage their data, and almost half (49%) rely on end-users to self-categorise their own information. Findings from the US show that 58% claim to have an IG policy in place, and 64% say that their practices are only ‘somewhat effective’ and over half (52%) rely on end users to manage their own data.
Dean Gonsowski, global head of information governance at Recommind, comments, “It is this over-reliance on employee based governance that is giving organisations a false sense of security. While it’s positive that organisations recognise the need for information governance, many are still not taking the requisite steps to truly govern their information in a proactive manner. In fact, many are still in the dark about governance and don’t have a full sense of the data deluge they are currently facing.”
While companies clearly understand the risks posed by their information, many are over-reliant on employees to manage their own data, and most are not tackling the issue head-on to proactively reduce risk. Of the US organisations that were surveyed, 82% agreed that some form of auto-categorisation and tagging of data is a key component of effective information governance and 86% agree that auto-categorisation needs to be based on content not just keywords.
Of the UK organisations surveyed, only 24% know how much data their company holds and it takes an average of three hours for employees to retrieve specific information – this is before they are able to begin managing and analysing this data, as well as understand the risk it holds.
Gonsowski adds, “Systems and tools are now available that can drive auto-categorisation of data coherently and comprehensively, removing reliance on individuals and eliminating the inherent inefficiencies. These technologies tackle large data volumes across systems and geographies, examining unstructured as well as structured data, all while giving companies better precision and recall. Enterprises are increasingly turning to data management tools and services that provide rapid indexing, search and granular categorisation capabilities to ensure measureable information governance.”
In addition to helping organisations proactively mitigate risk, information governance also enables businesses to respond quickly and accurately when faced with eDiscovery requests. In the US, 86% of respondents agreed that such a robust information governance program would reduce eDiscovery risks and 73% said it would reduce eDiscovery costs. Additionally, 55% felt that such processes would reduce the amount of organisational data.
Attorney David Horrigan, an information governance analyst at 451 Research suggests, “As businesses store and hold more information across different systems, platforms and jurisdictions, they are leaving themselves open to legal liability and business risk. There is a massive gulf between what companies are doing and what they should be doing in order to keep their data safe, yet accessible. Businesses must move to an automated process that manages all enterprise information and ensures the right data – and only the right data – is kept for legal, regulatory and business requirements.”
Horrigan concludes, “Not having a proactive IG policy leaves companies open to substantial fines, litigation risk, security breaches and compliance issues. This research shows that there are still too many organisations exposed to these unnecessary risks. Robust information governance principles, supported by proven technology, can help alleviate these concerns and increase efficiency, saving time, money and resources.”