Question

Principles and characteristics of a successful IG program. Please identify these Principles and select one that you feel is the most important and explain, in your own words, why you feel this principle is the most important.

Answer 1

important principles and characteristics of successful IG program :-

1) Information integrity. This area considers the consistency of methods used to create, retain, preserve, distribute, and track information.good IG practices include data governance techniques and technologies to ensure quality data. Information integrity means there is the assurance that information is accurate, correct, and authentic. IG efforts to improve data quality and information integrity include de-duplicating (removing redundant data) and maintaining only unique data to reduce risk, storage costs, and information technology (IT) labor costs while providing accurate, trusted information for decision makers.

2) Information policy development and communication. Clear policies must be established for the access and use of information, and those policies must be communicated regularly and crisply to employees. For instance, policies for the use of email, instant messaging, social media, cloud computing, mobile computing, and posting to blogs and internal sites must be developed in consultation with stakeholders and communicated clearly. This includes conveying clearly to employees what the consequences of violating IG policies are.

3) Information organization and classification. This means standardizing formats, categorizing all information, and semantically linking it to related information. It also means creating a retention and disposition schedule that spells out how long the Information (e.g. e-mail, e-documents, spreadsheets, reports) and records should be retained and how they are to be disposed of or archived. Information, and particularly documents, should be classified according to a global or corporate taxonomy that considers the business function and owner of the information, and semantically links related information. Information must be standardized in form and format.

4) Information security and privacy.  It deals with means implementing measures to protect information from damage, theft, or alteration by malicious outsiders and insiders as well as non-malicious (accidental) actions that may compromise information. For instance, an employee may lose a laptop with confidential information, but if proper IG policies are enforced using security-related information technologies, the information can be secured. This can be done by access control methods, data or document encryption, deploying information rights management software, using remote digital shredding capabilities, and implementing enhanced auditing procedures. Information privacy is closely related to information security and is critical when dealing with personally identifiable information (PII), protected health information (PHI), and other confidential or sensitive information.

5) Information accessibility. Accessibility is long-term digital preservation (LTDP) techniques . Accessibility must be balanced with information security concerns. Information accessibility includes making the information as simple as possible to locate and access, which involves not only the user interface but also enterprise search principles, technologies, and tools. It also includes basic access controls, such as password management, identity and access management, and delivering information to a variety of hardware devices.

6) Information control. Document management data management, and report management software must be deployed to control the access to, creation, updating, and printing of data, documents and reports. When information is declared a business record, it must be assigned to the proper retention and disposition schedule to be retained for as long as the records are needed to comply with legal retention periods and regulatory requirements. Also, non record information must be classified and scheduled. And information that may be needed or requested in legal proceedings must be preserved and safeguarded through a legal hold process.

7) Information governance monitoring and auditing. To ensure that guidelines and policies are being followed and to measure employee compliance levels, information access and use must be monitored. To guard against claims of spoliation, use of e-mail, social media, cloud computing, and report generation should be logged in real time and maintained as an audit record. Technology tools such as document analytics can track how many documents or reports users access and print and how long they spend doing so.

8) Continuous improvement. IG programs are not one-time projects but rather ongoing programs that must be reviewed periodically and adjusted to account for gaps or shortcomings as well as changes in the business environment, technology usage, or business strategy.

9) Executive sponsorship. No IG effort will survive and be successful if it does not have an accountable, responsible executive sponsor. The sponsor must drive the effort, clear obstacles for the IG team or steering committee, communicate the goals and business objectives that the IG program addresses, and keep upper management informed on progress.

by reading above principles we can understand why those principles are important for successful IG program.