[00:00:01] Speaker A: Hello. Thank you for joining us. Welcome to what Counts, the podcast where we dive deep into the world of information governance. Here we highlight proven solutions developed through our experience working with companies across various industries, and we talk about how these solutions could apply to your company.
Whether you're interested in information governance, have a need, or just curious to learn more about information management challenges like email management, retention management, or asset data management, this podcast is for you. This is Lee, and in this episode, Moore and I will use the Fact or fiction format to bust common myths around information governance, otherwise known as ig.
What it is, what it isn't, why it's not just a dusty binder on a shelf.
Good with that, Maura.
[00:00:52] Speaker B: I'm ready.
[00:00:53] Speaker A: All right, let's get started. Fact or fiction? IG is just records management.
[00:01:00] Speaker B: I'm gonna say that it's fiction.
[00:01:03] Speaker A: There you go.
Yes. And why is that?
[00:01:08] Speaker B: Records management is kind of an old term. It's an old term, it's an original term and it carries with it the connotation of final documents being managed in a sort of semi active state. That's how I would see it. But when you talk about information governance, we're really talking about privacy, data security, retention and disposition, legal holds and lifting those and then getting even deeper into metadata access controls, data sharing, master data management. A lot of things that came along really came into their own more as we got deeper into electronic data, electronic records, and not just paper documents or even just electronic documents. So information governance has definitely grown over the years.
[00:02:02] Speaker A: I think you're absolutely right. I mean, the dusty binder comment was not, you know, for nothing because records management typically lends itself to papers in a box and warehouse type of thing.
[00:02:15] Speaker B: Yes. I remember one client who told me that he had a special place for all of my. All of the records management information that we gave him. It was in the bottom drawer of his desk behind the visitor chair. And he couldn't get at it, so he didn't seem to think it applied to him.
[00:02:35] Speaker A: All right, how about this?
Information governance is it's job.
[00:02:43] Speaker B: Yeah, that's interesting.
I think you are right, it is fiction.
And I think nobody in an IT department would ever say that.
But I think you're right that parts of other parts of the business do think it. They really do just say, well, it will take care of that. And then it does not take care of that because it's not their job at all.
So that could be a real miss. If you don't have the conversations, if you don't actually get People together to talk about the fact that information governance is really cross functional. You have your data creators and users that are coming from all parts of the business.
You have legal and compliance and privacy that are bringing in the kind of the risk approach, the risk and protection pieces like this data is sensitive and we need to take care of it compliance.
You have to be able to demonstrate that you're compliant with appropriate regulations, applicable regulations. And so they have a role in it. And then it may be the holders of things, but really they are, they're responsible for the platform, they might be responsible for the system. You know, I think you could, if you wanted to take that analogy from our dusty box or dusty binder, like the, the IT department is sort of the modern day facility manager. They're making sure that you have a safe and secure place that holds your data and a safe and secure way to access your data.
But they don't have anything to say about what data you've got there or how you're going to use it.
[00:04:32] Speaker A: Yeah, and I think the, the example that we've used a couple times before is when the CEO really took information governance to heart and said that he was cleaning his own inbox. This is how you should do it. He was putting out videos to show people how serious they were. And that just goes to show that it has to come from the top down and everybody should be involved.
[00:04:56] Speaker B: That was one of the best examples we've had in terms of client culture around information governance. It wasn't a small company because of course in a small company like ours, the CEO does have to pay attention to information governance. But that company was a growing company. They were growing very fast and they were splitting off from another organization.
The CEO was hands on and said, this is everybody's responsibility. We all need to create the data, we need this, we need to organize it. He did have a lot of issues with the way SharePoint was set up because he said he could never find anything and he made the video and he set the example of cleaning out his own email box before we did the transition so that everybody else couldn't get away with an excuse of, oh, that's not my job, it will take care of it.
[00:05:46] Speaker A: Yeah, good.
All right, so we've talked about starting up a company and having a company and we did some other episodes on this. So this kind of, this question comes from that, Eric, and that's we'll deal with governance when we scale, when we get bigger. Right? We're too small to deal with governance right now. So Is that a factor of fiction?
[00:06:11] Speaker B: I'm gonna say that could be both.
[00:06:13] Speaker A: Okay, come on.
[00:06:16] Speaker B: You're going fiction on that. Well, tell me why you think so.
[00:06:20] Speaker A: I again, it's everybody's job. It needs to start from the beginning.
I think our last episode, I talked about how I set up the process to capture some of our courses. Right. And that's just a folder structure that changed over time. And if we didn't go through the motions of making it, changing it, correcting and keeping it up to date, you get lost. And so go ahead.
[00:06:49] Speaker B: Absolutely. So I think that the reason I went with could go either way, is it's better to do it first for sure. It's better to do your IG when you start because it gets harder very fast.
Last episode when we were talking about the information life cycle and how to keep up with it, that was a. That was a very quick example of what went wrong.
The reason I said maybe it could be a fact is because you do have a little bit of time because you're not going to run into probably in your first year.
I'm going to go out on a limb and say year you're not going to run into.
You need to destroy something.
None of your records will have hit a destruction date. Hopefully you won't get sued in your first year and have to worry about a legal hold.
If you do, you got other issues.
And then you're also. Even though this, this old adage of when you start a company, prepare for the exit, something I never understood until very recently, you still have a year to. You got to figure stuff out, the things you think going in. And if anybody wants to refer back to our arc on how to start a small business, the difference between what we knew when we started and what we knew after a year when was huge. And now, you know, we're 13 years in and we're learning a whole lot of new things this year as we spin off a new company.
So I'm going to say that it's. It is absolutely true that the sooner you set up your information governance, the better off you are because it's not going to get easier. But I do want to give people a little bit of leeway on, make it part of your kind of year one goals, that by the end of year one you will have at least a preliminary plan for dealing with your information.
[00:08:52] Speaker A: And do you tagle it all at once? In other words, can information governance be modular and scalable?
[00:08:59] Speaker B: I don't think there's any choice. But all at Once, honestly. So I'm going to say that's a fact. It's modular and scalable. Because if it's not, you're just lying to yourself or you will never do it.
So either it's got to be modular and scalable because your business is going to change, your technology is going to change, you have more people involved as you grow. And so you have to keep moving your information governance program forward. You have to keep assessing it and improving it over time. If you wanted to try and plan the perfect IG program from day one, I believe you would never start anything.
[00:09:43] Speaker A: Okay.
And is there any, is there ever an opportunity where you don't need information governance? You know, for instance, we don't need ig, we have cyber security.
[00:09:56] Speaker B: So when I, when I, when you gave me that one as a, as a heads up, I laughed to myself because it's just like, we don't need ig, we just keep everything forever. Storage is cheap. We'll just keep everything forever. We have cyber because we're not on the Internet and we, everything is, you know, protected, something like that.
I just think like those are so completely different, those are solutions to completely different problems. Right? The storage cost problem is about managing spend. The cybersecurity problem is about protecting your, your important information from outside tampering. It has absolutely nothing to do with all of the other goals of information governance. The other goals of information governance, I think are the more important ones, which are to be able to create and access and use the information that you need to run your business, whatever business it is. There's information involved. And I know you, you get tired of my bakery example, but it's a real example.
There's, there's recipes, those are important.
There's supplier, you know, contracts and invoicing and all of that. There's tax records. So whatever business you're in, there's going to be some level of information and you need to manage it.
Many years ago when I was a bookstore manager, we had a process every week and this was long enough ago. Everything was not electronic. We did not transmit any sales to the headquarters. I had to print out various copies of the credit card Z report and the cash register balancing sheet at the end of the day.
And I had to keep one copy of all the receipts, just the, this, these rolled up coils of receipts that we kept in boxes in the back room.
And they were the back, they were the backup, right? So I sent, the main ones got sent to headquarters once a week, but the backup ones lived in that back room until that store got torn down.
So the process changes for sure. But that information governance aspect of being able to show what your business is doing, cybersecurity alone does not get you anywhere near that.
[00:12:27] Speaker A: Okay, so I'm going to change the next one because I'd honestly like to hear your opinion on where information governance should reside in an organization more than making it a fact or a fiction piece.
[00:12:43] Speaker B: This is such an interesting question. There's never a good answer, but I mean, there are a lot of good answers. So I think it might depend on the industry. Let's start with the industry, because I think that in a.
I used to always say it should be in compliance, but that is because the industries I was working with then for many years were very compliance focused.
So insurance, healthcare, finance, it's a lot of compliance activity.
All of the records created and used by the company, nearly all of them supported compliance activities.
So in those industries, I think that compliance is a great place for it to be because it's the closest to the creators and consumers of the information.
But now we've worked for a lot of. We've worked for many other industries.
And so, for example, in infrastructure organizations, I think the bulk of the record creator, the data creator, and consumers. Creators and consumers are in the operations side of things.
And I like to have them be responsible.
The problem is you get bigger and bigger companies and you have blocks of creators and consumers, and people don't want to manage things outside of their own world because they have enough to do.
So then, okay, let's take it a step back to the executive leadership team. And how do we divide that up in this case? In those cases, I think legal is a good place for information governance to sit down. Because Legal crosses over kind of the back office and the compliance pieces, they often own those. And then the operational side of things, they have a role there that's both facilitative, helping move the business forward, and protective, protecting the business from risk in the operational space.
So then it comes down to, okay, if you have Legal as the leader and sort of the owner of your IG program, what kind of relationships does Legal need with those other departments to make this work? Because for most organizations that are bigger than a handful of people, this is going to be a partnership.
Someone needs to own it in order to keep things on track.
But everybody needs to have a stake in it to make sure that their concerns are represented and their ideas are taken into account.
[00:15:39] Speaker A: Good answer.
[00:15:41] Speaker B: Thanks. I've thought a lot about it.
[00:15:44] Speaker A: Okay, we're at 15 minutes. Should I do the last two or should we hold on to those?
[00:15:52] Speaker B: Yeah, let's hold on to them. Okay.
Let's hold them for the. For another.
Another episode.
[00:15:59] Speaker A: All right. Do you have any closing thoughts?
[00:16:02] Speaker B: I. So it's. It's funny that we started. You came up with this idea of fact or fiction, and I was not sure where we were going to go with it. But in fact, these myths of information governance are something we spend a lot of time sort of debunking in the world.
[00:16:21] Speaker A: Right.
[00:16:21] Speaker B: When. When we talk to potential clients, potential.
[00:16:25] Speaker A: Partners, and you say, what do you do? We do information in our family.
[00:16:28] Speaker B: Exactly.
[00:16:31] Speaker A: What is that?
[00:16:32] Speaker B: Yeah, that people really have a lot of. A lot of strong opinions about what information governance is. And in fact, they're almost all wrong.
So I hadn't really thought about the. I. I've said before how, you know, we. I picked Records Management and now IGN because I like to do things the hard way. I like a challenge. But I didn't realize until. Until I saw this. This collection of things you came up with.
Yeah. How much of my time I spend telling, like fighting for recognition that this is important and that these myths are wrong.
[00:17:15] Speaker A: Yeah. It's a bummer.
[00:17:17] Speaker B: Yeah. It can be.
Certainly breaks. Should be creative to come up with new ways to talk about it.
[00:17:25] Speaker A: Yeah. So I like this saying here. It says, governance isn't a checkbox, it's a compass.
I like that, too. We always often say it's a journey. Right. Well, here. Yeah, we do use your compass.
[00:17:36] Speaker B: We do say that. Okay, so a compass. I like that. Yeah, it's definitely not a checkbox.
If you take nothing else away from this episode, you it's ig is not a checkbox.
[00:17:49] Speaker A: Yeah.
If you have any questions, please send us an
[email protected] or look us up on the web at www.trailblazer.us.com.
or you can look at the Trailblazer Learning Academy, which is trailblazer learningacademy.com thank you for listening and please tune into our next episode. If you like this episode, please be a champion and share it with people in your social media network or like and subscribe to our podcast. That would be appreciated as well. As always, we appreciate you, the listeners. Special thanks goes to Jason Blake, who created our music.
[00:18:29] Speaker B: Thanks, everyone. Come back for the next episode and find out more about the fact or fiction related to information governance.
[00:18:37] Speaker A: Excellent.
