Nothing hurts a startup, small company or non-profit more than diverting precious resources, people, and time from their organization’s purpose. One part of the CIO’s role for small organizations is to help the team grow more efficient, and another is to secure the information that powers their work. How do we reconcile the need to stay nimble and efficient with the need to protect and manage our growing data and complex information through well-thought-out policies and their enforcement? The answer is to simplify the face of information governance to the rest of the organization.
The most important document for information governance is the information architecture of an organization. An information architecture makes visual and schematic the relationships between people, processes, and technologies. This is why it can become so complex — and for good reason, since even a small team can have knotty problems to solve. For example, understanding and clarifying the levels of permissions or confidentiality that apply to different data for different people in the organization takes some careful thought. Another example is how to map the technology and applications that support day-to-day operations to the core business processes: Between email, shared documents, calendars, forms, financial and accounting software, sales tracking, phone lines, and even the computers and other devices in use every day, which ones should trigger what actions, from whom, and how will those be held accountable for their impact on the company? Keeping things simple in the information architecture can quickly become a challenge of its own, when these details begin to emerge.
The way to keep information governance simple is not to draft complex policies once and then ignore them. It is not to sketch out an information architecture map on the back of a napkin once and then throw it in a folder somewhere in the back burner. It is certainly unhelpful to chronically change the core principles on which an organization stands. No, the key to simplifying information governance is to create living documentation, reflecting honest dialogue between executives and IT leaders, that is continually refined. The test is: can someone begin work with the organization on their first day, see the information architecture and the governance policies, and understand how they support the team’s purpose? If a true beginner can identify their place in the organization based on these living documents, then the information governance is sound.
(shamless plug?? e.g. To discuss your own information governance issues with our CIO and CTO level advisors, contact Anant…)