We don't need no stinking governance

By Bob Larrivee posted 03-11-2011 09:49


I am still amazed that so many folks feel there is no need for an “official” governance practice when we have so much technology to handle all of our needs. I know this sounds like I am an old fogey and perhaps I am, but the plain fact is that without governance, business organizations are at risk and dependence on technology alone is not the total answer. It reminds me of when my daughters were young and asked me why I work. When I answered I work to make money, they asked why don’t you just go to the bank machine and get your money there? They thought that the bank machine, technology, took care of providing the money without understanding that without working, there would be no money.

 Many of my good friends in the legal profession tell me that they consider the technology being used for information and records management is a tool to help establish and maintain a level of compliance and is not a total solution. They also say that if the technology in place is installed and maintained to manufacturer specifications, it is difficult to attack in litigation. As a result, what they focus on first, before technology, is the business operational and record keeping practices. They will look for inconsistency and if they find it, they can raise enough doubt in the integrity and accuracy of all information and records within the business repositories. What they will look at is the overall governance and adherence to capture, manage, store, preserve and deliver information and corporate records. Are records defined, declared and managed consistently? Is there a documented capture and declaration process that is used consistently across the organization?     

In my view, this is an area of business that is misunderstood, placing many organizations at risk. As an organization, you are required to operate within a set of regulatory or industry guidelines and if you fail to do so, the consequences can be quite severe. Industries like finance, insurance and healthcare for example, have very well defined regulations dictating what is required of businesses in relation to information and operations. The question is how well do you meet these requirements and are you in a state of compliance or risk? The only way to address this is by establishing and implementing a sound governance policy.

I have heard some folks say they are willing to take a chance and deal with the consequence if the need arises. As an investor, this is not what I would want to hear. If you are not sure where to begin, seek training from a professional association like AIIM or get professional assistance from a qualified consultant. The bottom line is you need to prepare and protect your business as best you can and the best way is to focus, develop a plan, train your employees on what is required, and monitor to ensure adherence to your policies.

What say you? Do you have a story to tell? What are your thoughts on this topic? What is on your mind? Do you have a topic of interest you would like discussed in this forum? Let me know.


Bob Larrivee, Director and Industry Advisor – AIIM

Email me:   

Follow me on Twitter – @BobLarrivee


#documentmanagement #benefits #Records-Management #BPM #emailaddress #imaging #governance #litigation #ERM #emailarchiving #emailmanagement #AIIM #businesscase #SharePoint #ECM #E-mail #ContentManagement #paperlessoffice #enterprise2.0 #e-discovery