Big Data and The Crucial Need for Information Governance

By Robert Smallwood posted 08-08-2014 16:36


Think Big Data is here?  Just wait – it’s only beginning.

According to IDC, the digital universe is doubling in size every two years, and will reach 44 trillion gigabytes by 2020. Estimates and projections vary, but it has been stated that 90 percent of the data existing worldwide today was created in the last two years and that every two days more information is generated than was from the dawn of civilization until 2003. That’s a lot of information.

This trend will continue: The global market for Big Data technology and services is projected to grow about seven times faster than the general information and communications technology (ICT) market. And all that Big Data piling up has real costs: The burden of massive stores of information has increased storage costs dramatically, caused overloaded systems to fail, and increased legal discovery costs. Further, the longer that data is kept, the more likely that it will need to be migrated to newer computing platforms, driving up conversion costs; and legally, there is the risk that somewhere in that mountain of data an organization stores is a piece of information that represents a significant legal liability.

What is Big Data exactly? It is a volume and velocity of data that is not able to be managed with today’s commercial database tools. Too big to manage. But there are golden needles in that mounting haystack.

In today’s information overload era of Big Data the ability to distill key insights from enormous amounts of data is a major business differentiator and source of sustainable competitive advantage. In fact, a report by the World Economic Forum stated that data is a new asset class and personal data is “the new oil.” And we are generating more than we can manage effectively with current methods and tools.

Organizations that are able to dispose of “data debris” return more profit to shareholders, reduce their legal exposure, and are able to make more strategic investments in IT.

We have to get rid of some of that irrelevant information sludge to find the gold—much of the information we’re managing has no business value and can be characterized as redundant, outdated, or trivial (ROT). Most all organizations are managing that ROT with the same high-value IT and management resources that they use to manage information that has real business value. This is clearly a waste and misapplication of resources.

According to a survey taken at a Compliance, Governance and Oversight Counsel (CGOC) summit, respondents estimated that approximately 25 percent of information stored in organizations has real business value while 5 percent must be kept as business records and about 1 percent is retained due to a litigation hold. So based on their estimates, roughly 69% of information stored and managed by organizations has no business, legal, or regulatory value.

Even if their estimates are way off certainly a conservative assumption of 30% to 40% ROT information holds true and should cause alarm for executives.

Time to clean house. Enter information governance (IG).

An IG program that manages the retention and disposition of information and focuses on legally defensible deletion can return tangible benefits to stakeholders—and stockholders. Fewer disk drives, fewer tapes, fewer data center operations employees, slower growth in power needs, and reduced e-discovery costs are some of the hard cost savings. At the same time better, cleaner, more accurate information can be provided to knowledge workers to use as a basis for their decisions. Also, legal risk is reduced, since electronically stored information (ESI) that is discarded in a systematic way according to policy cannot be requested in legal proceedings if the policy is standardized, reasonable, and uniformly followed.  And since the organization will organize and manage its information in a proactive way, they can more quickly and completely implement legal holds and find the information that is responsive to a particular legal proceeding.

With a smaller information footprint, organizations can more easily find what they need and derive business value from it. They must eliminate the data debris regularly and consistently, and to do this, processes and systems must be in place to cull out valuable information and discard the data debris. An IG program sets the framework to accomplish this.

Once CEOs get a whiff of what good IG practices can do for them they’ll be like a huffer on a fresh can of spray paint—you won’t be able to keep them away from it. Just imagine: “You mean there’s found money on the table? We can delete a lot of this crap and reduce our costs and legal risks and drop the savings straight to the bottom line?  And we can make better management decisions? Why haven’t we been doing this? Who’s in charge of that?”

Well, therein lies the problem—no one wants to own IG.

Sometimes IG programs are led by an organization’s general counsel, and they may be well-versed in privacy law, but they typically don’t have the technology chops to understand exactly how to apply complex new IG-enabling technologies, and they may not be up to speed on records management best practices. Sometimes IG programs are led by the CIO, who may be well-versed in security and aware of privacy issues, but often CIOs and records managers don’t speak the same language: a “record” means something totally different in the CIO world versus records managers; also, legal research isn’t their job and the general counsel will always have to make those decisions anyway.

So who’s baby is IG?

There is a need for a newly-minted job title to pull all these disciplines together into a cohesive IG program: Chief Information Governance Officer (CIGO).

The CIGO will have to be a top-flight executive who is tech-savvy, legal-savvy, records-savvy, privacy-savvy, security-savvy, and business-savvy. That’s a tough bill to fill.

Because of its requirements, I believe the CIGO should have authority over the CIO, chief security officer (CSO), and chief privacy officer (CPO), and even CFO. The CIGO is very nearly a chief operations officer (COO), and that should probably be who the CIGO reports to, if not the CEO. It is a crucial job that mostly isn’t being filled. But there is a great need for it, and it can demonstrate tangible results.

Whether CEOs and executives truly recognize that they cannot continue to “kick the can down the road” and that they must embrace IG programs as a way of maximizing information value while reducing associated risks and costs will play out in the next few years.

We will see the CIGO job title begin to proliferate as the tasks of IG are simply too diverse and cross-functional to fit the responsibilities into a traditional job title. It’s the only way to address the IG imperative in this era of Big Data.

#BigData #CIO #IG #information governance #Smallwood #e-discovery #CIGO #InformationGovernance