Stop comparing Information Governance to Records Management – Take 2!
A debate is a blogger’s ultimate reward
Judging by the sheer number of retweets, favorites and comments that I had as a response, I seem to have hit a raw nerve with my last posting on the relationship between Information Governance (IG) and Records Management (RM). Feedback is a great source of knowledge for me. Debate is always good for our industry.
Laurence Hart (@piewords to his friends) was kind enough to specifically comment on my article in his blog. I have a lot respect for Laurence’s opinion and always enjoy reading his views, even if we don’t always agree. As it turns out, in this instance, we agree more than we disagree.
There are a few things on my original article that I’d like to clarify though, just to avoid ambiguity, and in the process address some of the points that Laurence makes:
“IG is a discipline, not a tool”, I wrote…
A few people took exception to that. Nobody disputed the fact, but they assumed that I somehow implied that RM is not a discipline, only a tool: something I never said! I take it for granted that everyone, at least everyone reading these discussions, knows that RM is a discipline too. The point I wanted (and obviously failed) to make was very different: The term Information Governance has been hijacked by a large number of vendors (ECM, eDiscovery, Storage, Security, Big Data, etc.) to peddle their wares. I have seen an inordinate amount of marketing atrocities being perpetrated in the name of Information Governance. My point is that the tools will not sort out the IG problem, it requires a different way of thinking. With hindsight, I can see why people misread what I wrote though.
Divorce Information Governance from the discussion of how it is going to be done
This seems to be Laurence’s main contention with my views. Interestingly, I don’t think I said that anywhere in my article either, but it must have been implied somehow. Laurence is right: the WHY and the HOW of IG cannot be divorced, of course, otherwise IG will always remain an academic exercise. The point I was making is that IG needs to have a coherent, consistent and complete overview of the principles behind all information management within the organisation. It is the decision making hub. Underneath that hub there are a number of spoke mechanisms that manage different aspects: RM is just one of them; eDiscovery, Classification, Legal Holds, Privacy & Security, Archiving, Application decommissioning, Storage tiering, Location management, etc., are various others. These should all be driven from a single, unified, coherent and authoritative decision making framework, which is what I see as the role of IG.
Of governments and armies…
Laurence, inadvertently perhaps, came up with a much better analogy of the distance between IG and RM. I created a metaphor liking them to Government and school governors, but Laurence compared them to Government and the Military. A much better analogy! The Military has a very specific and defined jurisdiction for enforcing Government policy and law. It has ultimate planning and execution responsibility for military personnel, but it cannot enforce law on civilians (at least not in most democracies, anyhow…). The Government has responsibility for every law in the country, regardless if it applies to civilians or military. Just as IG has responsibility for all decision making for Information Management, RM has responsibility for enforcing some of the functions on some of the overall Information estate.
“That which we call a rose, by any other name would smell as sweet”
I am not interested in the semantics of where IG definitions overlap with IM or RM, or the delineation between the policies (WHY), the practices (HOW) or the tools (WHAT WITH). My point is that IG and RM are two different, if overlapping, disciplines and that the functions that I defined in my 8 points in the earlier article, must be addressed by a coherent information governance framework which, historically, has not been an area where traditional RM excels. If you prefer to call that evolving business function a “Holistic RM”, “RM Continuum” or “Super RM” or whatever else, I’m not worried about the nomenclature as long as we agree that it needs doing, and that it needs doing properly.
How the other half live…
There was something very paradoxical about the comments on my original article, by the RM community: Inevitably, the experienced, established and professional Records Managers, will object to my simplified definition of RM. They know how much bigger the problem is and most of them have extended their reach and responsibilities to address some of the IG issues within their organisations. Kudos and respect to them. But they see the RM world through rose tinted glasses, because it is the world they have created and influenced.
I, however, am not a Records Manager. I have seen and talked to a lot of organizations where their RM program either does not exist, or is extremely narrow, or very badly implemented, or lives on a folder on a shelf, or a PDF file on the intranet, or manages a spreadsheet fileplan, mapped to a folder structure on a shared drive. Most of these organizations, have an even bigger IG problem: No information disposition program, no unified classification, no automation of anything, no association between security policy and security reality, no mechanisms to address Data Protection, an un-managed email archive that grows exponentially, scores of network drives with debris and “just in case” copies of data, and many many many other issues. These organizations do not have the luxury of a well-established Holistic RM program, or the time to implement one. They have a very real IG itch that needs scratching… And a lot of vendors are quick to exploit that.
In my view, RM will always be a subset of IG. If you understand the bigger scope of IG, and you are already addressing it under an RM moniker, or any other name, then pat yourself on the back. But on the other hand, if you are a CIO looking at IG issues, do not assume that it is RM’s problem to sort out. And if you are a records manager, don’t assume for a minute that your RM world will not go through a radical transformation, if you try to take on the IG requirements, on top of RM.