The Four Corners of Executive Support for Information Security and Governance

So you’ve got a plan to manage your organization’s content. You’re going to save millions of dollars, reduce information security risk, improve the work/life balance of every employee, and in your spare time take a shot at world hunger. There’s only one problem: You don’t have the support you need to implement your plan.

Yes, you’ve gotten your Chief’s support in moving the IG program forward, but now you find you can’t even get into first gear with a project. It seems like no matter how eloquent your pitch or how obvious the benefits, the funding just isn’t there.

It’s a predicament that’s all too common in the information governance (IG) world.

The likely reason your plan isn’t getting funding is that you haven’t nailed down the four corners of executive support network you need for a successful IG initiative. These four corners are InfoSec, IT, Operations, and Legal, and you need them on board to build out your four corners. Your goal is to show these people how your IG program solves a problem for each of those folks-—and the higher they are in the organization, the better.

  • Information Security: InfoSec is your natural support partner, charged with protecting the organization’s sensitive information assets—whether personally identifiable information (PII), personal health information (PHI), or intellectual property (IP). Historically, the solution was to build big, expensive walls around everything, because identifying the “crown jewels” was difficult and expensive, if not impossible. But now the technology is available to identify these assets, and your IG program can use it to help identify the sensitive data within the organization and define with Information Security where the castle walls should be built, versus where a fence is sufficient.

  • Legal: Another natural partner, especially if yours is an organization with multiple litigations in flight and large e-discovery budgets. Let’s face it: IG is called out directly in the E-Discovery Reference Model (EDRM), and the Federal Rules of Civil Procedure (FRCP) now give cover to organizations with consistent IG programs. Show Legal how your IG program can help them, from early case assessment to full-blown e-discovery, by producing only what your organization must produce and by keeping only what it must keep, all in a defensible, repeatable manner.

  • IT: For your CIO, the costs of infrastructure and storage are likely skyrocketing, with little end in sight. Your IG program is a way to help flatten the growth curve of costs and help bring more stability to the overall environment. Also, your IG program is going to require tools; you’ll be needing IT to help you install, configure, manage, and support those tools. The relationship becomes a true partnership, beneficial to both.

  • Operations: In many cases, Ops is the largest and most “content-challenged” division in the business. In a study Doculabs conducted for one organization, we found that $2 million was lost annually per every 500 knowledge workers, the result of lost or inaccurate content and the associated rework. Helping redirect that lost time to higher-value work can make a real impact for the COO.

These four cornerstones—the Chief Information Security Officer, the General Counsel, the CIO, and the COO—will become your champions across the organization, giving you the visibility you need to lead a successful IG program. With all four of these players on board, you now have a cross-functional governance council that can direct your strategy and roadmap for years to come.

Here at Doculabs, we have years of experience building these relationships, articulating the vision, and creating the strategy and roadmaps that speak to the goals of each of these division leaders. For more information, check out our Program Governance and Strategy and Roadmap services.

Rich Medina
Matt McClelland
I’m a Principal Consultant at Doculabs, with expertise in file analytics, taxonomy, litigation research, and enterprise search.