Maintaining your information governance (IG) program beyond an initial project effort is key to realizing the continued and long-term benefits of IG. This means that the IG program must become an everyday part of an organization's operations. This requires vigilant and consistent monitoring and auditing to ensure that IG policies and processes are effective and consistently followed and enforced. Using audits and the proper controls should become a regular part of the enterprise's operations.

Monitoring and Accountability

This requires a continuous tightening down and expansion of protections and the implementation of newer strategic technologies. Information technology (IT) developments and innovations that can foster the effort must be steadily monitored and evaluated, and those technology subsets that can assist in providing security need to be incorporated into the mix.

The IG policies themselves must be reviewed and updated periodically to accommodate changes in the business environment, laws, regulations, and technology. Program gaps and failures must be addressed, and the effort should continue to improve and adapt to new types of security threats.

That means accountability—some individual must remain responsible for an IG policy's administration and results¹—perhaps the executive sponsor for the initial project becomes the chief information governance officer (CIGO) or IG “Czar” of sorts; ...