Maintaining an Information Governance Program and Culture of Compliance*
Maintaining your information governance (IG) program beyond an initial project effort is key to realizing continued and long-term benefits of IG. This means that the IG program must become an everyday part of an organization's operations and communications. It requires vigilant and consistent monitoring and auditing to ensure that IG policies and processes are effective and consistently followed and enforced. If proper controls are in place, IG-infused processes should become a regular part of the enterprise's operations. It also requires an ongoing training and communications program to keep employees apprised of approved processes and behaviors that support IG.
Monitoring and Accountability
Monitoring and accountability require a continuous tightening and expansion of protections and the implementation of newer, strategic technologies. Information technology (IT) developments and innovations that can foster the effort must be steadily monitored and evaluated, and those technology subsets that can assist in providing security need to be incorporated into the mix.
The IG policies themselves must be reviewed and updated periodically to accommodate changes in the business environment, laws, regulations, and technology. Program gaps and failures must be addressed, and the effort should continue to improve and adapt to new types of security threats.
That means accountability: Some individual must ...