Gartner defines information governance as:
"the specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving and deletion of information. It includes the processes, roles and policies, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals."
In a nutshell, information can be one of our greatest assets - the fuel that drives our business and its processes. But, it can also be a liability. Information Governance takes into account that in today’s business environment, mere management is not enough. Regulatory compliance and legal requirements – combined with the enormous growth of information has created the need to go beyond management and implement information governance.
There are a host of governance categories that need to be addressed as you build your information management strategy. Below, we'll cover the key considerations for some of the top areas in need of governance:
Content governance addresses how content is created, controlled, managed, and identified through the use of metadata, permissions, and templates.
Content governance is probably the most important of all the governance categories. It is concerned primarily with efficiently managing work-in-progress content and records in a consistent manner in order to comply with internal policies and regulations – including litigation-related needs. Content governance controls are designed to ensure consistency across the organization.
Still, another perspective is to recognize that content has a lifecycle within the organization. The same document, or piece of content, can change from draft, to active, to archived, to expired. The actions that can be performed on that content will change from one stage of the lifecycle to the next. Combinations of the above approaches are used to ensure consistency of creation, management, and retention of both work-in-progress content as well as records.
Classification governance addresses content structure and content organization within the enterprise. Classification governance also includes content type definitions and taxonomy and term management.
Classification governance is primarily concerned with how content is organized. The objectives of classification governance are threefold: first, to create classification structures; second, to organize content according to those structures using metadata; and third, to ensure that those classification structures remain consistent over time.
Functional governance addresses what users and administrators can use or configure. Functional governance is controlling the capabilities that are made available to users by authorized individuals. This control is exerted over administrators as well as end-users. Functional governance includes things like whether or not administrators can create new sites or create content types and metadata within a site. It also includes whether or not users can take a web part and publish it for others to use or have access to web parts that others have created.
Security governance is primarily concerned with the organization and the assignment of specific permissions to users and groups.
Security governance is closely tied to the other areas of governance since it is the manner in which security is applied that ultimately determines which users have access to sites, pages, web parts, administrative functions, and content
As with the other governance categories, the desired effect is to balance the benefit of a granular security model approach with the cost of maintaining that model.
Retention governance addresses the retention duration of documents and records. This is achieved through consistently applying metadata, information management policies, and records centers. Retention governance is what controls the conditions and duration that content is retained.