Help From The Center: Can The CIO Tame The Information Beast?

Richard J. Wolf & Randolph Kahn, Founder & President, Lexakos Consulting & Kahn Consulting
1187
1945
400
Richard J. Wolf & Randolph Kahn, Founder & President, Lexakos Consulting & Kahn Consulting

Richard J. Wolf & Randolph Kahn, Founder & President, Lexakos Consulting & Kahn Consulting

Technology continues to change how we access and create information. Look it up in the dictionary? There’s an app for that. Need a great restaurant in Tribeca? Yelp it! While Generation Z embraces new media and the burgeoning Information Age with seeming ease, the business world continues to wriggle beneath the weight of its own information while striving to compete, trim budgets and avoid disastrous liabilities and embarrassments. Some argue that effective information governance is critical to an organization’s success. Who really can solve the problem? While Information Governance is a team sport involving senior management support and legal and compliance stewardship, in the end data is stored in the IT infrastructure and requires CIO leadership.

Organizations create information at alarming rates. IT has expanded storage capacity and infrastructure almost blindly to accommodate growth. Volume increases risk and cost, but it also prevents companies from finding valuable data and causes operational inefficiency. How do we stem the tide or bring order to the information chaos?

Records and information management is dead or dying and so essential

Records and Information Management is not working. Information growth and management complexity has foreclosed businesses from applying old retention rules. And so, it grows and grows, often unfettered. Too much data has outlived its usefulness and no one seems to know how or is willing to get rid of it. While every organizations need to “Right-size their Information Footprint” by cleaning out the digital data debris, they are stymied by the complexity and enormity of the challenge.

Growth of information

According to IDC, from now until 2020, the current digital universe is expected to expand more than fourteen times. With about 1,800 exabytes of new data created in 2011, 2,840 exabytes in 2012 and a forecasted 6,120 exabytes in 2014, the volumes are staggering. One exabyte is the data equivalent of 50,000 years of DVD movies running continuously. While the data footprint grows significantly each year that says nothing of what has already been created and stored.

Notwithstanding the adage that “storage is an inexpensive commodity,” unbridled data hording impacts business efficiency, is expensive and risky. Many companies spend millions each year storing data and continuing down this path is neither a sound business decision nor good risk management. Consider that the Information Footprint of most organizations is growing between twenty and fifty percent per year and storage cost is only declining by a few percent per year. In real terms, therefore, organizations are spending more each year to house information. Though information management is considered a top risk for organizations, one would think by now Information Governance would be treated as a top priority. However, the task of effectively addressing lifecycle and knowledge management is so monumental that few individuals inside an organization are willing to step up and invest personal political capital to seek a solution.

Volumes impact effectiveness

The law of diminishing returns applies to information growth. Assuming information is an asset, at some point when there is so much data, its value starts to decline. That’s not because the intrinsic value declines (though much idle chatter is generated in communications technologies). The decline is related to the simple inability to find what you need when you need it. According the Council of Information Auto-Classification “Information Explosion” Survey, information has amassed to the point where nearly half of companies need to recreate business records to run their business and protect legal interests because they cannot find the original. Individuals waste up to twenty percent of their time each day looking for their own information. These figures of inefficiency will increase if nothing changes.

Impetus for change

With increased regulatory enforcement pressure and public scrutiny on the ability to access or acquire an organization’s data, something has to give. Banking giant JP Morgan spent more money on legal costs than employees in the third quarter of 2013, and many of those dollars involved information search, review and production costs, which all impact IT resources. Since 2010, according to its published earnings report, the bank has committed $31 billion or nearly half its net revenue to legal costs alone.

Privacy risk, information security exposure, data loss prevention, litigation response costs, etc. are all forcing organization to figure out how it will address the growing information pile. While pressure from regulators and private litigants is prompting organizations to examine their sprawling information technology infrastructures, litigation cost, alone, may not be enough. Proposed changes to the Federal Rules of Civil Procedure (Rule 37(e)), which would allow for sanctions only if information is destroyed in bad faith, might provide a modicum of comfort to purge unnecessary and outdated information. Similarly, the maturation of technology used to capture, manage, store, preserve, and deliver electronically stored documents could also encourage more proactive information disposition. But no change is likely to occur without focus and leadership at the top of the IT organization.

CIO as change agent

When you combine spiraling data volumes with performance inefficiencies, litigation costs, privacy concerns, security, and trade secret protection, Information Governance is undeniably an issue that increasingly crosses into the technology department. But why, then, do so many executives view records and information management as low-priority “cost center” activity? In a 2013 Lexakos survey, only 55 percent of the chief legal officers polled said their executive team view records and information management as important.

The support of executives, including the CIO, is essential for taking on Information Governance, including getting rid of old unneeded data as part of regular business practices. To accomplish these goals, the objectives of IT and legal departments need to be better aligned. Without coordinated efforts from IT, business and legal leaders, Information Governance initiatives will lack the cross-functional support needed to make them a success. To get an organization to take on information sprawl, the CIO can take the following seven actions in 2014 that will make a difference.

1. Own the fact that information content management is at least partly an IT job and the IT department needs to help address information sprawl
2. Understand that every time a new technology is applied to a business process, information will be created and the IT department needs to help manage the issue
3. Recognize that storage and records retention are different activities and solving a retention by buying more storage isn’t solving the problem
4. Commit to cleaning up legacy data, systems, and applications to be “faster, better, cheaper” and legally compliant
5. Simplify records retention rules and apply them to structured and unstructured content to make sure they are disposed in the normal course of business
6. Develop policy and practices to allow IT professionals to implement “end of life” data practices that satisfy business and legal needs
7. Plan for new systems now, so if and when, your organization does business in the cloud, or with social technologies, you have a way to manage the new business information.

Read Also

Easing Compliance: Expanding an Ethical Culture Through Technology

Easing Compliance: Expanding an Ethical Culture Through Technology

Raphael Richmond, Global Director-Compliance, Ford Motor Company [NYSE: F]
Cybersecurity Risks and Why Internal Partnerships and Cross-Functional Resources Matter

Cybersecurity Risks and Why Internal Partnerships and Cross-Functional Resources Matter

Adrian Mebane, VP & Deputy General Counsel, The Hershey Company [NYSE: HSY]
Chief Compliance Officers And Cyber Security: A Match Made in the Boardroom

Chief Compliance Officers And Cyber Security: A Match Made in the Boardroom

Robert Garretson, GM, Governance Strategy, United States Steel Corporation
Avoid Non-Compliance by Getting Your SSH Keys under Control

Avoid Non-Compliance by Getting Your SSH Keys under Control

Fouad Khalil, Director of Compliance, SSH Communications Security