Tech topics

What is Information Governance?

Illustration of IT items with focus on a question mark


Information governance is the development of a decision and accountability framework that defines acceptable behavior in the creation, valuation, use, sharing, storage, archiving, and deletion of information. It encompasses the policies, standards, processes, metrics, and roles guiding the efficient and effective use of information for an organization to realize its objectives. The term information governance is suitably broad to act as a reasonably comprehensive term. However, this also means the definition of that term is open to debate. As such, similar terms can also be heard which refer to similar disciplines and technology. This includes Data Lifecycle Management, Data Governance, and Information Management.

Information governance recognizes information as a strategic asset that must be subjected to high-level coordination and oversight. This ensures accountability, integrity, preservation, and protection of information enterprise-wide, and as a disciplined aims to treat the task holistically by removing silos and fragmentation, improving ROI on the technology and resources needed to manage information.

OpenText's range of solutions that support this discipline has the label Information Management and Governance. This phrase broadens the definition to consider two strategically critical elements of effective information governance, namely the data and the employees.

Information Governance

Why is Information Governance important?

Information governance (or Information Management and Governance – see above) is an emerging discipline so there is still some debate around the role it plays in the enterprise. Nevertheless, a well-implemented information governance program should yield the following benefits for the business at the minimum.

  • Actionable, manageable data: organizations have a strategic opportunity and responsibility to analyze its data, and keep all of it safe throughout the full information lifecycle.
  • Support business objectives, priorities, and needs in line with organizational culture and available resources.
  • Improve productivity by facilitating intelligent collaboration through information sharing. Employees across the organization work with the same version of a document in real-time.
  • Ensure compliance with laws, regulations, industry standards, internal procedures, and legal discovery. Minimize the risk of noncompliance such as censure, penalties, prosecution, reputation loss, and financial loss.
  • Improve information analytics capabilities. Access the information you need faster and easier because it’s better classified, supported, and secured.
  • Improve ROI on business intelligence systems.
  • Establish structure, control, and consistency over outsourced processes and systems.
  • Increase staff awareness on key principles and policies of information management.
  • Minimize breaches by keeping information safe and secure.
  • Base organization decisions on information needs and not available technology.
  • Improve organizational agility. Give key decision makers an enterprise-wide perspective that recognizes impact on other stakeholders.

Information Governance vs Data Governance

The terms information governance and data governance are frequently used interchangeably. They do not however refer to the exact same thing. Understanding the differences between them is central to developing an effective approach to enterprise information management.

Information governance

Information governance is a broad range of activities that covers all aspects of information within the organization. It is business-, legal- and compliance-driven. Components of information governance include categorization, information use definition, access management, records management, document handling, information lifecycle, secure removal (disposition), eDiscovery, cybersecurity, and, yes, data governance. In this sense, data governance is a subset of information governance.

Information governance professionals are skilled in records management, privacy, collaboration, discovery, and disposition.

Data governance

Data governance focuses on the storage, transfer, and integrity of data assets. It’s IT-driven and involves data lineage, data security, data loss prevention, data service levels, and master data management. It’s a more established discipline than information governance.

Data governance experts have competence in data modeling, data architecture, data integration, data privacy, and master data management.

Effective data governance is a key component of enterprise information governance. However, good data governance does not of itself guarantee good information governance. An organization’s information management is at its best when there’s strong, fruitful collaboration between its information governance and data governance teams.

What is Information Governance software?

Information governance software provides the automated tools the organization needs to comply with vast information governance demands. Identifying, analyzing, adopting, and implementing the right software is crucial in the realization of information governance objectives.

Information technology governance software often includes process and workflow automation solutions that digitize the repetitive and mundane elements of information governance.

What is an Information Governance framework?

The purpose of an information technology governance framework is to establish the organization’s approach toward information management within a business, legal, and regulatory context. An effective framework covers the following areas.

Scope and charter

Establish the scope of the information governance program. Set out the procedures that govern the creating, sharing, storage, and disposal of information. Define the management of all information and associated systems that affect the enterprise’s legal and regulatory obligations.

Roles and responsibilities

Define the key roles and responsibilities in information governance. That includes the information governance committee, information governance team, information risk management team, information asset management team, records management team, business line managers, and employees.

Information policies and procedures

Information governance includes multiple distinct policies and procedures. The framework should explicitly enumerate the policies that affect information governance including information security policy, retention policy, disposal policy, archiving policy, privacy policy, ICT policy, remote working policy, and information sharing policy. Information procedures then determine and define how the organization and employees interact with information according to each policy stipulated.

Third parties

Some enterprise information will be created and stored by third parties. The framework establishes how the organization manages information with partners, suppliers, and stakeholders. Define how information governance affects contractual obligations and supplier relationships. Establish metrics that third parties are evaluated against to confirm conformity with information governance goals.

Business, continuity, disaster recovery and contingency

The framework should set out the process for reporting information losses, reporting information breaches, incident management, incident escalation, disaster recovery, and business continuity.

Audit and review

Continuous monitoring of information access, information use, regulatory compliance, information security, infrastructure performance, and storage performance. Conduct regular risk assessments, audits, and reviews.

Key components of Information Governance

Understanding the definitions and importance of information governance, data governance, and information governance framework is crucial. But what are some of the components of effective information governance?

Information mapping and evaluation

Locate, capture, manage, and store information wherever it resides within the enterprise. Identify the different types of structured and unstructured information in the organization. Where is the information stored? Who is in charge of it? Is it backed up? Is it relevant?

Records management

The management of information across its entire lifecycle, from capture to removal. It covers the identification, classification, storage, securing, retrieval, tracking, preservation, and destruction of records. As the name suggests, the focus here is on the granular element of the information, namely the record level. Other disciplines (see Knowledge Management, and Content Management, below) seek to further abstract the granularity of the information.

Knowledge management

The creating, sharing, use, and management of information held by the organization in order to satisfy corporate objectives.

Content management

The creating, sharing, use, and management of information held by the organization in order to satisfy corporate objectives. This term emphasizes the value of the information being stored in terms of what it presents, i.e. as content.

Given this discipline is often associated with compliance initiatives, the necessity for enterprise-scale rigor and security means the labels Secure Content Management (SCM) or Enterprise Content Management (ECM) are often used.

OpenText offers a uniquely capable, secure content management products which aims to maintain operational security and integrity by knowing what data is stored, who has access to it and what policies are most effective in managing.

Information security and access management

Ensure information is available, authentic, accurate, and secure. Know who has access to what information. Mitigate against and manage risks that arise from unauthorized or unnecessary access to information. Employees should not be privy to information that is not necessary for discharging their roles, nor should they access business information via insecure channels.

Information lifecycle management

Establish strategies and policies for the administration of storage systems, security infrastructure, disaster recovery, data replication, and storage architecture management.

Electronic discovery

The discovery process in litigation, information requests, government investigation, and other legal proceedings where information is stored in electronic form.

Monitoring and review

Information governance is an ongoing project. Develop mechanisms for regularly monitoring, reviewing, and improving governance policies and procedures. The business, technology, and regulatory environment is never static. Strategies that were effective five years ago may be ill equipped to deal with present realities.

Data analytics

Ultimately, the value of good information governance is measured by the quality of the strategic decision-making that the data supports. As such, the data is only as useful as the ability to derive appropriate insight from it, making the discipline of data analytics hugely important to any organizations strategic efforts.

Outside the scope of content management or compliance archiving, the task of understanding all forms of data to support strategic decisions is a far broader topic, which has to take into account the vastness and sheer variety of data sources and formats. Organizations need to realize the operational reality that only 20% of data being created will neatly fit in a table, commonly known as structured data. The other 80% is delivered in varied formats collectively known as unstructured data. As such, a greater level of technological complexity is required to provide a platform for collation, examination and insight from all data sources. As a result, the label Data Analytics sometimes appears as the term Unified Analytics.

Unified Analytics take into account information streams generated from several sources to decode the information within, and allows organizations to make strategic decisions based on a holistic set of actionable insights. Those data sources include:

Analysts refer to this discipline, and the support that supports it, as Text Analytics or Insight Engines.

How is information shared, stored and protected?

Information governance requires an effective strategy for capturing, storing and interrogating data, plus appropriate facilities for how employees work on inputting, sharing, collaborating and protecting the data and how they access it.

As such, an important sub-element of effective Information Governance are two other disciplines referred to as Collaboration and Unified Endpoint Management.


As the name suggests, the discipline of Collaboration brings people, projects, and processes together in one secure place to enhance team and employee productivity.

OpenText™ Archiving, eDiscovery, and Data Security products fosters a productive, mobile workforce through better communication, team collaboration, BYOD, and easy access on any device.

Unified Endpoint Management

Organizations manage hundreds or thousands of devices and applications, numerous assets, and an unending list of software patches. Additionally, the workforce is constantly changing with new requests every day and under pressure from the changes in working habits. Applying discipline to managing all points of access from employee to organizational resources, including all devices, and each other, has the label Unified Endpoint Management.

OpenText's long-standing solution for endpoint management provides everything required to track, manage, and protect organizational devices.

Analysts refer to this discipline, and the support that supports it, as Unified Endpoint Management Software.

Start your Information Governance journey

Information can be a powerful, indispensable, game-changing asset for any organization. But that’s only if it is administered the way it should. The scale, complexity, and diversity of information today’s enterprise deals with can be noisy, overwhelming, and debilitating. Old-school information management methods where a single source of truth was easy to create and the custodians of information were clearly identifiable, are no longer feasible. Now, information governance professionals have to evaluate the impact of internal collaboration platforms, application programming interfaces (APIs), third-party integrations, and social media channels.

Just about every large organization today claims to be data-driven. Enterprises that implement a sound information governance strategy bolster information availability, mitigate risks, contain costs, and comply with regulations.

OpenText supports the various disciplines of information governance with enterprise-class technology by providing a comprehensive range of products including: