August 19, 2018

August 17, 2018

Subscribe to Latest Legal News and Analysis

August 16, 2018

Subscribe to Latest Legal News and Analysis

Drafting an Information Governance Program Charter

In our first blog post in this series, we discussed managing share drives and getting rid of redundant, outdated and/or trivial information, otherwise known as “ROT.” Today, we will focus on the essential elements of an Information Governance Charter.

Information Governance (IG) can be an abstract concept for an organization to get its arms around. To contextualize IG, a 2015 Information Governance Initiative (IGI) Benchmarking report included one-on-one interviews with people actively working on projects that they themselves identified as part of an information governance program. Consider this individual’s experience at a pharmaceutical company with more than 10,000 employees:

When Mary joined the company just a few years ago, there was no IG program. She came in with the idea of consolidating RIM [records and information management], privacy, compliance, security, human resources, and finance into an IG group. What she found was a common problem practitioners face when beginning an IG program— some of the facets of IG were immature or missing.

According to Mary, privacy and RIM were immature, lacking important foundational program elements, and some regional operations were missing key facets of IG altogether. She did not think she could move forward with a more comprehensive program without getting a solid foundation in place first, so she spent the first two years developing those basic functions and building her team.

Today, Mary’s company is in the process of building an IG council (or steering committee), writing its charter, developing a decision-making structure, and setting IG priorities. Mary could not have made this progress without building a solid foundation first.

An IG Charter that explains the purpose, goals, stakeholders, and responsibilities associated with an organization’s IG program is one way to add more structure to IG efforts. An IG Charter could be a foundational document or could be developed well after IG efforts are underway after some measure of C-suite “buy in.” In either case, the person(s) tasked with drafting the IG charter will need to have a certain level of vision and understanding of the company’s desired approach to achieving its IG objectives.

Elements of an IG Charter could include the following:

  • Purpose – The purpose of an IG Charter is to provide for the planning and operation of an organization’s IG program. The IG Charter defines the mission, goals, operating principles, organizational structure, and governance model that the organization will use to guide its IG activities.

  • Scope – In the scope section, an organization should generally describe the individuals and groups that will use the IG Charter, as well as the IG program components that will be addressed. These should be high-level descriptions.

  • Terms and Definitions – The terms that the organization selects for the individuals and groups that make up the IG program should be defined, as well as any terms that will be used in the IG Charter that the organization wishes to explain.

  • Mission – The mission of the organization’s IG program should be defined and explained. It should be as simple a statement as possible to guide the organization’s IG efforts. The statement should reflect the organization’s goals regarding its information.

  • Goals – The goals of the organization’s IG program should be defined. The goals described in the IG Charter should be high-level organizational goals as opposed to specific outcomes (e.g., “The IG program will provide consistent and clear expectations to personnel regarding information use and management.”).

  • Principles – An organization should define the principles it will use to guide the planning and execution of its IG program. The defined principles will drive the actions the organization takes to accomplish its defined goals. Principles should be framed in a forward-looking way that recognizes the opportunity for continued growth and maturity as an IG program pursues its goals.

  • IG Program Management Roles, Responsibilities, and Reporting Relationships – An organization should define the individuals and groups that will have specific management roles and responsibilities. Oftentimes, organizations will designate a central, executive committee to be the most senior-level IG authority, and within that group, there will be a head of IG, sometimes referred to as a Chief Information Governance Officer. The responsibilities, duties and membership of the senior-level executive committee should be defined in the charter. Other supporting individuals and groups can be established as desired to focus on specific aspects of an IG program. Each additional committee should have its responsibilities, duties, and membership defined in the Charter. An IG Charter can also define the responsibilities and duties of existing departments and individuals within the organization that will support the IG program.

  • Model for IG Program Implementation – An organization should outline the general steps for the ongoing development, implementation, and maintenance of the IG program in its IG Charter. The senior-level, executive IG committee should determine the steps that are most appropriate for the organization to mature its IG program.

  • Mapping IG Program Entities and Relationships – The IG Charter can include a diagram of the IG program governance structure, if desired.

Memorializing these elements of an IG program will help an organization communicate internally and externally about the purpose and goals of current IG efforts. An IG Charter is also helpful for aligning project goals with organizational goals as it relates to the governance of company information. It may be more feasible to draft the beginning of an IG Charter and add elements over time if the IG efforts at an organization are in the early stages of maturity.

In our experience, the early effort in creating a concrete, well-articulated IG Charter pays off in focusing senior executive or C-suite attention, not only on the overall value-add of the IG function, but also with respect to resources necessary to execute on specific future IG projects.

©2018 Drinker Biddle & Reath LLP. All Rights Reserved

TRENDING LEGAL ANALYSIS


About this Author

Amy Marcos, litigation lawyer, Drinker Biddle, Washington D.C.
Associate

Amy Ramsey Marcos assists clients with identifying their business, litigation, and regulatory obligations to optimize information governance practices. She has broad experience in several industry verticals developing and revising records retention schedules, supporting data remediation initiatives, and building change management plans to successfully implement information governance policies.

(202) 354-1322
Jason Baron, Drinker Biddle Law Firm, Washington DC, Litigation Attorney
Of Counsel

Jason R. Baron is an internationally recognized speaker and author on the preservation of electronic documents. Jason previously served as Director of Litigation for the U.S. National Archives and Records Administration (NARA) and as trial lawyer and senior counsel at the DOJ. 

As NARA’s Director of Litigation, Jason led the administration’s efforts to provide responsive White House email and other records in the massive U.S. v. Philip Morris RICO lawsuit, and assisted in the defense of lawsuits filed against the Archivist of the United States under the Freedom of Information Act, the Federal Records Act, and the Presidential Records Act in a wide variety of high-profile cases. As a trial lawyer and senior counsel for the DOJ, he appeared as counsel of record in landmark cases involving the preservation of White House email, statistical adjustment of the U.S. census, and early attempts to regulate the internet.

Jason was a founding co-coordinator of the National Institute of Standards and Technology TREC Legal Track, a multi-year international information retrieval project devoted to evaluating search issues in a legal context, and served as track coordinator for the first four years of the track (2006-2009). He also founded the international DESI (Discovery of Electronically Stored Information) workshop series, bringing together lawyers and academics to discuss cutting-edge issues in e-discovery. Since 2007, past DESI workshops have been held in Palo Alto, London, Barcelona, Pittsburgh and Rome, with a related workshop held in Beijing.

202-230-5196