1.
Information Governance Outcomes and
Benefits
Establishing Information Governance requires clarity of vision and leadership.
“Without Vision our INFORMATION will perish and our people will cast off restraint!”
In setting up an Information Governance team and organizational structures it is helpful to define
what are our expected outcomes and benefits. Corporate governance regulations, like King IV, hold
the corporate accountable for the capital outcomes based on the outputs from the inputs that it
consumes. This responsibility has challenged me in several areas of my life, professionally as the
current DAMA South African President, I have been challenged to define the outcomes of the DAMA
professional certifications and as an Information Governance Advisor to large organizations to
ensure that the road travelled as the appropriate outcomes and benefits.
I have found it very helpful to spend time thinking about and defining these outcomes for the
specific areas stated above and then to study the more abstract outcome and benefit definitions. In
my study of the abstract definitions I have found a useful definition of the principles by AHIMA:
Information Governance Principles for Healthcare (IGPHC). At the same time, I was struck by the fact
that most of the principles can be applied personally and it made a lot of sense when thinking of the
old cliché “People trust people, not data”.
Our information should embody the same principles of a trusted advisor, if we expect business to
make strategic decisions derived from data. This is Information Governance ultimate goal to enable
business performance and value.
I have defined my abstract vision of Information Governance by defining:
 Outcomes
o What is the single most important information governance outcome?
o What other outcomes are core to the information governance vision?
 Benefits
o How do we remove the Information STRIFE in our organizations?
 (S): Reduce Stress caused by bad or inadequate information
 (T): Effective and Efficient use of time associated with information
 (R): Remove risks when working with information
 (I): Increase the income through the use of information

2.
 (F): Remove the fear and frustration caused by bad or inadequate
information
 (E): Reduce the costs (expense) of working with information
Outcomes
Major Outcome
Establish a SOLID EIM foundation based on information governance principles
that will enable business performance and outcomes.
We have to focus on the business value of information.
To do this, all our attention and efforts can only be applied to information that matters to the
business. We cannot put all information into this category which brings us to the realization and
cliché that “Not all information is equal”.
To ensure that we enable business performance and outcomes with information we need to
differentiate our efforts, targets and goals based on the value that information yields to the
business. This required a strict set of metrics and definition of the value of information.
Secondary Outcomes
The subsequent set of outcomes are based on the principles defined in IGPHC.
Accountability
Take ownership of what you can do to make information better at several levels:
Personal, Peer, Boss / Coach / Mentor, Public.
We need to establish a culture that publicly commits to take ownership of information at all levels.
Evidence of this outcome can be found in the maturity level of our data stewardship organization
and structure.
Transparency
We need to be aware of what is real and true.
This awareness will enable us to:
1. Solve information problems a lot faster
2. Build information collaboration easier
3. Grow authentic information relationships
4. Promote trust in the information provided
The net effect will be higher levels of business performance.

3.
Protection
As we classify information based on its level on sensitivity, value and criticality,
we can determine baseline security controls for its protection.
The lack of information classification leads us to baseline our security controls as either non-existent
or Top-Secret. Neither level of control is appropriate for an organization.
Compliance
We need to assure that the appropriate information management controls have
been enforced with good record-keeping practices.
Compliance is one of the core business drivers and by not paying attention to the required controls
and practices it becomes a matter of when the organization is caught and not if. The reputation of
the business is at risk if we are found to be non-compliant and this will not enable business
performance and / or outcomes.
Availability
We need to ensure critical information availability by determining the appropriate
levels of redundancy, failover and contingencies needed based on the risk of non-
availability.
The bottom line is that we need address information demands by ensuring that the right information
is available at the right time for the right purpose.
Retention
Excessive information volume is detrimental to the business. Information
retention programs define what information to retain, how long to maintain it
and how to dispose of the information when it is no longer needed.
This is based on the concept of Information Lifecycle. The information lifecycle begins at its creation
and ends at its final disposition.
Disposition
We need to establish defensible disposition of data to ensure that we control the
volume of information.

4.
Disposition includes not only the destruction but also any permanent change in information
custodianship. Custodianship can be transferred to another party due to merger or acquisition or
when an organisation discontinues a service.
Benefits
Stress Reduction
Achieving Business Performance levels can be very stressful if the required
information cannot be trusted.
Good and trustworthy information goes a long way to reducing stress in situations that require good
understanding of what is happening and making the right decision that will have long lasting
consequences.
Time effectiveness and efficiency
Bad and / or inadequate information will destroy effective and efficient use of a
resource(s) time. Running late for people and automated processes will increase
financial and reputational costs.
Good information doesn’t require all sorts of wrangling to get it into the format required to report
the business facts. Good information doesn’t lead to application and reporting failures. When the
information preparation runs smoothly, people can focus on delivering what is required.
Risk Removal
The ramifications of non-compliance and failure to deliver are getting higher and
higher and can lead to the demise of the organization.
We are expected to identify potential risks relating to information and assure the appropriate level
of controls are in place to address these risks.
Income Growth
Business Income is no longer restricted too physical and capital assets. Intangible
assets are playing a bigger role in the growth and well-being of a business.
Information is an intangible asset and opens up all sorts of opportunities for business diversification.

5.
Fear and Frustration avoidance
The fear of making the wrong decision and the resulting frustration with
information technology cannot be ignored when doing an impact analysis of bad
business performance and outcomes.
Fear delays decision making and frustration of incorrect decisions is difficult to quantify and hard to
gauge its impact. The business cannot be assertive in its decision making if it has to struggle with
information that it does not trust.
Expense limitation
We all talk about information as an asset but how long does it take and how
much does it cost to get information to a point where it is starting to enable
income generation.
When the cost of production exceeds the derived value, Information is no longer an asset but a
liability. If information is a liability, it needs to be disposed of.
Looking a the POSMAD lifecycle as defined by Denette McGilvray, the only time we derive value is
during the Apply phase, all the other phases: Plan, Obtain, Store & Share, Maintain & Dispose cost
the business. We need to move through the other phases as quickly as possible.