Log In

Eight Reasons It’s Time for a Data Map

A data map is an inventory and visualization of your company’s data and information assets. The rising number and severity of data breaches is generating strong demand for maps, and there are other reasons to create, improve, and sustain one.

  1. Data Maps Make Chief Information Security Officers (CISOs) More Effective. The newly hired CISO, on day one, wants to see the company’s data map. Without one, how would they know what they’re supposed to protect? Not all information is created equal, so it does not all require the same level of protection. How will your CISO identify and find the sensitive data? Without a data map, the CISO flies blind.
  2. Data Maps Drive Business. We live in the golden age of data analytics. Your teams want to harness vast stores of structured and unstructured data to develop needle-moving insights. However, they need the comprehensive awareness that a data map provides to know where the most accurate and trustworthy data lives.
  3. Your Board Wants a Data Map. The National Association of Corporate Directors, in its Cyber-Risk Oversight Handbook, instructs board members to ask management for a data map. Your board will not take kindly to being told “no” because data maps are an “ocean boiling” or “Golden Gate Bridge painting” exercise. Data maps are both of those when you do it wrong, but something else entirely when you do it right.
  4. Data Maps are Essential for Compliance. FINRA regulations in the financial markets, PCI for retailers, 21 CFR Part 11 for pharmaceuticals, and HIPAA in healthcare are some well known examples of the massive and growing volume of laws, regulations and standards focused on data protection. Frankly, it is very difficult to achieve compliance with these kinds of directives without a data map.
  5. Data Maps Let Us Actually Treat Data as an Asset. Data needs a sponsor at the corporate table, much like the head of HR has responsibility for the people in an organization. Most organizations do not have this role because – candidly – most of us blithely talk about information as an “asset” but few of us have the tools or the mandate to actually inventory, assess, and manage this asset. This needs to change, and the data map provides a central tool that this new kind of information leader needs to drive the change. This mandate might be given to an existing CIO, CFO, General Counsel, COO, or to an entirely new role that is emerging called the Chief Information Governance Officer (CIGO).
  6.  Data Maps Create Data-Centric Organizations. The process of data mapping involves people from across the organization, including IT, Finance, Legal, and business unit leaders, among others. This process engages employees and helps stakeholders across the organization think and act in a data-centric way. Critical questions emerge, such as: what data are we collecting and why; how do we use the data to make better-informed business decisions that create incremental value; and what can we do to ensure that the data is of high quality?
  7. Data Maps Make Good Housekeeping. Studies show that about two-thirds of an an average knowledge worker’s data is redundant, obsolete or trivial (ROT). Eliminating ROT lowers storage costs, and it’s easier to find and protect the useful data that remains. However, as many organizations hauled into court have discovered, getting rid of the wrong thing at the wrong time can result in enormous penalties and even criminal charges. Good housekeeping in the data environment is not possible without an accurate, comprehensive, and up-to-date data map.
  8. Data Maps are Doable. Data get balkanized within lines of business and in functional areas across organizations, creating unnecessary risk and limiting our ability to realize value from them. These assets reside in data centers; in devices such as cell phones, tablets, laptops and thumb drives; in the cloud; on paper; and elsewhere. New technology and techniques to locate, identify, track, and visualize data makes the job of building and sustaining a data map within the reach of every company.

Craig Callé is a member of the IGI Advisory Board, a small group of senior professionals and subject matter experts representing the disciplines that together comprise Information Governance. The Advisory Board provides feedback and direction on the IGI's agenda and strategy.

Skytop and IGI Events

How Does Information Governance Power the 21st Century Organization?

We have talked about our valued partner Skytop Strategies before - an organization that develops highly-engaging executive roundtable discussions around the globe on a range of topics that should be on the radar of every Chief Information Governance Officer and information leader in our community.

That's why we are excited to tell you about two great new events where we are partnering with Skytop to bring the IG message to executives and boards, and also to provide opportunities for IG professionals like you to learn and join that conversation.

Come to the May 19th Event in New York

The first event is The 21st Century Company - How It Creates Value, and for Whom which runs at Baruch College in Manhattan all day on May 19th, 2016. You can check out the full program here, but some of the highlights for IG pros are sessions on connecting risk management (a key facet of IG) to company performance; strategies for engaging diverse corporate stakeholders (a key challenge of IG); as well as discussion and insight from a stellar group of business leaders including:

  • Susanne Stormer, Vice President, Corporate Sustainability, Chief Sustainability Officer,  Novo Nordisk
  • David J. Westfall, Senior Director, Decision Support and Innovation Leader, AON Hewitt
  • Michael Madon, Chief Executive Officer, Ataata
  • Daryl Brewster, Chief Executive Officer, CECP
  • Livia Konkel, Director, Corporate Responsibility & Inclusion and Global Head, Diversity & Inclusion, Thomson Reuters
  • Karen Morris, Former Chief Innovation Officer, AIG
  • Chris Pinney, President and Chief Executive Officer. High Meadows Institute, Inc.

Discount for IGI Community Members

Even better, our partner Skytop is offering a generous 30% discount on event tickets to members of the IGI Community. To take advantage of this incentive, contact:

Colin Hines, Vice President of Delegate Engagement
Skytop Strategies

Cybersecurity and Information Governance

The second Skytop event we are excited about (and not just because we get to go to Rome) is the Skytop Global Cybersecurity Summit on  October 31st and November 1st, 2016. The importance of leadership from IG professionals on cybersecurity has never been more acute, which is why it is a major focus for the IGI. Our partnership with Skytop on this event will help us continue to fulfill our mandate to promote the adoption of IG around the world, and to provide opportunities for our community to learn and advance in their careers. It also helps us in our ongoing effort to expand the IGI footprint to Europe and beyond.

Barclay will be speaking at the Summit, which will convene 150 senior-level executives including heads of information technology, security, law, risk, governance, as well as audit and compliance, who are seeking solutions to complex cyber challenges in the market.

Stay tuned for more information on this great event.


From Ashley Madison to the eBay Hack: Cybersecurity Best Practices

Data breaches are on the rise. How can your organization avoid being the next headline? Join Barclay T. Blair, executive director of the IGI along with a panel of experts on this webinar discussion hosted by IGI Charter Supporter kCura and moderated by Dean Gonsowski. The panel also includes John Loveland, managing director at Consilio, a new IGI Supporter for 2016, and Judy Selby, partner at Baker Hostetler.

Wednesday, April 27, 2016
11:00 a.m. – 12:00 p.m. CDT

Tailored to IG professionals of all kinds (including attorney and information security professionals, our discussion will cover:

  • The connection between information governance and cybersecurity
  • Cybersecurity threats are worth your attention and resources
  • How in-house counsel are playing an increasingly active role in cybersecurity strategy
  • What companies can do to mitigate the risk of a breach

Register to attend here. 


2015-2016 IGI Annual Report

Press Release: Information Governance Initiative Publishes Industry’s Most Comprehensive Research Report

Think Tank’s 2015-2016 Report Shows Rapid Growth in IG Market and the Emergence of the Chief Information Governance Officer

Think Tank’s 2015-2016 Report Shows Rapid Growth in IG Market and the Emergence of the Chief Information Governance Officer

New York, NY – (PRWeb – October 16, 2015) – The Information Governance Initiative (IGI), the leading information governance think tank and community, today released their 2015-2016 Annual Report. This is the second year the organization has published the industry’s most comprehensive research on information governance as a concept, profession, and market. The report is based on extensive surveying of information governance practitioners and providers. Highlights from the report include:

  1. The IG Market Emerges. More IG professionals think there is a defined IG market, and that a category of “IG software” is emerging. IG professionals are doing work they consider IG; buying and selling products and services they call IG; appointing IG leaders; and identifying and executing on their 2015-2016 IGI Annual Reportorganizational IG priorities.
  2. The CIGO Takes Charge. The majority agrees that the Chief Information Governance Officer role is essential to IG success. The IGI’s advocacy for this role is starting to bear fruit, as the need for strong, senior, accountable IG leadership is increasingly acknowledged and acted upon. Of course, most organizations do not have a CIGO (yet), but the number of organizations designating senior IG leaders is significant and up from 2014.
  3. Taking Action and Spending Money. Most organizations taking action on IG have multiple IG projects in flight, and they are spending significant money to get them done. For example, large organizations have, on average, 7 projects that each cost over $750,000 and small organizations have 4 projects that cost $186,000 each.
  4. IG Spending and Revenue is Growing. Organizations doing IG predict that their IG spend will grow in 2016, and grow a lot, with nearly half expecting spending increases of 30% or more. Nearly all IG providers project IG revenue growth, with the majority projecting 20% growth or more, and over a third projecting growth of 30% or more.
  5. Key IG Concepts are Solidifying. Our most popular and widely-used infographic from last year’s Report was the “pin wheel” or “flower” that showed the information disciplines that together comprise IG. This picture remained remarkably unchanged this year, with only minor shifts in how IG professionals ranked each area. This suggests that a fixed picture of IG is at last emerging, and bodes well for the ongoing professionalization of IG.
  6. A Security Focus for IG. Across the board in our analysis we see strong evidence that security-focused activities are becoming a greater priority for IG professionals – reflecting not only an expected response to recent high-profile security breaches, but also a movement to integrate security into the larger IG whole.
  7. Strong Alignment Between Practitioners and Providers. Providers of IG products and services seem to have a clear picture of what IG practitioners want, what they are working on, and what they need. Remarkably, we see almost perfect alignment between the two groups in identifying the IG projects practitioners would do if they could, as well as the IG projects they are actually doing. This alignment is a sign of a healthy market that isstarting to use a common language to describe both problems and solutions.
  8. “Quick Wins” Are Not So Quick. Most practitioners report a staggering delay between the time they decide to undertake an IG project and the time it actually begins. Most report that it takes a year or more just to get started. This is too long and reflects the relative immaturity of IG decision-making, budgeting, and leadership. The good news is that each of these areas is improving, and we expect to see project start (and completion) times shorten in 2016.
  9. Economic Quantification is Important – To A Point. About two-thirds of IG practitioners told us that quantifying the economic impact of IG (using models like ROI and TCO) is important. However, only about one-third said they actually use such models to build support for their programs internally. At the same time, providers told us that in nearly all instances they are required to provide such calculations as part of the sales process. This suggests that many IG projects suffer from the same mix of politics, institutional inertia, and other human factors that bedevil all enterprise-focused projects.
  10. The Biggest IG Barrier is Education, Not Money. The top barrier to IG progress is not a lack of money but rather a set of factors including a lack of institutional education, communication, and leadership. The good news is that each of the top barriers identified by our community can be addressed without huge hard costs, enabling IG practitioners to make significant progress even without significant budgets.
  11. Value Creation Gains Traction. While IG clearly has its roots in risk-focused disciplines and activities, value-focused activities take a higher profile this year than last, which we see as further evidence that as IG matures and foundational problems are solved, paths to value creation open up. At the same time, the most common drivers for IG are event-driven (e.g., litigation, system migrations), suggesting that IG practitioners must continue to be intelligently opportunistic.
  12. Most IG Programs are Nascent but Progressing. Most organizations surveyed are taking some kind of action on IG, even if it is limited to addressing event-driven problems (in fact, most providers see their customers as mostly reactive in their IG projects). Most practitioners rate their IG programs as “nascent” or “intermediate” on a maturity scale, but tend to be more or less mature in each of the five specific variables that we measured.

“The fact that more and more organizations are hiring senior information governance leaders and investing in these programs is not surprising given the cybersecurity disasters we have seen in 2015,” said Barclay T. Blair founder and executive director of the IGI. “Today’s cybersecurity problems are rooted in yesterday’s failure to take the governance of information seriously. IG is the foundation of cybersecurity and privacy protection and also enables organizations to realize value from their information in an ethical and legally defensible manner.”

The IGI’s Annual Report was provided to all attendees at the IGI’s annual national conference, InfoGovCon 2015, that took place September 29-October 1 at the Connecticut Convention Center.

The Annual Report will be available for download in the Reports section of the IGI Community with other valuable reports and its infographics available for complimentary download under a Creative Commons license.

About the Information Governance Initiative

The Information Governance Initiative is a cross-disciplinary consortium and think tank dedicated to advancing the adoption of information governance practices and technologies through research, publishing, advocacy, and peer-to-peer networking. Join us at www.iginitiative.com.

Contact Information
Maribel Rivera
Information Governance Initiative
(866) 626-2917

IGI at ARMA International Conference

4 IG Questions You Can Answer with the IGI at ARMA International Conference 2015

Whether your organization is just beginning to explore information governance or looking for ways to formalize your existing approach, taking a critical look at your process and learning from other teams can help you make big strides toward success.

The ARMA International Conference is held annually to bring information professionals together to do just that: educate and inspire one another to stay ahead of a rapidly changing industry. This year, the show takes place October 5-7 in Washington, DC.

As you attend this year’s conference, network with peers, and dive into the sessions, we’re confident you’ll find answers to these five important questions.

  1. What are all the moving parts of a good IG program, and how do they interact? Every company is different, but the principles of a sound IG policy are often the same. What teams need to be involved, what interests are at stake, and what can you do to help them align?
  2. How can good IG prevent major security breaches? The media has been all over the high-profile security breaches that plague businesses in every economic vertical. Are there any IG best practices that can help lessen the impact of these breaches, or even prevent them?
  3. What’s your first step toward building your next IG project? You’ve gotta start somewhere—and the work never stops, either. How should you go about building your team’s next IG project?
  4. How can you build a career in IG? Information governance is in high demand, and it’s fueled by constantly evolving technology and business processes. If you’re in this fascinating space for the long term, which path should you follow toward the top?

At this year’s conference, we’ll be presenting several sessions to foster the discussion around these questions and more.

First, join us for an in-depth IG Boot Camp that will give you everything you need to dive into IG and begin implementing a program in your organization. You’ll come away with tangible next steps, tips for success, and hands-on experience building a project tailored for your team. The Boot Camp, entitled Getting Information Governance off the Ground: An IG Boot Camp, takes place before the full conference on Sunday, October 4 from 8:00 AM to 4:00 PM.

You can also find us at The Importance of a CIGO in Cybersecurity, where we’ll highlight the necessity of a strong leadership role for your organization’s IG and data security programs, on Tuesday, October 6.

Finally, Barclay T. Blair is presenting Wednesday, October 7’s keynote entitled IGgenius: Paving Your Pathway. We’re excited to hear the other panelists’ stories on the road to impressive careers in information governance.

If you’re attending this year’s show and would like to meet up with us one-on-one, use the online scheduler to book a meeting—we’d love to meet you in person.

The government symposium will also take place during the conference from October 5-6, sponsored by IGI Charter Supporter Iron Mountain and featuring Co-Chair Jason R. Baron. If you’re attending, find us at the showing of Decade of Discovery on October 5 from 3:30 to 5:30 PM, or the presidential debate on October 6.

We hope you’re looking forward to this year’s ARMA International Conference as much as we are, and we’re excited to see you there!