Data and Information Governance: What is the Difference?

IGI Explores the Question with a Panel of Big Data and Governance Experts

C-level executives from a variety of industries involved in data storage, data management and data analysis came together at the Big Data Summit in Atlanta from May 17-19 to discuss how companies can effectively manage, protect and leverage the growing amounts of data in the enterprise.

The event, presented by Information Governance Initiative partner CDM Media, allowed attendees to explore strategies and technologies related to real-time data processing, data protection and privacy, meeting industry regulations and compliance, and data storage.

At the event IGI founder and Executive Director Barclay T. Blair led a panel discussion focused on data governance. The panelists were: Paul Childerhose, Director, Data Governance-Traded Products, Scotiabank; Holly Starling, Director, Information Governance,; Yogesh Joshi, Head of Big Data and Analytics, AIG; Ranjana Young, Senior Vice President, Enterprise Data, Northern Trust Corp.; and Scott Sokoloff, Chief Data Officer, OrderUp.

During the panel, Blair shared some key insights from the IGI’s 2014 Annual Report including the fact that 93% of the IG community agreed on this authoritative definition of IG: “Information governance is the activities and technologies that organizations employ to maximize the value of their information while minimizing associated risks and costs.”

Blair kicked off the discussion reflecting on the fact that one of the reasons governing information was so difficult was because people – even people within the same company – were unable to agree on the most basic of terms.

For instance, at many organizations, there are two completely different groups doing information governance: one focused on documents and the other on data – one primarily focused on risk, one on data quality, business intelligence and MDB (master data management).

The group agreed that there is not enough connection between the “data” and “information” governance worlds. As a result, the existing corporate governance structures are not sufficient to address both the promise and the risks of big data.

Blair also asked whether information governance actually provided any business value or if it was just about trying to comply with “ridiculous rules imposed on us.” If that was the case, then maybe companies should just sock some money away to pay fines for non-compliance and chalk it up to the cost of doing business, he said.

However, after different use cases and successes were presented to the panelists, they agreed that real value was being generated – through hard work.

“I know that when we talk governance, we are talking about the development, management and enforcement of rules on our data, regardless of the source of those rules,” Blair said.

In practice, however, there’s something very different between data governance focused on internally derived rules centered around technical or quality metrics, and information governance focused on compliance with external, imposed rules and laws, he said.

With the proliferation of information and data in all its forms, controlling it becomes increasingly complex.

“Can we get control of it? Should we even try in a world where it is becoming possible to keep everything forever?” Blair asked. “Are we moving to a world where we will keep everything forever, and if so, what does this mean for us as professionals, for our organizations, and for the world at large?”

The members of the panel agreed that this is already happening. New business models and technology innovations are making the cost of storage increasingly invisible. However, the need to understand and apply the right governance to data and information is only increasing.

“We need to clarify and improve the corporate governance of data governance,” Blair said. “[And] the governance of data and [the governance of] information should converge.”