Data Governance vs. Information Governance: Closing the gap

Blogs and Articles

Information Governance is generally accepted as a framework for managing information in all its formats, including the basic building blocks of data. But where does Data Governance fit in? Experts weigh in on the IG and DG relationship and how to maximize your information’s value and drive business goals by understanding each.

Sue Trombley
Sue Trombley
March 5, 20247 mins
Image of measuring

Iron Mountain’s 2024 Education Series kicked off with our first webinar of the year, Data Governance vs. Information Governance: Closing the gap. Addressing the long-standing relationship between information and data governance and what it means for organizations today, our panel of experts included Elizabeth W. Adkins, CRM, CA Emeritus, IGP at Davis Wright Tremaine LLP, and Patricia Fitzpatrick, Senior Director of Compliance, Privacy & Risk at Seyfarth Shaw LLP. We began the discussion with a poll where only 22% of the nearly 600 webinar participants said they understood the difference between Information Governance (IG) and Data Governance (DG). By the end of the discussion, this number jumped to a confident 89%.

Understanding the relationship between Information Governance and Data Governance involves not only clarity around definitions and functions but also the unique and dependent roles of each in furthering technology, compliance, and other organization-wide ambitions.

How do these two disciplines collaborate and complement each other within the broader scope of achieving enterprise goals?

Defining Information Governance and Data Governance

In today’s technology-driven world, managing information effectively is paramount for organizations of all sizes and in every industry. Information Governance and Data Governance emerge as indispensable frameworks for overseeing data, records, and information throughout their lifecycles. But how do we define these two disciplines, where do they intersect, and what role do they play in organizational objectives? It’s crucial to explore and understand not only the difference between IG and DG but also how they operate in tandem, ensuring that organizational goals are met effectively. Defining the two terms and their functions has been the subject of some ambiguity in recent years.

Information Governance is an organization-wide framework for managing information throughout its lifecycle and for supporting an organization’s strategy, operations, and ethical, legal, regulatory, risk, and environmental requirements. IG establishes the authorities, processes, capabilities, structures, supporting mechanisms, and infrastructure to be a useful asset while reducing liability.

Data Governance is a set of policies, processes, and practices to maintain an enterprise data model that addresses data quality, integrity, reliability, and usability within an organization. These include the management of data elements/metadata to ensure the data is standardized, accurate, consistent, and complete across systems. By informing both the business and in support of operational goals and strategies, DG allows organizations to turn data into information, knowledge, and insights.

While no two organizations will treat IG and DG the same, it is evident that these disciplines, while distinct, necessitate a harmonious approach to data lifecycle management. By understanding the relationship and interplay between IG and DG, organizations can better position themselves to achieve compliance, enhance security, and leverage data for strategic insights, thereby reinforcing their operational and competitive stance in the market.

Related: An IG perspective on data governance in law firms

The convergence of Information Governance and Data Governance for enterprise-wide business goals

Organizations grapple with various challenges in managing data and information effectively. These challenges include developing system controls for data classification and loss prevention, establishing retention and destruction protocols, and ensuring compliance with regulations such as GDPR and HIPAA. Today’s data, records, and information management leaders recognize a clear interconnectedness between IG and DG, albeit with varying degrees of integration across their organizations. The confluence of Information Governance and Data Governance represents a critical shift in organizational strategies toward managing data assets comprehensively and purposefully.

Related: A practical guide to managing data, records, and information

A key component of the convergence of IG and DG involves viewing both structured and unstructured data through multiple dimensions, including compliance and business purposes. Clean, reliable data enables organizations to extract valuable insights through analytics, facilitating the development of tailored pricing models and enhanced customer engagement strategies. The concept of a data supply chain underscores the dynamic nature of data as it moves through various stages within and outside the organization. By implementing comprehensive tagging and tracking mechanisms, organizations can effectively manage data throughout its lifecycle, ensuring its relevance and usability at every stage. This entails developing system controls and protocols for data classification, loss prevention, retention, destruction, and minimization. These foundational elements are crucial for ensuring proper access, security, and management of data assets across various repositories.

Communication is key. Know the key stakeholders in the functional areas within your organization because IG and DG do come together quite often. They are distinct disciplines, but individuals within an organization are often playing multiple roles.
Patricia Fitzpatrick, Senior Director of Compliance, Privacy & Risk, Seyfarth Shaw LLP

Additionally, organizations are turning to the importance of collaboration between Information Governance and Data Governance practitioners. While IG professionals may focus on retention limits and dispositioning data for compliance purposes, DG leaders prioritize data accuracy, completeness, and usefulness. A collaborative approach enables organizations to strike a balance between regulatory compliance and leveraging data effectively for operational and strategic objectives.

The convergence of IG and DG signifies a holistic approach to managing data throughout its lifecycle, from creation to disposition. By integrating these disciplines and fostering collaboration across functional areas, organizations can optimize the value of their data assets while ensuring compliance with regulatory requirements and business objectives.

The crucial role of Information Governance and Data Governance in the age of AI

Integrating IG and DG principles provides a roadmap for maximizing the value of data assets and driving sustainable organizational growth in the era of AI-driven innovation. As advanced AI tools become more prevalent across various industries, investment in both IG and DG becomes a strategic imperative for organizations aiming to harness their power effectively.

We’re in a situation where both Information Governance and Data Governance have become increasingly critical to ensure that the right controls are in place before exposing your organization’s data to generative AI tools.
Elizabeth W. Adkins, CRM, CA Emeritus, IGP, Davis Wright Tremaine LLP

AI tools are playing a major role in influencing IG leaders to evaluate and further manage the security and access of their organization’s enormous volumes of information. Information Governance is essential to ensure that there are stringent controls for the responsible implementation of AI. Individuals may have access to data and know what they want to use it for, but do they have the appropriate permissions?

The influence of AI and analytics on Data Governance is profound in its demand for the highest quality data to function optimally. Ensuring that data is appropriately tagged with relevant metadata is essential for AI algorithms to generate valid and complete results. Consequently, the foundational work of DG in maintaining accurate and reliable data is more critical than ever. The best use of AI emerges from having up-to-date, accurate, reliable data that is well-organized and properly protected from unauthorized access.

Related: Building a data foundation for generative AI

The symbiotic relationship between IG and DG underpins the successful application of AI within organizations, ensuring that data is not only compliant and secure but also positioned to provide actionable insights that drive business value.

Closing the gap

Without good cooperation between the two disciplines, each program will not be as strong as it otherwise could be.
Elizabeth W. Adkins, CRM, CA Emeritus, IGP, Davis Wright Tremaine LLP

Building relationships across organizational departments is essential for information governance professionals seeking to understand and integrate data governance principles. As technology continues to advance and data plays an increasingly pivotal role in various domains of enterprise success, addressing IG and DG challenges will be essential for harnessing the full potential of data while ensuring privacy, security, and ethical integrity. By focusing on collaboration, preparing the framework for the adoption of AI, and demonstrating value through measurable impact on business goals, practitioners can continue to effectively bridge the gap between information and data governance to drive organizational success.

diverse partnership

Foster cooperation and collaboration between the two functions

Establish metrics to measure success for leadership buy-in
legal 1
Balance the need for data mining and analytics with retention requirements
Start small, stay focused, don’t try to boil the ocean

Interested in learning more about this topic? Visit the Iron Mountain 2024 Education Series to watch the on-demand recording of Data Governance vs. Information Governance: Closing the gap and to register for upcoming webinars.