220 likes | 232 Views
Learn how to effectively implement a defensible disposal program in your organization, measure success, and overcome barriers. Improve information governance and reduce costs and risks.
E N D
Information Lifecycle Governance Launching a High Impact Defensible Disposal Program in Your Organization Measuring and Ensuring Success
Barriers To Launching a Program: Lack of Funding, Lack of Operational Model • Similar information governance starting point • 78% • cannot reliably dispose of data • Common goal and • approach • 98% agree rigorous discovery and defensible disposal of information is a desired benefit and requisite outcome of information governance efforts B A P In search of a better Information Governance Program On leadership: 57%of respondents’ companies had information governance - leadership committees yet only 17% said right stakeholders were at the table On ownership: only 25% of companies said the IG ownership model works well today On process management: #1 barrier to achieving IG is managing the enormity of the effort to make the change 2
Overcoming Funding Barrier: Quantify Economic Benefits of Defensible Disposal We could spend $35m less next year and lower our run rate We could lower run rate $3m now and spend $24m less over 3 years We could free up $150m to drive revenue and profit
Overcoming Operational Program Model Barrier: Establish a Strong Strategy and a Clear Execution Path P + Strategy: ILG Policy and Process Integration ILG Leadership and Execution Organization Focuses enterprise on ILG savings and risk reduction opportunity Drives charter, directive, resources and cross-functional accountability for ILG program. Metrics Align and engage enterprise stakeholders, focus progress toward process maturity targets, capacity requirements, goal achievement Process CapacityImprove and Integrate Processes, Consistently and Defensibly Dispose, Decommission. Automate processes, ensure transparency, provide capacity. Accelerated deployment to drive faster save. Asset Recovery Remove Excess Storage, Infrastructure Savings-prioritized recovery of infrastructure to drive P&L benefit LEADERSHIP EXECUTION LOWER LEGAL AND IT COSTS, REDUCED RISK
Operationalizing ILG Program is Only Possible with a Precise Path to Success Defensible Disposal-Driven Cost and Risk Reduction Opportunity Costs and Risks of ‘Keep Everything’
1. People and Organization Defensible Disposal-Driven Cost and Risk Reduction Opportunity Costs and Risks of ‘Keep Everything’
Governance Organizational Model: 4 Levels of Leadership, Program Structure • Executive Committee: • Validate Metrics, Objectives and roles and responsibilities as defined by Program Director and Senior Advisory Group • Process and policy resolution • Resources and capacity alignment • Audit onset and cadence approval • Senior Advisory Group: • Identity delegates and working group participants in their respective organizations • Process and policy definition • Monitor process maturation and workstream results in the area • Ensure capacity is aligned with program objectives • Program Director and PMO: • Drive execution on 15 core business processes based on business recommendations from function leaders and practice delegates • Communication and training plan oversight • Maturity assessment cadence and dependencies • Establishes audit cadence and ratifies audit onset • Reviews and ratifies implementation/maturation methodology • Working Group Delegates & Leads: • Audit onset timing • Process implementation/maturation methodology • Capacity and capability recommendations to line of business leadership and executive committee • Communication and training in their domain
Metrics, Measurements and Communication Metrics Communication and Reporting Roles and Cadence
2. Process Defensible Disposal-Driven Cost and Risk Reduction Opportunity Costs and Risks of ‘Keep Everything’
Enhancing and Instrumenting These 16 Processes Reduces Inherent Risk RISK ELEMENT Legal does not identify the right custodians. Actual, rogue or IT managed data sources are missed. IT or employees migrate, retire or modify data due to no hold visibility. Legal fails to follow through on information identified in custodian interview process. Collection failure from overlooked source, departing employee, incomplete prior collection inventory, communication and tracking errors. Unable to assemble, understand or defend the audit trail of discovery activities. Failures in record keeping and regulatory change management. IT ‘saves everything’ increases discoverable mass, complexity. IT disposes of data of value to the business or with legal obligation. Private customer data is exposed, theft, brand damage, or regulatory penalty occurs. Legal obligations for data are poorly understand and executed from miscommunication or lack of information. Systems are incapable of complying with information obligations IT lacks full facts on disposal of information so excess accumulates or data is lost Legacy data is poorly understood, overlooked in litigation, expensive or difficult to find and not reliably disposed Unable to reclaim or recover unused assets or allocate based on business need Unable to pass an audit on compliance with retention, preservation, protection and disposal policies Highest Risk M B C D N J E H I L G A P Potential Impact F K K J O N A P M B E H G I C L O F D Likelihood to Occur High risk Requires constant monitoring and review, immediate escalation on failure or impending failure. 50% likelihood Moderate risk Requires frequent monitoring to prevent and detect; costly to correct or mitigate.Between 10% -50% likelihood Low risk Does not require constant monitoring and is easy to prevent, detect, correct, defend. Less than 10% likelihood
Process Maturity Levels Target maturity level needed for defensible disposal, lower risk and cost INTEGRATED, INSTRUMENTED ENTERPRISE PROCESSES 4 • People in the group use the same method • Process is automated and facts are routinely incorporated in process • Process is repeatable, consistent and reliable in dynamic enterprise • Facts from adjacent stakeholders are routinely incorporated in process • Process provides enterprise transparency • Process dependencies and risks are systematically detected, communicated across processes SILO’ED, CONSISTENT & INSTRUMENTED 3 • People in the group use the same method • Process is automated • Process facts are routinely incorporated in departmental process • Process is repeatable, consistent • Process and facts are isolated in department Typical maturity level today, cause of excess data, cost and risk 2 SILO’ED, MANUAL • Facts are difficult to retrieve but available; isolated to dept • People in the group use the same method • Spreadsheets are stored in common place or in shared email 1 • AD HOC, INCONSISTENT • Inconsistent activity • Informal or incomplete • Facts isolated to an individual • Can’t easily be compared, reconciled or monitored HIGH RISK, COST HIGH TRANSPARENCY & CONTROL
Measure the Current State to Develop a Path ForwardThe Current State May be Manual and Silo’ed
3. Technology Defensible Disposal-Driven Cost and Risk Reduction Opportunity Costs and Risks of ‘Keep Everything’
Process Capabilities & Requirements • PROCESS TRANSPARENCYUnified Governance • Transparency across stakeholder processes • Common governance data model and enterprise map • Linkage of duties, value to information assets and business processes • Governance analytics • CREATE, USE • Optimal accessibility • Communicate value and duration • Tap governance liaisons • Access valuable information more easily • Analytics on volume/cost of information • HOLD, DISCOVERRigorous Discovery • Robust, affirmative legal holds for people, records, and data • Preserve in place automation where disposition occurs • Efficient data analysis and collection • Legal cost and risk analytics • STORE, SECURE • Efficient Storage • Store and optimize by value • Meet SLAs for structured and unstructed information access • ILG execution capability and enablement (holds, retention, disposal, collection) for data • Data hygiene and governance • RETAIN, ARCHIVE • Value-Based • Taxonomy and regulatory requirements • Business value inventory • Reliable, executable retention schedules for records and information of value • Archive during period of value only • Information cost and risk analytics • DISPOSE • Defensible Disposal • Catalog of information value and duty by asset • Legacy data clean up, application retirement • Procedures and capabilities for disposal by source • Risk and cost dashboard for information portfolio
IBM Solution Systematically Links Obligations and Valueto Assets to Address Root Cause, Lower Cost and Risk DUTY VALUE DUTY Department Laws & Regs Matter ASSET Retention Schedule Hold Systems Information 16
IBM’s ILG Solution Links Records, Legal, the Business and IT to Enable Defensible Disposal Instrumentation and Execution Capabilities by Stakeholder • RIM/Business - Records and Retention Management • Legal - Rigorous eDiscovery • Business/IT Value-Based Archiving • IT - Governance and Disposal
Summary – Information Economics Drive ILG Programs Defensible Disposal-Driven Cost and Risk Reduction Opportunity Costs and Risks of ‘Keep Everything’
IBM Has Strong Strategy and Clear Execution Path to Achieve the Risk and Cost Reduction Opportunities Strategy and Execution Drive Business Outcomes with Structure, Defined Processes, Metrics, Capacity & Accountability Policy and Process Integration Across Information Stakeholders Enables Disposal, Lowers Cost and Risk Governance Program Driving Savings and Risk Metrics Charter, directive and accountability for enterprise program. Savings achievement cadence and reporting. Program Office to Coordinate Stakeholders, Drive Benefit Achievement Ensures cross-silo engagement and progress toward maturity targets and financial objectives, change management Technology Provides Capacity to Improve and Integrate Processes, Consistently and Defensibly Dispose, Decommission Automates processes, ensures transparency, provides capacity. Accelerated deployment to drive faster save. Reclamation Removes Excess Storage, Infrastructure Savings-prioritized reclamation and recovery of infrastructure to drive P&L benefit STRATEGY EXECUTION >$300M enterprise value created over 3 years with lower legal and IT costs, reduced risk
Only IBM Provides Rigorous Compliance, Value-Based Archiving & Defensible Disposal Strategy, Software & Services
Learn More & Join the ConversationCompliance, Governance and Oversight Council Join the CGOC! • Forum of over 1600 corporate legal, IT, records and information management professionals. CGOC conducts primary research, has dedicated working groups on challenging topics, and hosts meetings throughout the U.S. and Europe where practice leaders convene to discuss discovery, retention, privacy and governance. • Mission: To provide executives the opportunity to benchmark and exchange case studies; its practice groups focus on discreet areas in preservation, retention, and information governance to deliver work products that help our members best approach the challenges in maintaining best-in-class programs. Online and in person events Regional and International summits Published materials
Additional Sessions • Improving Information Economics with Information Lifecycle Governance • Information Governance Programs - launching a high-impact defensible disposal program in your enterprise • Modernizing eDiscovery and Hold Process - Reduce risks, increase transparency • Modernizing Retention Program - Express Information Value • Value-Based Archiving and Defensible Disposal - Dispose rather than store unnecessary data