Information Governance: What s all the Hype? Raymond K. Cunningham, Jr. CRM, CA, CDIA+, CIP, CIPM University of Illinois Foundation 1
Questions What is Information Governance? Why should we care? What is the CIGP? Why was it created? How does this compare to other certifications? Is it worth my time and effort? 2
Disclosure: My role in the IGP initiative Attended all sessions building the certification Worked to create the domains I currently chair the examination development committee 3
Question What is Information Governance? 4
What Is Information Governance? ARMA s definition (2012) Information governance is a strategic framework comprised of standards, processes, roles, and metrics that holds organizations and individuals accountable to create, organize, secure, maintain, use, and dispose of information in ways that align with and contribute to the organization s goals. 5
Gartner Definition Gartner defines information governance as the specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving and deletion of information. It includes the processes, roles and policies, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals 6
Buzzword Differences Information Governance Policy based control of information to meet all legal, regulatory, risk and business demands IT Governance Established frameworks and best practices to gain most leverage and benefit out of IT investments and support accomplishment of business objectives (see COBIT5) Data Governance Processes, methods and tools, techniques to ensure data quality, reliable, unique, so that downstream uses are more trusted and accurate. MDM tools can help 7
Over-arching Framework Information Governance is an over-arching framework that brings together the content to be managed, the technology to manage the content, the business requirements and the external drivers of the business. This is C-level management 8
Diamond Management Consultancy UK 9
So where does RM fit? Records management is one aspect of information governance Records Management Legal Business Privacy Technology 10
Domains of IG Strategic planning creating an IG framework, understanding TCO Policies, authority, roles, responsibilities Risk and Compliance Risk Assessment, profile, risk mitigation, cost/benefit Aligning technology with the IG framework IG is a program as such requires metrics and monitoring and controlling 11
QUESTION WHY SHOULD WE CARE? 12
Records and Information Management is Changing Records Management was once about boxes of paper, filing, physical security Digital records required a change in methodology for dealing with content A split between RIMS and IT developed who owns/manages the content? Governance was required 13
This is about alignment Aligning business, technology, risk under a single managed framework Silos are inefficient, ineffective and destructive to the bottom line Who should lead? IT? RIMS? Who should be the CIO? What is the difference between the management of the information and the technology? 14
Two Career Paths Clerk Analyst Records Manager??????? Programmer DBA Systems Admin CIO 15
Survey the RIM Landscape In 2007 the ARMA Core Competencies identified four levels of positions within the profession Level 1 RIM Practitioner entry level Level 2 Specialist/Analyst Level 3 Seasoned Records Manager Level 4 Executive Level Strategic thinker 16
So where do we go? As a seasoned RIM professional, where do you go? How do we gain a strategic foothold in the C-level suite? Change professions? Obtain an MBA? Do you specialize? Do you have the demonstrated skill sets to be the CIO? How would you demonstrate those skills? 17
Career Path - CIO No defined career path One survey showed 79% of CIOs had a graduate degree 58% masters and 21% doctorate 40% of postings for jobs did not state which major those degrees should be in 18
Careers are built upon: Education Experience Professional Development 19
SO WHAT IS THE CIGP? WHY WAS THIS CREATED? 20
1 st certification in information governance Broad-based set of skills and knowledge Next step for career professionals Computer-based testing; secure sites More information available at: www.arma.org/igp 21
Some suppositions going into the creation of the IGP The certification was to be different at a higher level than others This was aimed at the C level information governance Records Management was a subset of the knowledge required for this certification This is a broader set of knowledge domains 22
So how does this compare with any of the other certifications? 23
The training and certification Landscape CRM CA CDIA+ CIP CIPP and CIPM Certificates AIIM ERM, ECM PMP 24
Relevant Certifications IGP at the center integrates these various perspectives Expand your own knowledge base Work more effectively with these natural organizational allies 25
What s Covered on the Exam? 1. Managing Information Risk and Compliance 2. Developing Information Governance Strategic Plan 3. Developing Information Governance Framework 4. Establishing the Information Governance Program 5. Establishing Information Governance Business Integration and Oversight 6. Aligning Technology with the Information Governance Framework
What s Covered on the Exam? 1. Information Management standards 2. Privacy and security 3. Records Management The Principles 4. Business Practices 5. Legal practices 6. Strategic thinking! 7. Think Global!
The bigger question Is it worth my time and effort? Created in partnership with ARMA International 28
Purpose of the IGP Program Mission of the IGP Certification Program: Provide an information governance (IG) credential within an ethical and professional framework to support individuals to deliver organizational value and reduce risk. Certify a body of knowledge required for IG Assess individual proficiency against it Impact industry organizations Create trust and ethics in the IG industry
Value of the Credential For the individual Showcase your expertise Achieve recognition within your organization and industry Pursue career growth opportunities For the organization Increase compliance Reduce risk Use a holistic approach to IG Have a competent labor pool to draw from Leverage information for greater effectiveness
Is it worth it? The value in any certification becomes clear as time moves forward. What are you long-term plans for your career? Is this right for you? Indeed.com showed 365 jobs with Information governance 31
Is it worth it? It may not make any difference to your current employer but it may be the difference for a new employer What do you want your career path to be? Who are we partnering with? Have we seen job postings yet? 32
Certifications - Value over time Certified Records Manager Certified Archivist Certified Document Imaging Architech Certified Information Professional Project Management Professional Certified Information Privacy Professional 33
IGPs and CRMs: Key Partners Complementary Certifications CRM In-depth on RIM methods / tools Longer history IGP Natural career path for CRMs, and others Works at strategic levels; wide array of competency areas Works in collaboration with CRMs 34
Role of an IGP Strategic perspective Enterprise-wise perspective Leveraging information assets for maximum value Reduce costs Identify risks and noncompliance Harness management support Define solutions, controls, policies Collaborate across the enterprise
The Exam 36
What s the Exam Like? Time allotted is three hours. - 5-minute non-disclosure agreement - 10-minute testing tutorial - 2 hours 45 minutes for the exam 140 multiple choice questions - 125 questions are scored. - Only correct answers are counted towards your score. - 15 questions are being pre-tested for statistical purposes only.
Beta exam results The first group were the seasoned 20+ year professionals So far the pass rate has been high Complaints department 38
Recertification Requirements Demonstrate continuing competence: 60 contact hours in a 3-year cycle 10 hours required in legal 10 hours required in IT Maximum of 18 hours awarded for a single activity
IGP Governance Board Independent Established processes to: - Ensure validity - Provide fairness - Provide recertification requirements - Ensure public trust Coordinates various committees Responsible for credibility of the program
Recommended Candidate Background Option 1 Four-year degree (bachelors or equivalent); Three years of management or leadership experience in RIM, law, compliance, audit, IT, privacy, or security Option 2 Secondary degree (high school, associates); Six years management or leadership experience in fields above 41
How Do I Get Started? Application form at www.arma.org/igp Submit form, signed consent statements, and fees $599 When approved, you will schedule directly with Pearson VUE 4500+ test centers across North America and several other countries 42
How Can I Learn More? IGP Website (www.arma.org/igp) IGP Candidate Handbook IGP Application Form Code of Ethics DACUM chart Detailed descriptions of duties, knowledge, and skills Suggested Reading List Exam Blueprint Sample Questions Becoming an IGP roadshow in some cities (www.arma.org/r1/conferences/roadshow/arma-live!-2014-roadshows) 43
How Can I Prepare? Do a self-assessment against the DACUM chart How proficient do I feel in these areas? Review suggested reading list in weak areas Read suggested publications Take suggested online courses 44
The DACUM Chart 45
IGP Resources ARMA s IGP suggested reading list: http://www.arma.org/r2/igpcertification/suggested-reading ARMA s IGP examination study kits: http://www.arma.org/r1/bookstore/igpresources ARMA s IGP sample questions: http://www.arma.org/r2/igpcertification/sample
IGP Resources ARMA s IGP Maturity Model http://www.arma.org/r2/generally-acceptedbr-recordkeeping-principles/metrics Gartner- What is Information Governance? And Why is it So Hard? http://blogs.gartner.com/debra_logan/2010/0 1/11/what-is-information-governance-andwhy-is-it-so-hard/
Questions? Email: cunningham@uif.uillinois.edu Website: www.arma.org/igp 48