Much has happened in the world of information governance since 2012. I use 2012 as my yardstick because that’s when the original CGOC Information Governance Process Maturity Model was created. The writers and working group members who put it together were experts and visionaries, and as such, over the last five years, the model has retained its place as the industry’s indispensable guide to building and measuring a comprehensive Information Governance program.
Now, however, with almost weekly announcements of breaches at large corporations and the government, organizations no longer wonder “if” they will be hacked, just “when,” and they take the threat much more seriously. Meanwhile, governments and the business community have placed an increasing emphasis on a person’s right to data privacy.
Another key development is the increasing acceptance of the science behind analytics and machine learning. The obstacle they now face is how to collect and use data legally, ethically and within the parameters of their compliance structure. This has led to the emergence of the Chief Data Officer (CDO), who leverages, protects, and promotes an organization’s rapidly growing data assets, ensuring quality and provenance.
Cloud adoption has been another significant shift over the last five years as it continues to get cheaper and easier to outsource data to someone with the infrastructure to handle it. However, with that come IG challenges, including those around classification, over-retention, Shadow IT and geolocation.
As a result of these shifts and trends, it became necessary to update the CGOC Information Governance Process Maturity Model, revising some old processes and adding new ones to guide practitioners through the developments. The new Cloud Computing process ensures Information Governance safeguards are applied to non-traditional procurement and provisioning channels such as cloud services. The Data Quality and Data Lineage process focuses on ensuring data is accurate and fit to serve its intended business or compliance purpose. The Privacy and Data Protection Obligations section now reflects evolving data privacy concerns, including the impact of the GDPR. The cost lever, Data Security: Cost Reduction through Process Maturity, helps organizations measure the impact process improvements can have on the per record cost of a data breach.
Updated by Heidi Maher, Executive Director, and Jake Frazier, Faculty Chair, of the CGOC, the latest release of the guide includes the following:
Three additional processes relate to data security best practices:
Become a member of CGOC to get unlimited access to our resources to get the insight, interaction, and information you need to make good business decisions. Already a member? Sign in
Not a member? Join the community
Already a member? Sign in
Become a CGOC Member and have access to resources, white papers, surveys, proceedings, and practice tools such as the Information Economic Process Assessment Kit. CGOC Members receive first priority to regional CGOC executive meetings around the world.
Asterisks (*) indicate fields required for registration