Citation
Lomas, E., Makhlouf Shabou, B. and Grazhenskaya, A. (2019), "Guest editorial", Records Management Journal, Vol. 29 No. 1/2, pp. 2-4. https://doi.org/10.1108/RMJ-03-2019-048
Publisher
:Emerald Publishing Limited
Copyright © 2019, Emerald Publishing Limited
Information governance and ethics – information opportunities and challenges in a shifting world: setting the scene
The information governance context
Information governance (IG) is a multidisciplinary approach to managing information, which has emerged over the past decade and continues to develop. With the rise of new technologies, we have seen the value of information receiving greater prominence and increasingly being commoditized (World Economic Forum, 2011). Information is now often co-created across global boundaries and blurred personal and public spaces, with complex ownership and legal regimes impacting. In response, frameworks to underpin the delivery of information through time have increasingly acknowledged the diversity of professional expertise needed to support a wide range of information contexts, including, for example, archivists, digital curators, digital forensics experts, IT support, lawyers, librarians, records managers, software engineers and technical infrastructure engineers (Makhlouf Shabou et al., 2017). Some frameworks have re-envisaged their profession and rebranded it IG, e.g. COBIT 5 (ISACA, 2012), which aligns the IT sector with information security, and the ARMA Information Governance Maturity Model, which aligns records management with IG (ARMA International, 2010). Others have perhaps underplayed the role of IG, representing it only as a niche component of information delivery, for example, the CILIP Professional Knowledge and Skills Base model defines IG as delivery within the information rights law space (CILIP, 2019), which does denote its significance for legal and ethical information delivery. While each of these models articulates a valuable aspect of IG delivery, it is important not to ignore the bigger implications of IG. IG is an overarching domain that acknowledges wide-ranging needs and complex relationships to manage information for the benefit of society.
The evolution of information governance
The roots of IG lie in corporate governance agenda, which sought to ensure ethical frameworks for managing organizations (Willis, 2005, p.86-87). However, IG grew and evolved as the value of information as an asset was increasingly recognized from the 1990s, as established in the work of Robert Hawley’s KMPG IMPACT Committee (KMPG, 1995). New technologies have enhanced its value exponentially in the twenty-first century, and in turn this has exposed information to new cyber risks, highlighting the need for information security systems. In 2010, Lomas made the case for records management and information security agenda to be aligned under the banner of IG, ARMA developed an ARMA Information Governance Maturity Model and Deborah Logan (2010) wrote a powerful Gartner blog post developing corporate governance agenda to take account of the role and value of information:
Information governance is the specification of decision rights and an accountability framework to encourage desirable behavior in the valuation, creation, storage, use, archival and deletion of information. It includes the processes, roles, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.
From 2011, Lomas provided masters-level IG teaching at Northumbria University, and Kerstin Ferguson-Boucher taught IG at Aberystwyth University; there is now a plethora of IG training and education on offer throughout the world. New bodies have evolved, including the Information Governance Initiative (IGI), which acts as a leading IG “think tank.” In 2014, Smallwood and MacLennan provided separate texts on the subject of IG. A report published by the IGI in 2018 has evidenced the growth of IG roles crossing over domains, including analytics, audit, big data, business intelligence, business operations and management, compliance, data curation and stewardship, data governance, data science, data storage and archiving, e-discovery, enterprise architecture, finance, informatics, information security and protection, IT management, knowledge management, legal, master data management, privacy, records and information management and risk management (IGI, 2018, p. 17).
The themed issues on information governance
IG is still an emerging and conflicted space, with significant gaps in the delivery in practice. The editors of these two themed IG Records Management Journal issues have noted in their own research the need to extend the ethical delivery of IG and the complexity of IG (Makhlouf-Shabou et al., 2019). This is difficult when working in global spaces with different perspectives on national security and openness, citizen freedom and privacy and ownership. The articles delivered within these two themed issues on IG provide a platform for further discussion, developing and in some instances debating differing perspectives. The works are set across different national borders and contain academic and practitioner perspectives. They provide a strong discussion of the literature in this domain, as well as the underpinning definitions and complexities of IG delivery. We see discussions on professional/discipline boundaries, for example, between information security and records management (e.g. Brooks and Xie). In addition, we see discussions on national cases in terms of differences and synergies, for example, in respect of archival, appraisal, deletion and e-discovery decisions in China, South Africa, Sweden, the UK and the USA (e.g. Fan, Klett, Lappin, Netshakhuma, Odezimir and Xie). The roles within organizations and the expectations of stakeholders are further discussed, including aspects of culture and leadership at organizational and national levels (Daneshmandnia, Kabata, Mpho, et al.). The articles discuss accountability, openness and trust (e.g. Svärd, Shepherd et al. and Engvall), as well as the need for greater co-creation and participatory practices in complex spaces, including around the generation of records and captured memories for children in care (Evans et al. and Thiarai). The challenge of new technologies are considered in a number of articles and specifically in the context of Blockchain by Hofman et al. In addition, Upward provides some new philosophical perspectives, repositioning the continuum within IG thinking. These articles challenge assumptions and argue for further research and debate in this sphere.
The future
Looking forward, as noted by Daneshmandnia, to date, models for IG have been limited to specific contexts and need extension; they have perhaps been too organizationally focused. In addition, as noted by Evans et al., there have been limits in terms of the extent to which co-creation has been enabled to generate information/records. As new technologies change our world, bigger ethical visions must be forged, taking into account old and emerging dangers. The holistic nature of IG provides opportunities to deliver frameworks that balance needs to ensure that advancement is not at the expense of society and to try to reach desperately needed international consensus and legal agreement. The articles within this issue demonstrate the complex and diverse nature of IG. To meet this challenge, the editors would posit a broader definition of IG in 2019 as:
Information governance provides a holistic ethical framework which takes into account a range of societal and individual stakeholder information needs. It enables a just process of information co-creation, sharing, management, ownership and rights including retention and deletion rights, economics, accountability and openness considering confidentiality, privacy and security needs. It transcends organizational, national and technological boundaries but takes into account diverse cultural, individual/family, community, organizational and societal needs. It is supported in its delivery by a range of practitioner expertise and citizen engagement.
References
ARMA International (2010), Information Governance Maturity Model, ARMA, KS.
Chartered Institute of Library and Information Professionals (CILIP) (2019), “Professional knowledge and skills base”, available at: www.cilip.org.uk/page/PKSB (accessed 1 January 2019).
Information Systems Audit and Control Association (2012), COBIT 5 – Control Objectives for Information and Related Technologies, Information Systems Audit and Control Association, IL.
KMPG (1995), Hawley Committee: Information as an Asset-Checklist and Explanatory Notes, KPMG, London.
Logan, D. (2010), “What is information governance and why is it so hard?”, Gartner blog, available at: http://blogs.gartner.com/debra_logan/2010/01/11/what-is-information-governance-and-why-is-it-so-hard/ (accessed 1 January 2019).
Lomas, E. (2010), “Information governance: information security and access within a UK context”, Records Management Journal, Vol. 20 No. 2, pp. 182-198.
MacLennan, A. (2014), Information Governance and Assurance, Facet, London.
Makhlouf Shabou, B., Lomas, E. and Grazhenskaya, A. (2017), “Information governance in european public administrations”, Archives, Citizenship and Interculturalism conference, ALA ACA.
Makhlouf-Shabou, B., Lomas, E., Guercio, M., Katuu, S. and Grazhenskaya, A. (2019), “Strategies, methods and tools enabling records governance in a cloud Environment”, in Duranti, L. and Rogers, C. (Eds), Trusting Records in the Cloud, Facet and SAA.
Smallwood, R. (2014), Information Governance: Concepts, Strategies, and Best Practices, Wiley, CA.
Willis, A. (2005), “Corporate governance and management of information and records”, Records Management Journal, Vol. 15 No. 2, pp. 86-97.
World Economic Forum (2011), Personal Data: the Emergence of a New Asset Class, Geneva.
Further reading
Blair, B. (2012), “Advancing a definition of information governance essays in information governance”, [on-line]. 24 February 2012, available at: http://barclaytblair.com/2012/02/24/advancing-a-definition-of-information-governance/ (accessed 1 September 2018).