An essential prerequisite to the development of an information management system or embarking on a data-centric Cloud solution, Oyster IMS' IGMA programme benchmarks your current Information Governance practices and performance against eight Principles of good Information Governance.
The assessment provides a health check and guidance for your journey to effective Information Governance, which an essential to the efficient, secure and compliant operation of cloud-based activities.
IGMA has been carefully formulated to reliably meet two important objectives :
1. To provide an assessment of the level of maturity of the information governance environment within the organisation.
2. To provide a strategic vision and roadmap for information governance which informs future decision-making in this area.
The Information Governance Maturity Assessment Audit is comprised of five phases of work:
1. Sponsor interview
2. Workshops with information owners and stakeholders (IT, FM, Records Management, Legal, Compliance, Risk)
3. The online questionnaire
4. Follow up Q& A based on questionnaire responses
5. Analysis and report production
The sponsor should be a senior member of staff who can represent the views of the business.
The purpose of this interview is to obtain an understanding of the organisation and the type of work performed, the strategic direction in which the organisation is moving (in particular, regarding intended cloud activities, growth plans or imminent changes) as well as understanding the culture and values of the organisation. We also seek to identify any particular areas of concern during this interview so that these could be targeted throughout the remaining phases of the project.
This meeting would also serve as a more detailed explanation of the project to senior management and to secure senior level sponsorship for initiatives which come out of this assessment.
The objectives of these workshops is to gain a high-level understanding of:
- Current methods of dealing with all paper and electronic documents (including emails)
- Current information management issues
- Future requirements and wish lists
- Current information management initiatives under way with the firm
An online questionnaire would be issued to all relevant staff, to further our understanding of current procedures when dealing with paper and electronic documents. In particular, these questionnaires are critical in allowing us to identify variations in the Information Management practices adopted throughout your business, which would then be investigated as part of the follow -up phase.
The questionnaire usually takes 15 to 20 minutes to complete.
As an outcome of the IGMA process, we deliver a report which includes the following:
- A summary of the main information assets in use by the organisation.
- An analysis of existing Information Management practices across the business.
- Identification of areas of commercial or compliance risk in the way information is managed.
A set of strategic and tactical recommendations and “quick win” solutions designed to:
- Minimise any identified risks.
- Identify any cost savings which may be achieved by eradicating poor Information Management practices.
- Deliver Information Management compliance.
- Incorporate commercial best practice.
A senior executive oversees the information governance programme. The organisation adopts policies and procedures to guide personnel and ensure that the program can be audited.
An information governance program shall be constructed so the information generated by or managed for the organisation has a reasonable and suitable guarantee of authenticity and reliability.
An information governance programme shall be constructed to ensure a reasonable level of protection for records and information that are private, confidential, privileged, secret, classified, or essential to business continuity or that otherwise require protection.
An information governance program shall be constructed to comply with applicable laws and other binding authorities, as well as with the organisation’s policies.
An organisation shall maintain records and information in a manner that ensures timely, efficient, and accurate retrieval of needed information.
An organisation shall maintain its records and information for an appropriate time, taking into account its legal, regulatory, fiscal, operational, and historical requirements.
An organisation shall provide secure and appropriate disposition for records and information that are no longer required to be maintained by applicable laws and the organisation’s policies.
An organisation’s business processes and activities, including its information governance program, shall be documented in an open and verifiable manner, and that documentation shall be available to all personnel and appropriate interested parties.