two people working on a laptop

Establish Your Information Governance Foundation

Establish Your Information Governance Foundation

4 Minute Read

Audit, prioritize, retain, review: These four steps may not only save you money, they’ll also protect your business and your reputation.

As a culture, we’re creating information at an unprecedented rate. And this vast amount of mostly unstructured, mostly unmanaged, data sprawl has become increasingly lucrative to some of society’s least reputable actors.

Cyber-attacks have exposed billions of data records over the last year alone – and news reports reveal most firms involved were not even aware of how much data they were holding on to. Information governance, underpinned by strong security, is increasingly critical to keep data sprawl in check and security threats at bay.

Three Simple Questions

The transition toward more comprehensive information governance practices needn’t be overly complicated or technical – at least not initially. Any organization can kick start a by asking and addressing these three simple questions:

  • How are our employees and end-users working?
  • Where is our information stored?
  • Do we have full control of that information?

Every Organization’s Achilles’ Heel

Remember, it doesn’t matter how effective your document protection protocols are within the organization. As soon as it leaves your network, the document is out of your control.

Too many organizations use email as a de-facto content management platform. Despite its vulnerability to external threats, many employees use email as the channel to share sensitive information – putting tremendous amounts of data at risk.

How to Move Forward

Take these four simple steps to shift your information governance into gear:

Audit – Investigate and understand the range of information that you have within your organization. What needs to be managed? Where is it currently stored?

Prioritize – Assess the level of risk (i.e. compliance, regulatory, reputational, etc.) and determine what information and the associated management processes are most important for your organization.

Retain – Keep only the information you truly require. Inventory what you need to keep, for how long and who needs access.

Review – Revisit step three regularly. Pruning old information and data limits your exposure saves money and reduces data sprawl.

Finding Balance

Lifecycle management is integral to a strong information governance foundation. Automation will make it easier to control your information estate. However, you’ll need to strike a balance between making information accessible to the right users, extracting actionable intelligence and maximizing data security.

At the end of the day, the reward is worth the effort as you continue to see greater business agility, better decision making and more comprehensive risk management.

Tomorrow’s technology is shaping business today. To learn more about how MNP can help you lay the groundwork of a robust information governance program, contact John Desborough, Director Consulting and Technology Solutions at [email protected]


  • Confidence

    October 13, 2022

    Managing the new landscape of anti-money laundering risk assessment in financial institutions

    As FINTRAC becomes more stringent in its reviews of your risk framework, your risk assessment processes need to evolve with the landscape.

  • Performance

    August 31, 2022

    Key takeaways from Canada's amendments to the Retail Payment Activities Act

    Payment service providers and money services businesses must pay attention to recent amendments to Canada’s Retail Payment Activities Act, and future announcements.

  • Confidence

    May 31, 2023

    How to obtain an AGCO iGaming license for your business

    Looking to obtain an iGaming license in Ontario? Read our summary of the requirements to ensure you meet the AGCO’s expectations of your gaming business.