Discover PerformanceHP Software's community for IT leaders // March 2012
The smarter approach to compliance
If you’re asking yourself, “How do I handle compliance,” you’re asking yourself the wrong question. It’s time to think bigger.
Compliance is not the problem. Poor information governance is the problem. When organizations approach compliance from a tactical perspective of “here’s the regulation, and here’s the solution that complies with it,” the result is a series of siloed deployments that address one concern at a time. The threat of lawsuits, for example, is the impetus for many rushed e-discovery solutions. The massive explosion of human-friendly content (documents, presentations, emails, spreadsheets, and so forth) makes compliance all the more challenging.
To avoid ending up with a loose collection of narrowly focused solutions that are incompatible and inefficient, enterprises must first understand and control all their data. The challenges of data, whether they be compliance with governmental and industry requirements or being able to handle an e-discovery request, are easier to master when you have technology that allows you to understand the meaning of your content. Approaching data governance holistically, rather than reacting to one requirement at a time, is imperative.
Better still, strong governance—the ability to set policies to control business content wisely across the enterprise, in-place without having to move the content—fosters stronger decision-making by reducing the confusion that comes with having too little or too much data. Taking a single-platform approach, so all related components (search, records management, e-discovery, etc.) work seamlessly across the enterprise data, solves this problem.
"Too little information leaves you unable to make the wise decision—and so does too much information," says Reed Irvin, vice president of information governance at HP Autonomy. "The trick is to keep information and comprehension in a state of equilibrium. The ability to keep exactly what you need for as long as you need it, and no longer and defensibly disposing of content can be achieved with the right technology."
From governance, compliance
Organizations should begin by understanding the meaning of their content. Once the meaning is understood, classification can take place. This facilitates defensible disposition, creating order from which strong governance can arise. The benefits of information governance are many:
- Know what you need, where to store it, and how to access it quickly.
- Properly, defensibly dispose of information you don't need.
- Excise data chaos and redundancies that cause confusion.
- Methodically eliminate gaps in your defensive strategies, providing proof of compliance and peace of mind.
- Minimize data storage and discovery costs.
Once you can accomplish all of that, regulations—even new or changing ones—cease to be a source of anxiety or risk.
Governance provides context and rules. Know what the information is, and you know what to do with it. Businesses have been trying to manage this for some time by requiring employees to manually apply metadata and perform other records management tasks such as filing their email. The process is time-consuming and subject to human error, fatigue, and indifference. Humans simply don’t scale well.
"Companies are asking their employees to perform tasks that have nothing to do with the job they were hired to do, disrupting business processes," Irvin says. "Your compliance efforts shouldn't rely on end users who, frankly, many times are actively trying to avoid the task. Automation is the key."
By eliminating human effort, automation provides a systematic and repeatable approach to understanding the meaning of business content without lowering employee productivity or introducing human error. Automation also lets companies keep up with an explosion of mostly unstructured, human-friendly data, which is being accumulated far faster than any human effort can handle.
One platform, many regulations
A smart, automated system of governance lets you make sure that you’re handling data as required by law and industry regulation, and in line with potential discovery needs. This can’t be done in silos. As discussed in our January/February edition, empowering a single authority on enterprise-wide compliance is a best practice. Investing in the technology to support holistic compliance objectives is the next, obvious step. The right solution will:
- Provide a comprehensive compliance strategy, not just point-solution responses;
- Automate key processes, such as defining business information and managing records;
- Intelligently limit data volume while eliminating defensive strategy gaps; and
- Provide an organized foundation for policy-based information governance.
For more on how a common, holistic information management platform can meet the dynamic demands of today's highly regulated business climate, read about Autonomy’s industry-leading records management solutions.
Welcome to a new reality of split-second decisions and marketing by the numbers.
Looking toward the era when everyone — and everything — is connected.
Introduction to Enterprise 20/20
What will a successful enterprise look like in the future?
Challenges and opportunities for the CIO of the future.
Dev Center 20/20
How will we organize development centers for the apps that will power our enterprises?
IT Operations 20/20
How can you achieve the data center of the future?
What the workforce of 2020 can expect from IT, and what IT can expect from the workforce.
Preparing today for tomorrow’s threats.
Data Center 20/20
The innovation and revenue engine of the enterprise.