InfoGovANZ

Information Governance Think Tank

InfoGovANZ

InfoGovANZ releases the Information Governance Primer

by

Susan Bennett, Executive Director of Australian based think tank, Information Governance ANZ (InfoGovANZ), is delighted to launch the Information Governance Primer, which provides a wide-ranging overview on the fundamentals of good information governance.

In today’s digital environment, the growing number and complexity of challenges associated with data and information have outpaced traditional information and records management practices.  The Information Governance Primer address these challenges by providing a guide to developing a holistic enterprise-wide system to mitigate risks and maximise opportunities.

“The COVID-19 pandemic has highlighted the importance of access to accurate and real-time data for decision-making by senior executives and boards, access and reliability of organisational systems and information for employees to carry out day-to-day work and for decision-making at all levels throughout the organisation and information security and the increasing cyber risks arising from working remotely and the increasing use and reliance on third-party platforms and software.”

The Information Governance Primer was developed to address these unfolding issues and provide practical guidance in how organisations can implement robust governance to mitigate risks. It assists professionals to develop a well-executed IG framework and program, with appropriate leadership to deliver effective security and control of data and information by reducing costs of holding information and maximising the value of information held by the organisation.

The Information Governance Primer not only articulates persuasively the rationale for implementing good information governance, but aims to equip IG practitioners with the knowledge required to build and improve information governance across a range of organisation types including government, corporates and not-for-profits.

Ms Bennett explained, “InfoGovANZ’s mission to build the knowledge of IG, best practices and innovation led to the development of the Information Governance Primer which addresses the critical issues and challenges the IG community faces in creating and deploying effective governance”.

The Information Governance Primer provides a general overview of information governance, covering a range of important factors including the key drivers of IG, benefits of successful IG implementation, an outline of IG models and frameworks plus the role of IG leadership in establishing robust information governance.

The Information Governance Primer is free for InfoGovANZ members and is available here. New InfoGovANZ members receive a free copy when they join. Find out more about membership, including a range of benefits here.

Richard Kessler

by

Richard P. Kessler, CEO of Classifi and member of the InfoGovANZ International Council, is a pioneer in the fields of information governance, data governance, legal operations, eDiscovery and infonomics.  As the CEO of Classifi, Richard leads with a vison focused on bringing innovative solutions to complex data challenges.

Prior to taking the leadership role at Classifi, Richard was a Director at KPMG in Cyber Security Strategy and Governance as part of the U.S. Information Governance and Privacy practice.  In this role, Richard created the Data Value Model innovation comprising the ideation, design, development, expansion, and integration across multiple data and information disciplines.  Richard was pivotal in orchestrating integration of governance across pillars leading to a new way of thinking about data.

Richard fostered a great many of his ideas as an innovator and inventor during his 25+ years of experience in the global financial services industry with Citigroup and UBS, as a Vice President and Executive Director, respectively.  He developed and implemented frameworks to address information lifecycle governance, eDiscovery, cyber security and privacy requirements to address highly complex and dynamic regulatory and business environments.  Richard assumed senior leadership roles in Architecture and Technology Engineering; Group Information Security; IT, Contracting and Shared Services Legal; and Legal & Compliance Systems and Strategic Planning.

You can read more of Richard's articles here.

 

Tell us about yourself?

A driving force in my life is to make a noticeable, positive impact on society - one person at a time, in any way I can. It's what drives me personally and professionally. My business role aligns well: I'm currently serving as the CEO and co-founder of Classifi, a startup based in Omaha, Nebraska, in the United States. Together with my team, we’re building Classifi into a new type of technology company, which moves fast 'enough,' is mindful of 'breaking things,' and keeps the individual and their rights front and center.

 

What led you into the world of Information Governance (IG)?

In 2001, I became responsible for leading the technology infrastructure recovery of 7 World Trade Center for a particular Citigroup business, where we necessarily had to develop a new and holistic view of enterprise data requirements spanning multiple perspectives effectively overnight. Building on that experience, I held roles in records management, eDiscovery, data architecture, ESI consulting, and other complementary fields over the next 5-10 years. These roles prepared me well for a global position leading Information Governance at UBS, followed by a role in Cyber Security, Privacy, and IG at KPMG and, ultimately, for my current role in developing Classifi. I accelerated my learning by participating in numerous IG conferences, forums, and events over the last 20 years. I found that I assimilate new information much faster by working with industry experts in their specific fields – by speaking with them or presenting with them to teach others, for example – and I've been privileged throughout my career to be surrounded by some very accomplished subject matter experts.

 

Tell us about your current role in IG?

We're currently working on a new platform that will enable business leaders and business developers to identify hidden, new sources of revenue from their own data and - more importantly - what's available to them in other places, such as publicly available data streams and data available to them through their supply chain. This platform will facilitate unprecedented data transparency and collaboration and provide a holistic view of risk and value scoring of enterprise data assets at scale in near real-time. Among other perspectives, it requires an IG-type approach that considers the business needs of all data users, coupled to accelerate digital transformation.

 

What pressures are organizations facing to ensure IG best practices?

In addition to data volume problems, organizations have massive data quality problems; in particular, obtaining data that is accurate, trustworthy, and timely seems to be getting more complex instead of more straightforward. Organizations continue to needlessly stockpile data without understanding its meaning, context, value, risk, and level of trust, hoping that "someday it will be valuable." Would you purposely fill up your pantry with old, half-eaten food that is past its shelf life? Of course not, but that is what organizations are doing with their data. The tragedy is that identifying and getting access to clean and reliable data is exacerbated by poor data management and information governance practices coupled with the more hands-off approach of data in the cloud and places other than in their directly controlled systems. Unfortunately, this is nothing new; however, this problem extends far beyond a particular organization's data swamps to the sum of all data they may rely on, regardless of where it resides. For example, if the organization makes growth decisions based on outdated information, they create unnecessary expenditures, leading to wasteful, misdirected investment and opportunity costs.

 

What are the biggest developments you have seen in the IG?

Current IG and data management innovations are being propelled by the realization that value-driven insights require curated data assets from the data supply chain at scale. If organizations want to stay competitive, they must act quickly to level up their data management, IG, and digital transformation capabilities or risk becoming irrelevant.

 

How have you adapted your career and/or since COVID-19?

Our firm is a work-from-anywhere organization. We've built it from the ground up during Covid (founded in September 2020!) to cultivate, appreciate, and reward individuals regardless of their location and role.

 

What is a fun fact about yourself?

I'm a certified PADI scuba diver and have dived off the coast of Florida and Mexico. Although I can't wait to go scuba diving again, given the challenges with international travel, and sharing equipment during Covid, I've decided to learn how to fly planes. It's a skill set that is computer simulation-friendly, so I can do it from home and "virtually" see new places and can help obtain a pilot's license in the future.

 

Is there anything you would do differently if you were starting your career now?

I'd be conscious of mentoring more people, and especially many more women, to drive more diversity in our industry. I'd want to have 3-5 years in a role as a data scientist and, separately, 3-5 years as a data engineer. There is nothing like working in a particular role to glean the necessary experiences and insights to have an in-depth understanding! I have deep appreciation and admiration for those skill sets, amongst many others.
9. Do you have any tips for someone starting in IG?
Focus on one discipline at a time and immerse yourself fully in it. Listen to the experts. Build an extensive checklist for yourself that summarizes everything you've learned. Do this five times over five years with five IG fields. This approach will significantly expand your vision and breadth of knowledge. Try to find a single employer that will give you such freedom (Citigroup was very kind to me – every two to three years, I changed roles but remained at the same company). Listen more than you speak. There is almost always something to learn from everyone around you. Always try to be kind and patient with folks, and they will be happy to teach you continually. Pay forward the kindness and mentorship you receive.

 

With the rapidly evolving technologies and digital disruption, where do you see IG heading in the next few years?

IG must evolve beyond a risk-focused lens to stay relevant and shift to become a value-driven field that completely integrates risk but doesn't lead with it. IG may be assimilated into new digital transformation strategies that keep the individual human at the forefront of command and control, not the AI, and that truly minimizes the overcollection and retention of worthless data. IG practices need to counter the pure profit-driven handover of our futures to such AI.

 

Why is it essential to be a member of InfoGovANZ?

I find InfoGovANZ to be one of the best forums to become focused and knowledgeable about leading practices and collaborate on how to best approach global information governance innovation. It's also a great forum to learn from IG experts and insights spanning many industries and roles.

Protection of Personal Information in Universities

by

The protection of information by universities has come under focus in recent years as a number of Australian universities have been subject to cybersecurity attacks. These attacks highlight the risks of data breaches and the potential impact on students, staff, and research participants. This led to the Office of the Victorian Information Commissioner (OVIC) examining the policies and procedures that Victorian universities have implemented to protect the personal information that they hold from loss and misuse. The Victorian Information Commissioner released its report on  the Examination of Victorian universities’ privacy and security policies report on 29 June 2021 (report).   The findings included that not all universities have clear policies and procedures to guide staff to destroy personal information when it is no longer needed, and some do not have written guidance about sharing personal information with third parties to support staff to consider information security risks. The Victorian Information Commissioner, […]
Member only content (join now)

Carol Feuerriegel

by

Carol Feuerriegel is a member of the InfoGovANZ International Council,  Intel Leader and Group Manager of Enterprise Information and Knowledge for Inland Revenue NZ. She is an expert in information management practice with extensive experience working with Australian and New Zealand organisations as their lead on enterprise information management, information governance and enterprise information architecture.

Carol’s experience spans both public and private sector industries including higher education, local government, engineering & project management, health & medicine, banking & financial services, law, energy and transportation.

Carol holds Master’s degrees in Information Management and in Information Architecture, with Bachelor’s degrees in Library and Information Science, and an Honours degree in Sociology.

Carol is currently completing doctoral research with Victoria University of Wellington in the area of Information Governance, Privacy and Decision-making with a research focus on understanding the relationships between information governance as a component of corporate governance and the data and information required to enable robust delegated decision-making in large organisations.

 

Tell us about yourself?

I am a dual citizen of Australia and New Zealand and I currently live in regional South Australia and work full-time remotely in New Zealand.

I started work in libraries not long after I left school. I completed an undergraduate degree with Honours in Library and Information Science and worked in a range of public, private, and academic libraries. I became involved in corporate information management and records management when I started working for a mining company during the resources boom and subsequently completed a Master of Information Management. After working as an Enterprise Information Architect and Information Governance Manager at Queensland Rail, I followed up with a Master of Information Architecture a few years later. Along the way I also completed the ARMA Information Governance Professional certification (IGP).

 

What led you into the world of Information Governance (IG)?

I have worked in a variety of roles in a variety of different industries and organisations in my career. I love the flexibility I have as an information professional, but I also realize the reason my skills are sought-after is because organisations in every industry are struggling with the same issues - How to maximise the value of data and information while minimizing the risks. Responsible and effective information management is an uphill battle unless there are foundational elements in place that enable an organisation to understand what data and information they create, store, and use and there are the right mechanisms in place to make informed decisions about its management – without these foundations it is a losing battle. I don’t like to lose! So, I started to research and develop the IG tools I needed to do my job well. This included defining the key enabling capabilities that organisations need to have in place, what instruments they need to effectively govern data and information, and what accountabilities and decision rights are needed to enable the right actions to be taken.

 

 Tell us about your current role in IG?

My current role is the Intelligence Leader for Enterprise Information and Knowledge (Kaihautū Mōhiotanga in te reo Maori) with Inland Revenue New Zealand (IR). IR has about 5000 staff in locations across New Zealand. Every citizen or resident of New Zealand is a customer of Inland Revenue. In addition to being the primary revenue agency for the NZ government, IR also administer social policy programs such as Child Support, Student Loans and Kiwsaver (the kiwi version of superannuation). I have been with IR for about three years reporting to the Deputy Commissioner for Information and Intelligence Services. I have a few different teams reporting to me – Information Governance, Information & Knowledge Management (which includes records management) and Information Sharing. In December 2021, the Digital Content Management team which manages IR’s web sites and online tax system will also join us. I lead a wonderful and diverse bunch of information professionals who very ably manage operational information management processes for Inland Revenue while I focus on information strategy and on building our information governance capability.

 

What pressures are organisations facing to ensure IG best practices?

Modern organisations are facing enormous pressures these days. There is significantly more information in our landscape and it’s no longer captured in old-style information systems. ‘Old-style’ in the sense that the data being captured is structured or semi structured and therefore easier to manage. Many of the systems corporate and public service entities now use are democratised – employees have a lot more freedom to capture and create information and save it onto corporate infrastructure through collaborative technologies. The introduction of social computing like M365 into the business landscape has also meant that organisations not only have to manage the information that their employees are creating in their formal IT systems as part of business processes; they must also maintain oversight over collaboration spaces and ad-hoc online conversations. This means they must focus on building information capability and awareness in their employees through training, education and experiential learning programmes, so their employees know how to ‘do the right thing’ with the organisation’s data and their customer’s information.

The range of data, information, and knowledge that organisations are accountable for is huge and the governance issues are equally huge – and multi-dimensional. They range from the basic supply and quality issues that every organisation must address to get the ‘right information to the right people at the right time, and the whole-of-lifecycle activities which ensure that the organisation’s information environment isn’t complex and bloated with redundant and out-of-date information, to the dynamic challenges of data protection and information ethics. Responding to these pressures requires robust foundational IM capability; and answering the emerging questions around the responsible uses of data and information requires strategic thinking and mature future-focused information governance. There is a huge opportunity for information governance practitioners to deliver real value and make a significant contribution by building their organisation’s information governance muscle.

 

How have you adapted your career since COVID 19?

All my previous qualifications I have completed remotely via distance learning through Charles Sturt University (NSW) while working full time– so working remotely as I do now is actually ‘my happy place’! However, in 2016 I was thrilled to join the PhD Programme at Victoria University in Wellington ‘in person’, where my research focus has been on developing an enterprise Information Governance framework and the tools needed to support effective information governance. Unfortunately, COVID and family commitments have made ‘in person’ participation impossible, but I am continuing with my research from South Australia, working with some very talented people (Doug Lambert and the IG team) at Inland Revenue to road-test the thinking and the tools in the real world which has enriched and accelerated my research enormously.

 

With the rapidly evolving technologies and digital disruption, where do you see IG heading in the next few years?

What experience has taught me is that with the right Information Governance tools in place an organisation is no longer perpetually in crisis mode, responding to spot-fires like security breaches or compliance failures, with inadequate understanding of either their business opportunities or their risk position. Technological change is a given so organisations need to be able to adapt in response to these changes but to also understand the principles they need to adhere to ensure they can realize value without creating unacceptable risk. Information governance is fundamental to effective corporate governance and social responsibility which requires a clear line of sight for ownership and accountability of the information assets and practices supporting the business and shaping business decisions. A robust IG framework enables an organisation to respond to changes in the external environment in a deliberate way. Emerging issues like privacy, consumer and indigenous data rights, and information ethics (the ‘Just because we can, should we?’ questions) can be discussed and addressed proactively (instead of reactively) by the right people at the right level in the organisation.

 

Do you have any tips for someone starting out in IG?

I think it’s important to recognise that data, information, and knowledge are all elements of a continuum. The nature of the transition is that data becomes information, information becomes both tacit and explicit knowledge for the people who work with it. Whether it is a resource (raw data) or an asset (information or knowledge), each has different characteristics; each need different management techniques but the governance an organisation applies must be consistent and principle-based for all these elements or else you run the risk of solving a problem for one element that either diminishes the value of or amplifies the risks with one of the other elements.

 

Is there anything you would do differently if you were starting out your career now?

Not a thing! I have loved every minute of it, and I look forward to taking on the challenges that things like the hybrid workplace, artificial intelligence, data sovereignty and algorithmic transparency will bring. A career mantra I would memorize though is ‘Information is not technology’ - if the organisation you are working for can’t tell the difference – find another organisation!

 

A fun fact about yourself?

Hmmm, well it’s fun for me! I have recently become obsessed with sea kayaking. I spend every spare moment either paddling, buying kayaks (I am up to four!) or reading books about kayaking. It’s the only legitimate exercise I know that I can do sitting down!

 

Why is important to be a member of InfoGovANZ?

I love InfoGovANZ as it gives me the opportunity to connect with other people who are as passionate as I am about the role information plays in people’s lives – for good and for bad. There is such a great range of expertise and knowledge in InfoGovANZ members, and they are generous in sharing their knowledge freely. I think it’s a great professional community and I always look forward to participating in our conversations.

IAM 2021 Events Summary Report

by

Information Awareness Month (IAM) is the opportunity for industry bodies and industry practitioners to work together to celebrate the amazing profession of managing information. The collaboration of industry groups continues to evolve by strengthening relationships which in turn, provides added exposure to all things information for all members. Industry bodies worked together to determine the trending issues impacting Information Management (IM) in 2021 and agreed that the National Archives of Australia (NAA) new policy “Building Trust in the Public Record” provided guidance on the theme for this year’s IAM. The IAM 2021 Events Summary report provides collaborative group members a summation of the discussions that occurred at each of the round tables with ideas to follow up in the ensuing years.
Member only content (join now)

NAA receives $67m to digitalise old records

by

Almost 300,000 records of Australian history including radio recordings of former prime minister John Curtin and a petition to King George V for Indigenous representation in Federal Parliament will be saved after a $67.7 million funding injection into the National Archives. The Tune Review, released in March this year said immediate action was needed to preserve deteriorating records in paper-based form, as well as magnetic tape audiovisual records, photos and film, to ensure they weren’t lost forever. Cybersecurity was also underscored as an urgent priority, with the collection of government records otherwise vulnerable to obsolescence, attack, compromise or loss.
Member only content (join now)

Protection of personal data in universities Examination Report

by

Victoria’s Information Commissioner recently released a report following an examination of the privacy policies and procedures in eight Victorian universities. The report found that many universities don’t have clear policies to guide staff to destroy personal information when it is no longer needed. While Universities are prioritising ICT and cybersecurity risks, in general, they have less of a focus on managing risks to personal information related to physical and personnel security. The report includes recommendations for universities to strengthen the protection of personal information by developing policies and procedures to identify and document the personal information they hold, where it is held, and for sharing information with third parties and contracted service providers. InfoGovANZ is hosting a session with Sven Bluemmel – Victorian Information Commissioner to highlight the key findings of the report and discuss the recommendations, book your ticket here. Read more about the report here.
Member only content (join now)

InfoGov IAM2021 Roundtable Report

by

The Information Governance (IG) Roundtable had an engaged discussion covering a wide range of current issues and drivers for information governance. The discussion covered: Drivers of Information Governance in 2021, the compelling reasons for organisations to implement Information Governance, what are the current challenges and actions for protecting information and more. Participants included Roxanne Missingham, Kathryn Dan, Alex Caughey Hutt, Dr Chris Colwell, Dani Wickman, Fiona Beatty, Judy Anderson, David Brous, Genevieve Dwyer, Brandon Voight, David Church, Amanda Dolman and Simon Costello.  The roundtable was hosted by InfoGovANZ, facilitated by Susan Bennett and sponsored by ActiveNav.    IG Drivers in 2021  Our discussion considered key trends in IG, noting that the InfoGovANZ IG Industry Report 2021 identified the three main drivers for IG as:  External regulatory compliance and legal obligations;   Good business management practices; and  Internal technology restructuring or transitions.   The role of regulatory compliance as a mechanism to elevate […]
Member only content (join now)

EU bodies call for facial recognition ban in public

by

The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have supported the call on the European Commission’s Proposal for a Regulation on the use of artificial intelligence technologies but expressed concern by the exclusion of international law enforcement cooperation from the scope of the proposal. The EDPB and EDPS go further than the  European Commission’s proposal for a regulation issued in April — urging that the planned legislation should be broader to include a ‘general ban on any use of AI for automated recognition of human features in publicly accessible spaces, such as recognition of faces, gait, fingerprints, DNA, voice, keystrokes and other biometric or behavioural signals, in any context.’ Read the EDPB release here and the Proposal here.
Member only content (join now)

Pavan Kotha

by

Pavan Kotha is the Manager of Forensic & Technology Services at Clayton Utz.

Pavan is an eDiscovery guru and IG enthusiast. He's had a widely varied career including roles as programmer, production specialist, data analyst, quality control specialist, review manager, and eDiscovery project manager which lends to a holistic view of IG used in his current role.

Tell us about yourself?

I started my eDiscovery career in 2010. Over the course of 10 years, I have put on many hats including - programmer, production specialist, data analyst, quality control specialist, review manager, and eDiscovery project manager. I have been fortunate to work on projects within different regions like India, USA, UK, UAE and Australia. These diverse opportunities helped me to learn and adapt to different cultures, lifestyles and most importantly work with the most brilliant minds in the industry. I finally settled in Sydney last year with my wife and 5-year-old daughter, just before the global pandemic. I am now part of the Clayton Utz FTS practice group, where I am having great time managing projects, streamlining processes, training clients and peers.

When I am not working, you will usually find me playing with my daughter, listening to audiobooks, meditating on a riverside or a top of a mountain.

 

What led you into the world of Information Governance (IG)?

Primarily, I work on managing electronic discovery projects by implementing data culling techniques and designing review workflows for regulatory, investigation and litigation matters. Most of the underlying data issues that I have seen so far during document review lead me back to the organisation’s IT data governance and record and archival system failures. When legal teams do not involve forensic or eDiscovery specialists during the initial data scoping exercise or skip data scoping exercises altogether it leads to last-minute collection sweeps, which blow budgets and create ongoing inefficiencies during document review. This motivated me to learn more about email archival systems and data governance frameworks to better help clients by identifying these issues in the early stages of collections and better assist them by designing efficient reviewer accelerator workflows.

 

What pressures are organisations facing to ensure IG best practices?

I believe the biggest move for most organisations has been migration from the exchange server to O365.  Most organisations have done this by deploying the tools like O365 cloud emails, business enterprise instant messages and collaborative tools. However, the biggest challenge now is making sure they have the right team, that is the specialised IT team who can own and maintain these systems and to make sure these are all discovery ready. What we are seeing right now is that most of IT professionals do a great job with application maintenance, system upgrades and security patches, but very few understand the need for the data to be archived or maintained in a way that it can be readily discoverable when the organisation becomes involved in litigation. To efficiently do this, we need more information governance professionals with the right skills to ensure this is done.

 

What are the biggest developments you have seen in the IG?

I think especially in the past 5 years, changes in privacy laws, such as the GDPR and CCPA have been major drivers for organisations to implement better data and information governance.  This is because effective information governance is the best way for the organisations to ensure they meet all of their legal compliance requirements. The requirement to be complaint means there is increasing awareness that organisation’s need to implement appropriate policies, processes and procedures to manage information at the enterprise level.

Do you have any tips for someone starting out in IG?

I do not see myself as an IG guru but an IG enthusiast, so I am always curious to learn more about best information governance practices. There are many helpful resources out there but one simple and most efficient thing I do to keep myself up to date is attending InfoGovANZ webinars and newsletters. There is always a lot of valuable content and great insights from the experts shared in these venues.

 

With the rapidly evolving technologies and digital disruption, where do you see IG heading in the next few years?

If we look back 10 years, responding to regulatory investigation requests and litigation discovery orders was 100% reactive. Thanks to global privacy laws like the GDPR we have seen a more structured approach to managing data and information at the enterprise level.

Organisations are also facing legal, regulatory and compliance pressures that demand the data overload be addressed proactively to directly meet business objectives beforehand. The focus has moved from what information repositories can functionally do, to an overarching strategy to govern data and information. A solid information governance program provides accurate, consistent information controls that deliver the right information at the right time.  From my perspective, it is most important that organisations  be proactive and ready for discovery. Therefore, I am positive that more organisations will set up enterprise-wide information governance programs, which will also include tools including advanced eDiscovery tools, which will perform targeted searches and accelerate the collection process and cut down discovery turnaround times.

Why it is important to be a member of InfoGovANZ?

It is not easy to keep yourself up to date with rapidly changing technology and policies. As I have mentioned earlier being a member of InfoGovANZ, participating in their events, attending their MeetnGreet virtual events is a great way to expand your professional network, learn from the IG experts and most importantly stay current.

Pavan Kotha, Manager of Forensic & Technology Services at Clayton Utz.

Pavan is an eDiscovery guru and IG enthusiast. He's had a widely varied career including roles as programmer, production specialist, data analyst, quality control specialist, review manager, and eDiscovery project manager which lends to a holistic view of IG used in his current role.

Announcing new InfoGovANZ membership model

by

We are launching an exciting new InfoGovANZ membership model.

The new model provides even greater value for our members with global thought leadership, access to experts, exclusive events, IG insights and resources.

Membership will help keep you up to date with and on top of current thinking on important topics in the IG world, together with the opportunities to connect with the fast growing IG community.

You can find out more about the new InfoGovANZ membership options here.

Fiona Beatty

by

Fiona Beatty is Assistant Director Information Governance at Australian Financial Security Authority, where in 2019 she received an Australia Day award for Public Service.

Fiona started in the world of information governance while on a temporary placement in local government ten years ago. She now leads the development and implementation of agency-wide strategies and the promotion and maintenance of the AFSA Information Governance Framework.

Tell us about yourself?

I live in beautiful Brisbane with my husband, 2 dogs, cat and all the local birds! We love the leafy existence so close to the city and feel truly privileged to live here. I enjoy spending time in our garden and appreciate the bounty of the land (small as it is) with mangoes, bananas, star fruit, chocolate pudding fruit, pawpaw, guava and my fresh herbs.

I love to cook but find that I have less time to do it these days. I picked up a new favourite hobby during COVID – clothing re-purposing – where I take old garments and remodel them into new creations – mostly from my husbands’ wardrobe.

I am a mother to four grown men – and I survived! My boys are my truest joy and I hope that before too long I will gain daughters in law.

 

What led you into the world of Information Governance (IG)? 

I have always had an organised view of the world and find myself happiest when all things are well-organised and efficient.

I stumbled into the world of information governance when I was on a temporary placement in local government and I started to read the administration guide for the system we were running. I began asking questions about why we weren’t utilising functionality that was OOTB and was blessed to be given an opportunity to show exactly how we could improve things. I went on to upgrade our systems and implement new platforms.

I haven’t looked back and can’t imagine being in another industry that would allow my natural abilities to shine as much as the information governance field has.

 

Tell us about your current role in IG?

My current role is a true IG position – at least I see it that way. I am responsible to advise direction and drive the change required to mature the existence of frameworks and practices to support the required understanding of information management and the associated business components to enable better outcomes for our staff and our clients.

My role has developed over time as I have been able to effectively communicate the broader information governance landscape to our executive.

 

What pressures are organisations facing to ensure IG best practices?

The main pressure I see is technology driving decisions rather than business needs.

Our responsibility as practitioners is to ensure we are passing relevant information on to the appropriate decision makers to allow IG to be a leading decision point and not an after-thought.

 

What are the biggest developments you have seen in the IG?

I have witnessed a broader understanding and acceptance of the relevance of IG as being an underpinning requirement for all business. The development of the CIGO (Chief Information Governance Officer) concept has allowed an authoritative seat at the table for information governance. I see the principle that if we get our information strategy right we will be able to build on that foundation to leverage better corporate outcomes building greater backing.

Driving strategy and leveraging appropriate technologies will see Information Governance mature and flourish.

 

Do you have any tips for someone starting out in IG?

Ask questions – lots of them, never grow tired of looking at new things and don’t take it personally – when people don’t like the systems, processes, or frameworks you recommend. See it as a challenge to help them understand – because ultimately what we do really matters, they just don’t realise it yet!

 

With the rapidly evolving technologies and digital disruption, where do you see IG heading in the next few years?

The IG industry is on the verge of significant change. We have seen rapid change in the way that people live and work with technology and we need to move our mindset away from the way we’ve always done things and be open to new and efficient ways of working and supporting this important work.

The growth of information across the globe means there are not enough physical records managers to keep up with it. The added complexity of environments means we need new ways of managing the information lifecycle and I believe this must include machine learning. We need to be in front of this conversation to ensure that the appropriate governance and testing is done to support best practice outcomes for future Info Gov generations.

 

Why is it important to be a member of InfoGovANZ ?

InfoGovANZ has been doing a great job of bringing together experts (SME’s) to elevate the conversation surrounding change and requirements across industry.

The collegiate discussions and educational presentations are helping to mature views on the validity of IG, especially in our changing environment.

New regulations for Artificial Intelligence in the EU

by

The European Commission has just announced a package of proposed regulations to make sure that AI systems used in the EU are safe, transparent, ethical, unbiased and under human control.  They are categorised by risk with checks imposed on any ‘high-risk’ technology and also include a ban on most surveillance including live facial scanning, as well as AI systems to filter school, job or credit scoring.  AI applications used in critical infrastructure migration and law enforcement would also be subject to strict safeguards. The proposed regulation is one of the broadest of its kind to be introduced by a Western government, and part of the EU’s expansion of its role as a global tech enforcer. Regulators could fine a company up to €30million or 6% of annual world-wide revenue for the most severe violations. Read more about the EU’s approach to AI  in Excellence and trust in artificial intelligence | European Commission (europa.eu) and New rules for […]
Member only content (join now)

Key findings from the 2021 IG Industry Report

by

This is InfoGovANZ’s third survey collecting the opinions of practitioners and industry participants charting the development of information governance over the past five years.  The survey engaged 338 participants and highlights the status, priorities and challenges of information governance for organisations in 2021. The IG Report highlights that implementing and maintaining an IG framework is the most important priority for organisations for nearly half of industry professionals, with the three main enterprise-wide drivers of IG projects identified as external regulatory, compliance and or legal obligations(74%); good business management practices(68%); and internal technology restructuring or transition(50%). “While only one in five respondents indicated that COVID had been a driving factor for IG projects, there was a notable increase since our last survey in data breaches, lawsuits and investigations acting as a driver for IG projects – particularly in the corporate sector” said Peter Chapman, KPMG Director, Forensics Technology expert and InfoGovANZ […]
Member only content (join now)

LawFest 21: collaborating and networking in person again

by

In late March, 280 legal professionals from across Aotearoa gathered in person in Auckland for the premier legal innovation and technology event on the New Zealand calendar. Like so many events globally, LawFest had considerable disruption and challenges from the COVID-19 pandemic to run the event in person. However, in Aotearoa we have been fortunate to be able to bring together again the legal and technology community to celebrate, collaborate, network and learn about legal innovation – and all in person. The last year has reinforced why we need to innovate and leverage technology – LawFest 21 demonstrated how we can go about this! The event was once again a must for anyone interested in driving efficiency in their organisation.   The key highlights The one-day event was a great opportunity to hear from leaders and change makers in the innovation space. The programme provided something for everyone, from those […]
Member only content (join now)

Dr Peter Chapman

by

Peter is a member of InfoGovANZ's Advisory board, Director in the KPMG Forensic Technology practice and his previous experience includes leading the Sydney Forensic IT practice of PricewaterhouseCoopers, and Acting Sergeant in the NSW Police High Tech Crime Unit.

Over the course of a combined 20 years in these roles, Peter has undertaken analysis of electronic evidence in hundreds of criminal and civil matters, presented expert evidence to state and federal courts, investigated and remediated internal and external data breaches for numerous organisations, managed complex electronic discovery environments, and provided advice to government, public and private organisations in relation to cybersecurity and IT governance related issues.

 

 

Tell us about yourself?

I’ve been really fortunate to have had opportunities to chase a variety of careers and interests. My career path started with the NSW Police which ended with a stint as a digital evidence specialist. This position helped me to jump into a career in digital forensics consulting at PWC, where I also completed an MBA at UTS. I then jumped into a lecturing position at the same uni while completing a PhD in IT Governance, keeping my hand in consulting with a part time position at Ferrier Hodgson. I returned to full time digital forensics and eDiscovery consulting at KPMG in 2019.

What has kept me in the digital forensics field for so long is the puzzle solving aspects – trying to piece together actions and motives from digital activity traces is a great challenge! I’m also a dad to three wonderful kids (including a set of twins) who are really good at soaking up most of my free time.

 

What led you into the world of Information Governance (IG)? 

My professional focus is primarily on forensic technology, electronic discovery and post-IT incident review. Much like when I was a police officer, working in these fields has meant I usually turn up at an organisation when they are dealing with a crisis.

Over time, I began to identify common themes in the underlying causes of IT incidents I investigated that generally led back to either a lack of an effective IT governance framework or the failure to properly implement/follow the framework. This realisation was what lead to my interest in IT governance and my PhD topic.

 

Tell us about your current role in IG?

My current role is investigating breakdowns in good IG practice – everything from technical security incidents to IT procurement & project failures. In addition to providing expert reporting where necessary, I also identify root causes and provide guidance for improvement where the job scope allows for such.

 

What pressures are organisations facing to ensure IG best practices?

As there always has been, there is a constant friction between following “best” practices and workflow efficiency (e.g. the battle between data security and availability). On the flip side, I think many organisations still fall into the trap of thinking that IG is really just risk management with a fancy name. The pandemic, rise in privacy regulations and constant newsfeed regarding IT security incidents has really driven this risk focused view to the fore. However, it is important that those charged with responsibility for IG need to be thinking in terms of both risk and reward when it comes to information and technology.

 

What are the biggest developments you have seen in the IG?

In the last 5 years we have seen a lot of activity in the IG thought leadership space – it is great to see industry bodies and professional groups really trying to build comprehensive frameworks and guidance around a holistic view of information and technology rather than continuing to build in a piecemeal way. Leaders have become increasingly aware of the value of properly governing organisational information, however this has unfortunately given rise to a far more active and dangerous criminal element seeking to profit from this increased realisation of value.

 

Do you have any tips for someone starting out in IG?

IG is such a broad field, and even amongst experienced IG specialists there are very few who could accurately claim to be fully across everything that IG encompasses. I would recommend picking one or two focus areas that are of interest and specialising in that field. Once you have developed a core skillset it will help you to branch out into other areas (via training or other professional development), understand how your area ties into (or should tie into) an IG framework and identify opportunities to put forward or participate in IG efforts within your organisation.

 

With the rapidly evolving technologies and digital disruption, where do you see IG heading in the next few years?

Organisations are still sorting out their preferences on cloud technology and machine learning, dealing with the challenges of unstructured data and privacy regulations, and grappling to really understand the risks and benefits of these issues at a leadership level. This is where IG really needs to come to the fore to help leaders make sense of the wild array of tech, legal and operational issues at play.

We will see better performing organisations really break down the cultural and functional silos between IT, internal counsel, risk management and operations to ensure that the risk vs reward for technology opportunities is properly understood and effectively acted on. These organisations will have responsive and evolving IG frameworks in place, almost certainly giving them a competitive advantage over those without.

 

Why is it important to be a member of InfoGovANZ ?

Information technology is such a rapidly evolving field, even in a highly specialised area such as digital forensics I am constantly learning and updating my knowledge. Expanding that out into all of the legal, risk and operational aspects encompassed by IG – it becomes an increasingly difficult task to stay on top of just the critical issues. Participating in InfoGovANZ events and reviewing the great content coming through the newsletters  has not only given me a great way to stay on top of current events, it has also given me the opportunity to meet and become acquainted with an amazing group of individuals from a vast array of backgrounds. It really has helped me feel that if I don’t know the answer to an IG question, I surely know someone who does!

Nicole White

by

Tell us about yourself?

I live on the beautiful Mornington Peninsula with my husband, two children and Great Dane/Mastiff Cross, Lex. I have led information management (IM) and governance (IG) programs in various industries for over 20 years, including development of data and information strategy and frameworks and implementation of enterprise IM and IG programs. I have had the opportunity over the years to learn various disciplines including change and project management, risk and compliance management and in recent years have been learning about the discipline of Business Architecture and how it can be used support strategic planning and inform the programs I lead.

 

What led you into the world of Information Governance (IG)? 

When I was in high school I wanted to be a physiotherapist. During work experience in year 11 I ended up being the patient, nearly fainting while helping the physio with a patient. That and other incidents when visiting hospitals made me rethink my career path. A lecturer from Deakin Uni visited my school and introduced me to a new Bachelor of Applied Science course they had recently developed in Information Management. Fast forward 30 years and I have never regretted the decision to undertake this course and do further studies completing my Master of Business (Information Innovation) in 2002 at RMIT. I have had the opportunity to work and live in London and Sydney, however the majority of my working life has been spent in Melbourne leading information management and governance capability uplift in organisations including BHP Billiton, Telstra, Port of Melbourne, APA Group, Victoria Police and Holmesglen Institute.

 

Tell us about your current role in IG?

I recently joined a mid-sized Not-for-Profit organisation and am in the process of establishing their information management and governance function. This is a new role for the organisation and I am excited to have the opportunity to build capability across the data, information and knowledge management domains in order to continuously improve the services we provide to our customers. As the nominated Privacy Officer I also have the opportunity to ensure appropriate information security controls are embedded within the organisation. The Victorian Protective Data Security Framework is a great resource for any organisation wanting to uplift their information security posture.

 

What pressures are organisations facing to ensure IG best practices?

Increasing expectations from customers to ensure their information is accurate and secure and their experience when using an organisation’s services is consistent and competent is a key driver. As Government increasingly outsources services to third party organisations, those organisations are required to demonstrate compliance to relevant industry and regulatory standards, including the ability to demonstrate appropriate information governance of the data they are managing on the Government’s behalf. Business cases which can demonstrate how IG can enable the organisation to do more with less will also be more likely to succeed due to the ongoing need to drive operational costs lower.

 

What are the biggest developments you have seen in the IG?

One of the most important developments driving change within organisations is the establishment of data and information governance functions and roles both within the analytics domain and the overall information management domain. The establishment of information governance roles demonstrates the increasing importance of this function for an organisation to address information risk and increase information value.

 

Do you have any tips for someone starting out in IG?

When planning the implementation of an Information Governance program consider what the desired state is from a people, processes, information and technology perspective. All of these elements need to be addressed as part of a program of work if you want to create sustainable change.

Keep growing and sharpening the tools in your toolbox – change and project management, risk and compliance management are just some of the domains worthy of pursuit and are all enablers of an IG program / function.

 

With the rapidly evolving technologies and digital disruption, where do you see IG heading in the next few years?

I am hopeful that increasing access to quality data sets as well as increasing collaboration between Government and industry will have a significant impact on the ability to effectively use, manage and share data and information to help inform solutions to significant problems the world is facing.

 

Why is it important to be a member of InfoGovANZ ?

There has been a lot of great work done in IG, however with much more to be done InfoGovANZ provides the thought leadership and creates a space for this wonderful network of passionate people to grow their share their experience. I find it challenging to keep up with legal and regulatory changes and appreciate the valuable insights that Susan and her team provide.

7 Information Governance Takeaways for 2021

by

  As we put 2020 behind us and look forward to 2021, InfoGovANZ reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Given the expected ongoing complex and uncertain operating environment in 2021, robust information governance is needed to provide […]
Member only content (join now)

Accountability & IG – Sonya Sherman

by

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Our expert panel included InfoGovANZ Advisory Board member, Sonya Sherman, with over 20 years’ experience is a highly regarded […]
Member only content (join now)

Collaboration & IG – Bryn Bowen

by

As we put 2020 behind us and look forward to 2021, we reflected in an interactive virtual discussion forum on the key IG learnings from the past 12 months and the insights and actions we now need to be taking to make the most of the opportunities and challenges on the road to recovery in 2021. We’ve seen the different ways governments have responded to the COVID-19 pandemic and the results in managing the pandemic. Similarly, organisations have had to adapt to the changes and, in particular, to faster digital transformation. Robust governance of organisations and of information has never been so important. Increased cyber risks and the importance of access to real-time and accurate data for decision-making, both at the board level and throughout the organisation, are now critical issues. Our expert panel included InfoGovANZ International Council member,  Brynmor Bowen, Principal Consultant at Greenheart Consulting Partners, and a Board […]
Member only content (join now)