Information Governance Think Tank
We are launching an exciting new InfoGovANZ membership model.
The new model provides even greater value for our members with global thought leadership, access to experts, exclusive events, IG insights and resources.
Membership will help keep you up to date with and on top of current thinking on important topics in the IG world, together with the opportunities to connect with the fast growing IG community.
You can find out more about the new InfoGovANZ membership options here.
Tell us about yourself?I live in beautiful Brisbane with my husband, 2 dogs, cat and all the local birds! We love the leafy existence so close to the city and feel truly privileged to live here. I enjoy spending time in our garden and appreciate the bounty of the land (small as it is) with mangoes, bananas, star fruit, chocolate pudding fruit, pawpaw, guava and my fresh herbs.
I love to cook but find that I have less time to do it these days. I picked up a new favourite hobby during COVID – clothing re-purposing – where I take old garments and remodel them into new creations – mostly from my husbands’ wardrobe.
I am a mother to four grown men – and I survived! My boys are my truest joy and I hope that before too long I will gain daughters in law.
I have always had an organised view of the world and find myself happiest when all things are well-organised and efficient.
I stumbled into the world of information governance when I was on a temporary placement in local government and I started to read the administration guide for the system we were running. I began asking questions about why we weren’t utilising functionality that was OOTB and was blessed to be given an opportunity to show exactly how we could improve things. I went on to upgrade our systems and implement new platforms.
I haven’t looked back and can’t imagine being in another industry that would allow my natural abilities to shine as much as the information governance field has.
My current role is a true IG position – at least I see it that way. I am responsible to advise direction and drive the change required to mature the existence of frameworks and practices to support the required understanding of information management and the associated business components to enable better outcomes for our staff and our clients.
My role has developed over time as I have been able to effectively communicate the broader information governance landscape to our executive.
The main pressure I see is technology driving decisions rather than business needs.
Our responsibility as practitioners is to ensure we are passing relevant information on to the appropriate decision makers to allow IG to be a leading decision point and not an after-thought.
I have witnessed a broader understanding and acceptance of the relevance of IG as being an underpinning requirement for all business. The development of the CIGO (Chief Information Governance Officer) concept has allowed an authoritative seat at the table for information governance. I see the principle that if we get our information strategy right we will be able to build on that foundation to leverage better corporate outcomes building greater backing.
Driving strategy and leveraging appropriate technologies will see Information Governance mature and flourish.
Ask questions – lots of them, never grow tired of looking at new things and don’t take it personally – when people don’t like the systems, processes, or frameworks you recommend. See it as a challenge to help them understand – because ultimately what we do really matters, they just don’t realise it yet!
The IG industry is on the verge of significant change. We have seen rapid change in the way that people live and work with technology and we need to move our mindset away from the way we’ve always done things and be open to new and efficient ways of working and supporting this important work.
The growth of information across the globe means there are not enough physical records managers to keep up with it. The added complexity of environments means we need new ways of managing the information lifecycle and I believe this must include machine learning. We need to be in front of this conversation to ensure that the appropriate governance and testing is done to support best practice outcomes for future Info Gov generations.
InfoGovANZ has been doing a great job of bringing together experts (SME’s) to elevate the conversation surrounding change and requirements across industry.
The collegiate discussions and educational presentations are helping to mature views on the validity of IG, especially in our changing environment.
Peter is a member of InfoGovANZ's Advisory board, Director in the KPMG Forensic Technology practice and his previous experience includes leading the Sydney Forensic IT practice of PricewaterhouseCoopers, and Acting Sergeant in the NSW Police High Tech Crime Unit.
Over the course of a combined 20 years in these roles, Peter has undertaken analysis of electronic evidence in hundreds of criminal and civil matters, presented expert evidence to state and federal courts, investigated and remediated internal and external data breaches for numerous organisations, managed complex electronic discovery environments, and provided advice to government, public and private organisations in relation to cybersecurity and IT governance related issues.
I’ve been really fortunate to have had opportunities to chase a variety of careers and interests. My career path started with the NSW Police which ended with a stint as a digital evidence specialist. This position helped me to jump into a career in digital forensics consulting at PWC, where I also completed an MBA at UTS. I then jumped into a lecturing position at the same uni while completing a PhD in IT Governance, keeping my hand in consulting with a part time position at Ferrier Hodgson. I returned to full time digital forensics and eDiscovery consulting at KPMG in 2019.
What has kept me in the digital forensics field for so long is the puzzle solving aspects – trying to piece together actions and motives from digital activity traces is a great challenge! I’m also a dad to three wonderful kids (including a set of twins) who are really good at soaking up most of my free time.
My professional focus is primarily on forensic technology, electronic discovery and post-IT incident review. Much like when I was a police officer, working in these fields has meant I usually turn up at an organisation when they are dealing with a crisis.
Over time, I began to identify common themes in the underlying causes of IT incidents I investigated that generally led back to either a lack of an effective IT governance framework or the failure to properly implement/follow the framework. This realisation was what lead to my interest in IT governance and my PhD topic.
My current role is investigating breakdowns in good IG practice – everything from technical security incidents to IT procurement & project failures. In addition to providing expert reporting where necessary, I also identify root causes and provide guidance for improvement where the job scope allows for such.
As there always has been, there is a constant friction between following “best” practices and workflow efficiency (e.g. the battle between data security and availability). On the flip side, I think many organisations still fall into the trap of thinking that IG is really just risk management with a fancy name. The pandemic, rise in privacy regulations and constant newsfeed regarding IT security incidents has really driven this risk focused view to the fore. However, it is important that those charged with responsibility for IG need to be thinking in terms of both risk and reward when it comes to information and technology.
In the last 5 years we have seen a lot of activity in the IG thought leadership space – it is great to see industry bodies and professional groups really trying to build comprehensive frameworks and guidance around a holistic view of information and technology rather than continuing to build in a piecemeal way. Leaders have become increasingly aware of the value of properly governing organisational information, however this has unfortunately given rise to a far more active and dangerous criminal element seeking to profit from this increased realisation of value.
IG is such a broad field, and even amongst experienced IG specialists there are very few who could accurately claim to be fully across everything that IG encompasses. I would recommend picking one or two focus areas that are of interest and specialising in that field. Once you have developed a core skillset it will help you to branch out into other areas (via training or other professional development), understand how your area ties into (or should tie into) an IG framework and identify opportunities to put forward or participate in IG efforts within your organisation.
Organisations are still sorting out their preferences on cloud technology and machine learning, dealing with the challenges of unstructured data and privacy regulations, and grappling to really understand the risks and benefits of these issues at a leadership level. This is where IG really needs to come to the fore to help leaders make sense of the wild array of tech, legal and operational issues at play.
We will see better performing organisations really break down the cultural and functional silos between IT, internal counsel, risk management and operations to ensure that the risk vs reward for technology opportunities is properly understood and effectively acted on. These organisations will have responsive and evolving IG frameworks in place, almost certainly giving them a competitive advantage over those without.
Information technology is such a rapidly evolving field, even in a highly specialised area such as digital forensics I am constantly learning and updating my knowledge. Expanding that out into all of the legal, risk and operational aspects encompassed by IG – it becomes an increasingly difficult task to stay on top of just the critical issues. Participating in InfoGovANZ events and reviewing the great content coming through the newsletters has not only given me a great way to stay on top of current events, it has also given me the opportunity to meet and become acquainted with an amazing group of individuals from a vast array of backgrounds. It really has helped me feel that if I don’t know the answer to an IG question, I surely know someone who does!
I live on the beautiful Mornington Peninsula with my husband, two children and Great Dane/Mastiff Cross, Lex. I have led information management (IM) and governance (IG) programs in various industries for over 20 years, including development of data and information strategy and frameworks and implementation of enterprise IM and IG programs. I have had the opportunity over the years to learn various disciplines including change and project management, risk and compliance management and in recent years have been learning about the discipline of Business Architecture and how it can be used support strategic planning and inform the programs I lead.
When I was in high school I wanted to be a physiotherapist. During work experience in year 11 I ended up being the patient, nearly fainting while helping the physio with a patient. That and other incidents when visiting hospitals made me rethink my career path. A lecturer from Deakin Uni visited my school and introduced me to a new Bachelor of Applied Science course they had recently developed in Information Management. Fast forward 30 years and I have never regretted the decision to undertake this course and do further studies completing my Master of Business (Information Innovation) in 2002 at RMIT. I have had the opportunity to work and live in London and Sydney, however the majority of my working life has been spent in Melbourne leading information management and governance capability uplift in organisations including BHP Billiton, Telstra, Port of Melbourne, APA Group, Victoria Police and Holmesglen Institute.
I recently joined a mid-sized Not-for-Profit organisation and am in the process of establishing their information management and governance function. This is a new role for the organisation and I am excited to have the opportunity to build capability across the data, information and knowledge management domains in order to continuously improve the services we provide to our customers. As the nominated Privacy Officer I also have the opportunity to ensure appropriate information security controls are embedded within the organisation. The Victorian Protective Data Security Framework is a great resource for any organisation wanting to uplift their information security posture.
Increasing expectations from customers to ensure their information is accurate and secure and their experience when using an organisation’s services is consistent and competent is a key driver. As Government increasingly outsources services to third party organisations, those organisations are required to demonstrate compliance to relevant industry and regulatory standards, including the ability to demonstrate appropriate information governance of the data they are managing on the Government’s behalf. Business cases which can demonstrate how IG can enable the organisation to do more with less will also be more likely to succeed due to the ongoing need to drive operational costs lower.
One of the most important developments driving change within organisations is the establishment of data and information governance functions and roles both within the analytics domain and the overall information management domain. The establishment of information governance roles demonstrates the increasing importance of this function for an organisation to address information risk and increase information value.
When planning the implementation of an Information Governance program consider what the desired state is from a people, processes, information and technology perspective. All of these elements need to be addressed as part of a program of work if you want to create sustainable change.
Keep growing and sharpening the tools in your toolbox – change and project management, risk and compliance management are just some of the domains worthy of pursuit and are all enablers of an IG program / function.
I am hopeful that increasing access to quality data sets as well as increasing collaboration between Government and industry will have a significant impact on the ability to effectively use, manage and share data and information to help inform solutions to significant problems the world is facing.
There has been a lot of great work done in IG, however with much more to be done InfoGovANZ provides the thought leadership and creates a space for this wonderful network of passionate people to grow their share their experience. I find it challenging to keep up with legal and regulatory changes and appreciate the valuable insights that Susan and her team provide.
