Publications & Resources




Data as a Strategic National Resource: The Importance of Governance and Data Protection

This article highlights that governing the collection, storage and handling of data though appropriate policies and procedures is key to realising its value.

The policies and processes relating to privacy, cybersecurity and information technology all need to align and coordinate with the overall management of data.

This article by Susan Bennett, was first published in the August edition of Governance Directions.

Read the article here


IGANZ Survey Report 2019

Information Governance ANZ is pleased to release our 2019 survey report into the status of Information Governance in Australia and New Zealand.

The 2019 survey engaged over 340 industry professionals and highlights the priorities and challenges of information governance for organisations.

The 2019 Survey Results present some interesting findings for all organisation sectors - whether corporate, government or not-for-profit. If you'd like to run an information session within your organisation, please click here.

Read the 2019 Survey Report


See More Publications Below


Information Governance Articles


The Governance of Things - The Challenges of Information Governance in a Cyber-Physical World

When people think about information and information governance, they may think about information in a purely digital or online sense. And, they tend to think that governance centres on addressing privacy and broader legal compliance requirements and, perhaps, consider information from a business risk perspective. 

Download Now

Steps to Increasing Enterprise Information Governance Mindshare

Most organizations are at or near the end of transforming and/or updating transactional processes and systems to become more efficient and reduce cost. However, the people, processes and information that drive time to market and sales have been under-served. 

Download Now


Why Information Governance Needs Top-Down Leadership

Effective leadership of information governance (IG) is key to ensuring that appropriate strategies, priorities, policies and processes are successfully embedded in an organisation, both to maximise the opportunities and minimise the risks arising from the information it holds.

Download Now

Enterprise Information Governance

Organisations that are successfully addressing the business challenge of being overwhelmed by the exponential information growth are placing value at the core of their information governance program. 

Enterprises are now asking “How do we better manage and provide governance across this increasing volume of information to harness the business value from it?” 

Download Now


The Governance of Things - Unpacking the Benefits of Information Governance

Organisations need to consider information as an asset and measure both the value and costs of the data they hold. This means measuring the financial benefits derived from the value of data held as well the costs and subsequent savings from risk management investments.

Download Now

Generic Tech Img 2.jpg

The Governance of Things - Driving the Value of Information Governance

Effective governance of information requires a strategic approach. This involves quantifying each of the business drivers by breaking them down into categories: risk, hard and soft costs, and information value. Once this is completed, a return on investment can be calculated to drive and implement effective information governance solutions that deliver results to the bottom line.

Download Now


Leverage the ISO 55000 Standard for Asset Management

The case for leveraging ISO 55000 for heavy asset industries, infrastructure and the public sector is indisputable. Instigating comprehensive and effective Information Governance improves the ability of organisations to comply with laws and manage asset-related risk while providing real business value. 

Download Now

The Governance of Things - What is Information Governance and how does it differ from Data Governance?

As Information Governance and Data Governance becomes increasingly important for organisations seeking to control and secure information, it is important to understand what each one does and achieves.

Download Now


IGANZ Information Governance Industry Survey Results

We would like to thank all those who responded to the survey and hope the final results prove interesting and useful. A few key findings:

  • 49% of survey respondents felt their leadership had failed to address Information Governance.

  • The main driving factors of Information Governance projects were external regulatory pressures (80%) and good business practices (59%).

Download Now

Information Governance – Leveraging People, Policy and Process to Drive Best Practice Across the Enterprise

One of the challenges enterprises currently face is the lack of management of information across their business processes, from end to end. Understanding how your organisation leverages information holistically, from end to end, and the management of this information, can be realised with an Information Governance Program. 

Download Now


What is information governance and how does it differ from data governance?

The terms ‘information’ and ‘data’ are often used interchangeably but there are differences in meaning. Data are simply facts or figures — bits of information, but not information itself.  Information provides context for data. This article provides an overview of why both these disciplines are important for organisations seeking to control and secure information and an understanding of what each discipline does and achieves for an organisation.

Read the article now


Corporate Governance in the digital economy: the critical importance of Information Governance

Good corporate governance in the data driven and digital economy poses significant challenges for Boards and seniors executives. In this article, Professor Michael Adams and Susan Bennett highlight the importance of information governance to ensure there is a unified strategy and framework to govern information effectively.

Good information governance enables organisations to maximise the value of information as a business asset while minimising risks and costs, particularly those associated with data breach. 

Read the article here


Information Governance Leadership - Controlling Data and Information to Achieve Strategic Objectives

Effective Information Governance leadership enables an organisation to deliver continual strategic and proactive governance as digital disruption impacts the organisation and digital transformation continues. 

Read the article now


A Practical Guide to Information Governance

This Guide addresses the lack of a common set of languages to support the growth of IG as a discipline and provides an easy to read explanation of Information Governance. A broad range of IG practitioners from both public and private sector, participated in a number of forums to leverage their collective experience to develop this Guide

Read the guide now

Download the PDF


What does Blockchain have to do with Information Governance?

You have probably heard of Blockchain from the perspective of the Cryptocurrency Bitcoin but this relatively new technology platform, provides us with an opportunity to reassess how we leverage the technology component of the Information Governance equation particularly in the areas of Privacy, Records Management, Information Management, and Cybersecurity.

Read the article now


Impact of Technology and Information Governance: impact of AI and Unconscious Bias

This article by Prof. Michael Adams is focused on the technology aspects of company directors concerns in the 2018/2019 financial year.

Michael believes that technology, should probably be the top of directors and governance professionals minds. This is because it will form part of most companies corporate strategy.

Read the article now


Governance Documents - the essential building blocks of Information Governance

This article provides us with a very informative and pragmatic overview on an approach to implementing a document framework across an organisation to ensure consistent information about how the business is operated and what standards are expected to be met as part of the ‘common language’ required for effective corporate governance and why it is essential to efficient business operations.

Read the article now 

Governance Documents – creating a ‘Common Language’ for Corporate Governance

This is the second part of InfoGovANZ Advisory Board Member, Carol Feuerriegel's excellent series on governance documents.  This article explains how to establish and communicate a simple governance document hierarchy in your organisation to support better corporate governance by creating a shared understanding of the key tools used to embed corporate culture, establish strategic priorities, maintain business operations and to control risks.

Read the article now


Without Information Management - How do we apply Information Governance Policy

In the Digital Age enterprises understand the need to transform their business model to automate business processes leveraging the data and information that is available across the enterprise. This represents a tremendous business opportunity but is also a significant challenge.

At the heart of this transformation, and increasingly a by-product of it, is digital information. In a global digital economy, making use of information and data as part of the business model is critical for progress and success.

Read the article here

Information & Data Trends & Challenges - IAM 2019

InfoGovANZ joined with National Archives and other professional organisations including RIMPA, IM, DAMA, Australian Society of Archivists, Australian Library and Information Association as part of Information Awareness Month.  The event provided an opportunity for industry leaders  to share perspectives on contemporary information and data management trends and challenges.  The Many Voices, One Message booklet summarising the key themes and topics discussed at the workshop has just been published this week.

Access the booklet


Cybersecurity Articles


Cyber Insurance: how it works and the benefits of information governance

In this article, Meena explains what organisations can do to reduce cyber risks and why an effective data and information governance program is instrumental for businesses looking to invest in cyber insurance.

Meena is a cyber insurance and data breach broker, specialising in cyber risk, data privacy, intellectual property and cyber crime.  She helps organisations identify potential cyber risks and believes that cyber insurance should be a key component of a company's enterprise risk management strategy. 



Information Security & Information Governance – how they work together

In this article, Richard Kilpatrick  outlines the difference between Information Security and Information Governance and explains why IG frameworks are essential for the successful orchestration of specialised security systems.

Richard  is a highly experienced consultant in information technology, focusing on realistic data governance, security and privacy. He has led programs of work to discover and classify data across multiple business units, within banks, telcos, health and media.

Read the article now


APRA's New Cyber Security Regulation

At the Insurance Council of Australia’s Annual Forum in March 2018,  APRA Executive Board Member Geoff Summerhayes said: 'APRA views cyber risk as an increasingly serious prudential threat to Australian financial institutions.'

Read the article now


Broken Trust – The Information Security Dangers of Insider Threats

The increasing awareness of external cyber-security threats has executives focused on how their organisation can be defended against the “enemy at the gates”. But are organisations just as much at risk from an “enemy within”? In this article Dr Peter Chapman, Director in the Ferrier Hodgson Forensic Technology and eDiscovery team and InfoGovANZ advisory board member, provides an opinion and case study on insider threat.

Read the article here


Privacy Articles


Data Sharing and Release Bill (Response to Issues Paper)

We recognise that access to data drives efficiencies and advancements, and applied to the right purposes, with the right controls, can drive public benefits and positive societal outcomes. In some circumstances, it may be necessary and beneficial for identifiable information to be shared across government portfolios (for example, to minimise fraud)

Read the article now

Australia's new Notifiable Data Breaches Scheme: Is your Data Breach Response Plan up to date?

Australia’s Notifiable Data Breaches (NDB) scheme comes into effect from 22 February 2018.  This article explains what a Notifiable Data Breach is and when to notify the Australian Information Commissioner and individuals whose personal information has been subject to a data breach likely to result in serious harm. 

Read the article now


GDPR: Change to European Privacy Laws and its impact on Australian Businesses

The GDPR imposes significant change to privacy laws in Europe and will apply and be enforced from 25 May 2018.  

Organisations that fail to comply with the GDPR face heavy fines up to €20 million or up to 4% of global annual turnover, whichever is higher. 

Read the article now

Privacy and Data Breaches: How Information Governance Minimises the Risk

Preventing data privacy breaches is becoming increasingly important, with the increasing costs of dealing with cyber attacks, IT security breaches, and the subsequent legal actions and regulatory investigations.

Read the article now


Mandatory Data Breach Notification is in – Here's all you need to know

From February 2018, your organisation will have to fess up if it experiences a serious data breach. Whilst that may sound like a long time away, the requirement to notify is only the tip of the iceberg.  This article is a reminder to all organisations covered by the Privacy Act to have adequate measures in place to protect information security and to have a privacy governance framework in place. 

Read More


Big Data, Privacy and Information Governance: implementing an ethical based assessment

As the law lags behind in rapid technology innovations, particularly in big data, artificial intelligence (AI), machine-learning and the Internet of Things (IoT), there is increasing awareness and discussion about the need for an ethical based approach to data analytics.  In this article Susan Bennett, co-founder of InfoGovANZ considers why an ethical based approach can build trust and transparency with consumers and citizens, and why it should be part of good information governance, as a means of maximising the value of information derived from data analytics while minimising risks. 

Read more


A Path Towards Trust

Arjun Ramachandran and InfoGovANZ Advisory Board Member Melanie Marks, facilitated by Gilbert +Tobin recently hosted our Privacy & Trust Roundtable.  This very interesting discussion highlighted that the concept of trust may differ in the context of different and organisations, and how organisations can practically go about building it. You can read their thought-provoking article on what it takes for an organisation to build a path towards trust with customers here.

Read the article now

Highlights of the IAPP Global Privacy Summit 2018

This is a round-up of the global IAPP Summit that takes place in Washington DC every year near Easter. It is a massive event, with over 3500 people moving over 4 floors plus an exhibition hall. The sessions covered topics including blockchain, data scraping, GDPR compliance, data breach notification and response, Privacy Shield, Artificial Intelligence (AI), Smart Cities, Big Data, online reputation.

Read the article now


Data Sharing Frameworks - Technical White Paper

The Data Sharing Frameworks Technical White Paper addresses the overarching challenge of developing privacy preserving frameworks, which support automated data sharing, as a way to facilitate smart services creation and deployment in an Australian context.

Read the article now



Identity of a nation: protecting the digital evidence of who we are

InfoGovANZ member Anne Lyons is the author of the latest report from ASPI’s International Cyber Policy Centre, 'Identity of a nation: protecting the digital evidence of who we are'. Anne highlights the importance of protecting our national identity assets - the digital evidence of who we are - in a global environment of cyber-attacks, information manipulation and grey-zone cyber conflict aimed at disrupting nations and in particular western democracies.

Read the article here


Australia’s Mandatory Data Breach Reporting Scheme: a year on what have we learned?

Twelve months on, consumers are arguably more troubled about the lack of safeguards for privacy, while businesses face the prospect of further regulation and oversight. Without a fundamental shift in how privacy is addressed, the cycle of heightened concern followed by further regulation looks set to continue. In this article, Melanie Marks Principal of elevenM and InfoGovANZ advisory board member, examines how data breaches are happening and the benefits of a more proactive and embedded approach of privacy by design. 

Read the article here

OAIC Notifiable Data Breach Report

The NDB scheme applies from 22 February 2018 to all agencies and organisations with existing personal information security obligations under the Privacy Act. It was established by the passage of the Privacy Amendment (Notifiable Data Breaches) Act 2017.

On 13 May the OAIC launched its Notifiable Data Breaches Scheme 12-month Insights Report. If you’re interested to see how the first full reporting year for the notifiable data breach scheme has transpired, click a link to the OAIC report here.

View the report here


Privacy: Let’s take this seriously

In the light of the OAIC Data Breach report Arjun Ramachandran take a look at what is really happening both locally and also on a global basis. He assesses the reality of why companies are addressing privacy and he claims it is not because they are interested in keeping your information private but rather that is what they think you want to hear. 

Read the article here


Records Management Articles


The Governance of Things - Records Management - The Future of the Profession

Although the records management (RM) profession is facing challenges with an increasing focus on information governance, the reality if that its role and function has been in great need for more than 30 years and remains a necessity today.

Download Now

Recordkeeping in Information Governance

In this article Barbara provides an insightful overview of recordkeeping informatics which is an emerging framework for understanding organisational recordkeeping. This framework is based on the need for agility, interdisciplinary focus and the need to adapt practices and requirements in ever-changing technological environments.

The approach is focused on two solid foundation blocks – continuum thinking and metadata, recordkeeping informatics uses three facets of analysis – organisational information culture, business analysis and access.

Read the article now

eDiscovery Articles


The Governance of Things - Increasing Acceptance of Technology Assisted Review

In December 2016, the Supreme Court of Victoria endorsed the use of Technology Assisted Review (TAR) in the eDiscovery process in the case of McConnell Dowell Constructors v Santam. This was the first time TAR had been approved for use
in litigation in an Australian Court.

The use of technologies like TAR assists parties in litigation to meet the requirements ‘of a just, efficient and cost-effective resolution of the dispute’ by reducing the time and cost involved in large scale document production during the discovery process.

Download Now

Susan's Global World.jpg

The Governance of Things - eDiscovery in Australia and New Zealand

eDiscovery is the production of relevant documents that parties to litigation or an inquiry are required to produce to either a Court, Royal Commission, Commission of Inquiry or to a government regulator. The eDiscovery industry is a global industry reflecting the enormous growth in information and the specialised technology which has developed to meet that challenge. While eDiscovery is a specialist area of legal technology the challenge of document production extends well beyond in-house legal departments and requires the assistance of IT departments and records management.

Download Now


AI and the Law - the future is here

Artificial intelligence (AI) is already making significant inroads to the practice of law and producing efficiencies and cost savings. This article looks at how AI is being used in different parts of legal practice and the transformation of legal practice that is already underway in the delivery of legal services from litigation through to contract management and Chatbots.

Read the article now

How eDiscovery is managing the challenge of what constitutes Personal Information

In this article, InfoGovANZ Advisory Board Member, Matthew Golab, looks at the definitions of Personal Information from the perspective of document production in litigation, regulatory investigations and Royal Commissions.   This article highlights that while some types of personal information can be readily identified with the use of technology there are challenges in identifying all personal information.

Read the article now


LegalTech and LegalWeek NYC 2019

Andrew King and Susan Bennett recently returned from LegalTech and LegalWeek in New York.  Below is a link to their report covering the highlights from the myriad of events that take place in LegalWeek attended by some 8,000 people.  The plenary keynote was a fireside conversation with former US Attorney-Generals Alberto Gonzales (2005-2007) and Loretta Lynch (2015-2017), as they explored Leadership in the Profession of Law and How It is Changing. 

Read the article here


Data Articles


Good Data

Moving away from the strong body of critique of pervasive ‘bad data’ practices by both governments and private actors in the globalized digital economy, this book aims to paint an alternative, more optimistic but still pragmatic picture of the datafied future. The authors examine and propose ‘good data’ practices, values and principles from an interdisciplinary, international perspective.  From ideas of data sovereignty and justice, to manifestos for change and calls for activism, this collection opens a multifaceted conversation on the kinds of futures we want to see, and presents concrete steps on how we can start realizing good data in practice. You can access online for a free download:

Putting People and their Data at the Centre – investing in the social wellbeing of Aotearoa

In this article, Carol Feuerriegel, IGP, explains New Zealand’s progressive approach for shaping social, economic, and environmental investments through the lens of ‘wellbeing’ is world-leading. The approach necessarily involves processing significant amounts of data from wide-ranging sources. It will also mean the development of an innovative approach to how to measure wellbeing and to leverage advanced analytics and evidence to identify who in the New Zealand population would benefit from what type of social policy interventions.

Read the article here


AI and Ethics Articles


Big Data, Privacy and Information Governance: implementing an ethical based assessment

As the law lags behind in rapid technology innovations, particularly in big data, artificial intelligence (AI), machine-learning and the Internet of Things (IoT), there is increasing awareness and discussion about the need for an ethical based approach to data analytics.  In this article Susan Bennett, co-founder of InfoGovANZ considers why an ethical based approach can build trust and transparency with consumers and citizens, and why it should be part of good information governance, as a means of maximising the value of information derived from data analytics while minimising risks. 

Read more

ethics AI framework.jpg

AI: Australia's Ethics Framework

A discussion paper developed by CSIRO's Data 61 has been released to inform the Government's approach to AI ethics in Australia. Your views and submissions can be made on the consultation hub here to help ensure AI is developed and applied responsibly with accountability.


The Ethics Guidelines for Trustworthy Artificial Intelligence (AI)

Published in April 2019 and prepared by the High-Level Expert Group on Artificial Intelligence, which is an independent expert group set up by the European Commission.

Read the report

Principles on Artificial Intelligence

In May 2019, the OECD adopted its Principles on Artificial Intelligence, the first international standards agreed by governments for the responsible stewardship of trustworthy AI, which include recommendations for public policy and Principles to be applied to AI developments around the world. The Principles ‘promote AI that is innovative and trustworthy and that respects human rights and democratic values.

Visit the website


IEEE Ethically Aligned Design

The IEEE Global Initiative on Ethics of Autonomous and Intelligent Systems (The IEEE Global Initiative) has launched Ethically Aligned Design: A Vision for Prioritizing Human Well-being with Autonomous and Intelligent Systems, which is a crowd-sourced global treatise regarding the Ethics of Autonomous and Intelligent Systems.

Read the report


Principles and Business Processes for Responsible AI

The promise of data analytics brings with it considerable risks. Canberra-based consultant and researcher Roger Clarke recently published a set of Guidelines, whose purpose is to intercept ill-advised uses of data and analytical tools, prevent harm to important values, and assist organisations to extract the achievable benefits from data, rather than dreaming dangerous dreams.

Read the article

50 Principles for Responsible AI

Roger has followed up the Guidelines with 'Principles and Business Processes for Responsible AI' with a view to protecting the organisation's own interests and also those of its stakeholders and society as a whole. He presents a set of
50 Principles for Responsible AI, arising from a consolidation of proposals put forward by a diverse collection of 30 organisations. To apply those Principles, he recommends adapted forms of the established techniques of risk assessment and risk management.

Read the article


Supporter Contributions


Ameritas Leverages Technology for Improved Information Governance

This latest case study from the Information Governance Initiative demonstrates how Ameritas, an insurer, began with a pilot project to tackle a clearly identified business problem which they addressed using data analysis, indexing, searching, tracking and reporting tools from Active Navigation

Read the article now

Roadmap to Reducing Your Biggest Information Risk

In this white paper, sponsored by IGANZ supporter Active Navigation, Russel Stalters, CEO of Clear Path Solutions, outlines a roadmap for reducing your organisation's biggest information risk.

Read the article now


le shwab.png

Information Governance Case Study - Les Schwab

Looking at one organization’s experience with IG, can provide valuable lessons and practical insights that will help all IG professionals mature their IG programs. This case study details a common but complex IG problem: managing the relationships among key IG players.

Read the article now

Making IG Real: Six Stories from the Front Lines of Information Governance Success

Over a typical business cycle, a large organisation produces staggering volumes of data. This will include essential records, valuable business intelligence, and knowledge uniquely relevant to the business. But frequently 50% or more of the content is utterly useless - it is dead weight, consuming storage capacity and obscuring the genuinely valuable content, burying the essential digital needles in terabytes of useless haystack.

Download Now


Information Governance at Work: Pandora Media

With the help of the file analysis and governance experts, the Pandora GRC team discovered that at least 60% of its unstructured data had no value and there was no business or legal reason to continue to spend precious resources on protecting and storing it. So they took control, realising significant security,
privacy, cost, and productivity benefits along the way.

Download Now

data breach.jpg

Not if, But When You Get Hacked: Measuring and Proactively Managing Information Risk

The likelihood of organisations having some type of data breach has been increased with the rise in cyber threats. An effective Information Governance Program is critical and foundational to managing the information risk contribution to overall Enterprise Risk. Organisations need to measure and proactively manage their information risks. Various products and approaches can be used to achieve the effective risk management.

Read the article now

Federal Government Use Cases

The U.S. Marine Corps had accumulated a massive amount of NIPR (Non-classified Internet Protocol Router Network) and SIPR (Secret Internet Protocol Router Network) data after ten years of operating in Afghanistan. The data was unstructured and potentially contained vital information covering the Marine Corps’ presence and legacy in the region. The data consisted of emails, record message traffic, Microsoft Office files, PDF documents, images, personally identifiable information (PII) and collections of hour-by-hour, day-by-day records of events, incidents, actions and outcomes.

Read the article here


IGANZ Survey Report 2019


Information Governance ANZ is delighted to present the results of our industry survey, which was conducted over a 12 month period from July 2018 to July 2019.

The survey was distributed to our members, promoted in InfoGovANZ communications and on the website.

This report details the responses to this industry survey with a focus on identified market trends.

Download the 2019 Report Now


IGANZ Survey Report 2017


Information Governance ANZ is delighted to present the results of our industry survey, which was conducted over a 12 month period from July 2016 to July 2017.

Download the 2017 Report Now


Governance of Things


Each month we send to our members The Governance of Things newsletter with feature articles, latest news and developments, and upcoming events.  You can explore past editions of the Governance of Things below.