RSD

I was at a barbecue over this past weekend having a general discussion on the latest news, global economy and hottest technology trends when somehow the topic of Don Rumsfield’s infamous speech about known unknowns came up. This speech goes back to February 12, 2002 when former United States Secretary of Defense Donald Rumsfeld made a statement relating to the unstable situation in post-invasion Afghanistan. As I was driving home, it occurred to me the "there are known knowns..." statement can easily map to the information governance challenges companies are facing today.

“There are known knowns. These are things we know that we know. There are known unknowns. That is to say, there are things that we now know we don’t know. But there are also unknown unknowns. These are things we do not know we don’t know. ”

—Former United States Secretary of Defense Donald Rumsfeld

There are known knowns – these are things we know that we know.

We all know corporations are dealing with huge volume of information – data about customers, employees, transactions, product development, and operations. According to a well-known survey by IDC, the amount of digital information created annually will grow by a factor of 44 from 2009 to 2020.  Even though more than 70% of the information is generated by individuals, organizations are responsible for managing and protecting 80% of it. We know this is an issue in terms of employee productivity, value creation, and risk mitigation.

We now know there will be ongoing eDiscovery requests and they are not going away anytime soon. According to a Gartner study, at any point in time many corporations are involved in an average of 86 lawsuits. Legal counsel doesn’t know when the next lawsuit will occur, who will be involved, and what information the courts will be looking for. Nevertheless, organizations need to be prepared and consider deploying a proactive eDiscovery project.

We now know there will be new rules and regulations around information management. With the various headlines in the last couple of months and the continuing global financial crisis, we do know there will be tougher regulations with new compliance laws. We just don’t know the details yet.

We also now know data privacy is becoming a hot topic around the world – from employee email privacy considerations to Facebook to Twitter. It seems like there is no end. Just last week, the Swiss parliament agreed to help IRS identify secret UBS accounts in tax probe. We don’t know when this will end and how this will evolve in the next couple of years.

Finally, we do know now solving the information governance challenge must be a top-down approach – otherwise it will be difficult to succeed. One of the key questions I get from customers is where to start, when to delete content, and how to go about managing this process. Someone within the organization (typically from legal) needs to stand up and bring the issue to the attention of the executives. Executives must first acknowledge there is an issue and then have a commitment to resolve it. This will only work when management brings in various stakeholders from the organization including legal, business, compliance, and IT.

But there are also unknown unknowns. These are things we do not know we don’t know.

Companies do not know what’s going to happen in the next 5-10 years. Surely, companies have strategies, growth tactics, mission statements, and contingency plans – but at the end of the day companies have very little control over external factors, mergers and acquisitions, new technology offerings, and the competition. This is precisely the reason why an information governance program is required. Information governance is an accountability program to enforce desirable behavior in the creation, use, archiving, and deletion of corporate information. I like to explain it as a vehicle to drive value from information and as an insurance policy on the unknown unknowns.