How to align IM with organisational risk management


As recent events have only too clearly shown, poor information management and control (particularly when combined with a ‘flexible' appreciation of information ethics and legislation) can lead to financial and reputational loss.It was an extraordinary coincidence of timing that while a UK Government Select Committee was in progress in Westminster, members of NetIKX were discussing the concept of organisational information risk management.Liz Scott-Wilson, currently an information architect at a large law firm, has years of experience in information management and consulting roles in both the public and private sectors.  In her presentation she shared what she considers to be the most valuable lesson of her career.  When it comes to exerting influence within your organisation the key to success is to focus on what keeps senior people in your organisation awake at night.Senior managers are unlikely to care much about the intricacies of information governance but they will be concerned about organisational risk.  Liz outlined how in a previous role, she had analysed a (very detailed) organisational risk register and identified information pressure points.  She then used these to demonstrate how effective information management could help mitigate organisational risk at key pressure points.Key lessons from Liz's presentation:

  • Focus on real pain points for senior managers
  • Ensure you understand the power systems in your organisation
  • Find friends in your organisation's governance/risk teams
  • Reflect organisational language in your strategy
  • Demonstrate how IM can bring plausible and affordable processes to mitigate risk
The key call for action was to encourage anyone interested in demonstrating the importance of IM to organisations to meet with organisational risk managers. (There were two speakers at the event.  Watch out for a second blog entry!)