News Stay informed about the latest enterprise technology news and product updates.

Responsibilities for information governance: Who should uphold GRC?

Who has the most responsibilities for information governance in your organization? These answers from our #GRCchat participants might surprise you.

Other recaps from our #GRCchat

Craft a complete information governance structure

Info governance training: Who, when and what to cover

When it comes to security breaches or compliance gaps, many are quick to point the finger outside their own department. In our first-ever SearchCompliance #GRCchat in January, we asked participants, "What departments or roles should be responsible for championing risk management and compliance in information governance frameworks?"

Our participants indicated that an individual or department should handle responsibilities for information governance management and fighting throughout the organization. According to #GRCchat-ters, chief risk officers, chief information security officers, chief data officers and even CEOs should step up and advocate for more stringent governance, risk and compliance (GRC):

C-suite roles were the focus of our Twitter followers, but one participant shared an alternative idea:

Our own executive editor, Linda Tucci, was first to probe Randy Moeller, a global governance manager at Procter & Gamble:

Shawn Tiemann, a solutions engineer at LockPath , also posed a series of questions to Moeller:

After responsibilities for information governance have been established, what next? We closed out our inaugural SearchCompliance #GRCchat by asking followers, "How can information governance frameworks be developed to cut down or eliminate redundant processes in relation to risk and compliance?" Step one: Discuss processes.

Once organizations understand these processes, they should look to streamline them, said SearchCompliance Managing Editor Rachel Lebeaux -- a topic that got some play earlier in the tweet jam:

Another component of strong information governance is proper protocol around document accessibility:

The fact that a discussion about document storage quickly turned into a conversation about the cloud points to an increased interest in cloud security as companies begin to streamline their governance, risk and compliance operations. Do you agree or disagree? Tell us in the comments section below.

To read the entire #GRCchat conversation, head over to Twitter. Our next @ITCompliance tweet jam will take place on Thursday, Feb. 20, at 12 p.m. EST. Stay tuned for details!

Dig Deeper on Compliance framework software

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

What departments or roles should be responsible for championing information governance and GRC?
{In our region, organizations usually does not employ risk offices, compliance offoicer, etc. So, the records & info manager must orient department heads about risk and compliance including all standards and regulations involved and ensure that departments heads accountability is incorporated in the policy or policy statement}.
Thanks for sharing!
It has to be a priority for everyone in the organization and needs to be written into the strategic plan and mission statement.