The 13 building blocks of Information Governance

Capgemini recently refreshed its Information Governance Maturity Model (IGMM) as it adds significant detail to the more cursory 5-minute assessment based on the high-level maturity curve described in my previous blog. It is an incredibly powerful tool and should be used at the beginning of an Information Governance (IG) program. Within 60 minutes, with 3 or 4 senior Business and IT executives, you can measure an organization’s IG maturity to a reasonable level of accuracy, even if this won’t ever be an exact science.

The Capgemini IGMM consists of 13 different building blocks:

1. IG culture, awareness
2. IG organization, decision-making and accountability
3. Glossary of definitions & business terminology, data attributes roadmap
4. Information Architecture, Data Modeling, Metadata Management
5. Data classifications & hierarchies, Naming & coding conventions
6. Data Quality rules, policies & scorecards
7. Master data policies & workflows
8. Data Privacy, Data Protection, Information Security
9. Legal & regulatory compliance practices, Discovery
10. Information Lifecycle: Retention/Archiving, Masking, Disposition
11. Information exploitation (internal, external)
12. External reference data
13. IG program reach: Data domains, systems, programs in scope

You will notice that Capgemini combines the traditional Data Governance spectrum, e.g. items 3, 5, 6, and 7, with the more regulation-driven agenda of compliance officers, e.g. topics 8, 9 and 10. Instead of differentiating between Data Governance (data) and Information Governance (legal), we have simply merged the two approaches into one model, as the crucial Business directors won’t care much about a differentiation and the ultimate ownership for both agendas usually lies in one pair of hands: the Chief Data Officer or equivalent.

There are five stages of maturity (rated 1 to 5, with 5 being the highest level), with a somewhat detailed description of what each level means for each of the 13 components.

The exercise is best conducted with at least 3 or 4 seasoned executives, depending on the scope of the IG program. Best results are achieved if they’re all jointly in one room (though it can be done individually). Both Business and IT must be represented if the outcomes are to be meaningful and find support from other executives later on.

You can either run an As-Is assessment by itself or, additionally, collect the organization’s medium- to long-term IG maturity ambition (To-Be). The Capgemini IGMM automatically maps this out in a neat spider diagram and produces a maturity score, rounded to one decimal point, e.g. 2.7.

Where is your organization today? Is your maturity at level 1.6, or 2.3 or even 3.1 already? And where would you like to be in 12 months’ time? At 3.5 or even 4.0? Few organizations will ever need to evolve their IG maturity much beyond 4.0, unless you’re in highly regulated industries (financial services, pharma, food manufacturing, aerospace), hyper competitive markets (retail, consumer products, telco) or strive to be among your industry’s top 2 players.

An IG maturity assessment, using e.g. Capgemini’s IGMM, is a highly effective way to kick-start an IG program. It’s simple, effective, replaces estimates with reliable metrics, and typically generates much debate about a particular organization’s maturity position compared to its immediate market peers. And it provides ample ammunition for the next steps of the IG program.

For more information on Capgemini’s QuickStart Information Governance framework, please contact Ralf Teschner.