Corporations around the globe have no formal policy for governing the control, access and use of information, a new study has found.
The Future of Enterprise Information Governance paper, based on an Economist Intelligence Unit (EIU) survey, revealed that nearly two thirds (62 per cent) of respondents indicated their companies had no formal information governance programme in place.
It concluded this lack of formality was a concerning trend, as it may leave many corporations unprepared for new compliance mandates and put their sensitive information at risk of preventable breaches and inaccuracies.
This was despite the fact that 77 per cent of respondents expect information governance to be important to their company's success through 2011, while 68 per cent also expect the complexity of their company's information governance issues will grow during that same time period.
"Even though the standards for good governance are rising, we find that much of today's focus around corporate governance leaves information out of the discussion," said Frank Hauck, executive vice president of global marketing and customer quality for the survey sponsor, EMC.
Only 43 per cent rated their firms' ability to integrate and share information across departments and necessary third parties as good or very good; 21 per cent said it was poor' or very poor.
Over half (57 per cent) of all respondents also admitted that they do not have a single view of the customer. And a further 40 per cent said their firm did not regularly review and revise information backup and retention policies.
The survey also uncovered some stark differences between the 62 per cent of respondents that had no formal information governance policy and the 38 per cent that did: only 51 per cent of companies with no policy rated their firms' overall ability to protect sensitive data as good' or very good,' compared with 85 per cent for those that do have a formal strategy.
A massive 81 per cent of firms with information governance policies report that "information can be better shared between departments, allowing for better decision-making". And only 57 per cent of companies where such policies were absent rated their company's ability to provide access to critical business information when it is needed as good' or very good'.
Debra D'Agostino, deputy director of the EIU's industry and management research division in the Americas, added: "As firms large and small begin to think more strategically about how information is used and conveyed, creating a standard set of policies and procedures for governing information protection, use and distribution inside and outside the firm will be extremely important."
The survey interviewed 192 senior executives from companies around the world with turnover in the hundreds of millions of dollars to over $1 billion (644 million).
