A Maturity Model for Information Governance

Proença, Diogo; Vieira, Ricardo; Borbinha, José

doi:10.1007/978-3-319-43997-6_2

Cited by 18 publications

(13 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…There are many such models that could have generic relevance to the area of RDM, e.g. maturity models for digital preservation (Kenney and McGovern, 2003) and for digital asset management or for information governance as a whole (Proença et al , 2016). Maturity models developed specifically for RDM include the Stewardship Maturity Matrix (Peng et al , 2015) and the Capability Maturity Model for RDM (Qin et al , 2017; Crowston and Qin, 2011).…”

Section: Literature Reviewmentioning

confidence: 99%

Maturing research data services and the transformation of academic libraries

et al. 2019

View full text Add to dashboard Cite

Purpose A major development in academic libraries in the last decade has been recognition of the need to support research data management (RDM). The purpose of this paper is to capture how library research data services (RDS) have developed and to assess the impact of this on the nature of academic libraries. Design/methodology/approach Questionnaire responses from libraries in Australia, Canada, Germany, Ireland, the Netherlands, New Zealand, the UK and USA from 2018 are compared to a previous data set from 2014. Findings The evidence supports a picture of the spread of RDS, especially advisory ones. However, future ambitions do not seem to have seen much evolution. There is limited evidence of organisational change and skills shortages remain. Most service development can be explained as the extension of traditional library services to research data. Yet there remains the potential for transformational impacts, when combined with the demands implied by other new services such as around text and data mining, bibliometrics and artificial intelligence. A revised maturity model is presented that summarises typical stages of development of services, structures and skills. Research limitations/implications The research models show how RDS are developing. It also reflects on the extent to which RDM represents a transformation of the role of academic libraries. Practical implications Practitioners working in the RDM arena can benchmark their current practices and future plans against wider patterns. Originality/value The study offers a clear picture of the evolution of research data services internationally and proposes a maturity model to capture typical stages of development. It contributes to the wider discussion of how the nature of academic libraries are changing.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Maturing research data services and the transformation of academic libraries

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Of course, ARMAs is far from the only maturity model available for information governance; much work remains to be done in developing our understanding of the relationship between GDPR and IG. For example, future work mapping GDPR to the maturity model for information governance developed by Proença et al , given its European focus and Design Research basis, could provide rich insights into the interrelationship between GDPR and IG (Proenca et al , 2016). Ultimately, however, Schoch makes much the same point as Rom: GDPR is an opportunity to put IG front and center in organizational decision-making.…”

Section: Resultsmentioning

confidence: 99%

“The margin between the edge of the world and infinite possibility”

Hofman

Lemieux

Joo

et al. 2019

RMJ

View full text Add to dashboard Cite

Purpose This paper aims to explore a paradoxical situation, asking whether it is possible to reconcile the immutable ledger known as blockchain with the requirements of the General Data Protection Regulations (GDPR), and more broadly privacy and data protection. Design/methodology/approach This paper combines doctrinal legal research examining the GDPR’s application and scope with case studies examining blockchain solutions from an archival theoretic perspective to answer several questions, including: What risks are blockchain solutions said to impose (or mitigate) for organizations dealing with data that is subject to the GDPR? What are the relationships between the GDPR principles and the principles of archival theory? How can these two sets of principles be aligned within a particular blockchain solution? How can archival principles be applied to blockchain solutions so that they support GDPR compliance? Findings This work will offer an initial exploration of the strengths and weaknesses of blockchain solutions for GDPR compliant information governance. It will present the disjunctures between GDPR requirements and some current blockchain solution designs and implementations, as well as discussing how solutions may be designed and implemented to support compliance. Immutability of information recorded on a blockchain is a differentiating positive feature of blockchain technology from the perspective of trusted exchanges of value (e.g. cryptocurrencies) but potentially places organizations at risk of non-compliance with GDPR if personally identifiable information cannot be removed. This work will aid understanding of how blockchain solutions should be designed to ensure compliance with GDPR, which could have significant practical implications for organizations looking to leverage the strengths of blockchain technology to meet their needs and strategic goals. Research limitations/implications Some aspects of the social layer of blockchain solutions, such as law and business procedures, are also well understood. Much less well understood is the data layer, and how it serves as an interface between the social and the technical in a sociotechnical system like blockchain. In addition to a need for more research about the data/records layer of blockchains and compliance, there is a need for more information governance professionals who can provide input on this layer, both to their organizations and other stakeholders. Practical implications Managing personal data will continue to be one of the most challenging, fraught issues for information governance moving forward; given the fairly broad scope of the GDPR, many organizations, including those outside of the EU, will have to manage personal data in compliance with the GDPR. Blockchain technology could play an important role in ensuring organizations have easily auditable, tamper-resistant, tamper-evident records to meet broader organizational needs and to comply with the GDPR. Social implications Because the GDPR professes to be technology-neutral, understanding its application to novel technologies such as blockchain provides an important window into the broader context of compliance in evolving information governance spaces. Originality/value The specific question of how GDPR will apply to blockchain information governance solutions is almost entirely novel. It has significance to the design and implementation of blockchain solutions for recordkeeping. It also provides insight into how well “technology-neutral” laws and regulations actually work when confronted with novel technologies and applications. This research will build upon significant bodies of work in both law and archival science to further understand information governance and compliance as we are shifting into the new GDPR world.

show abstract

“…This includes determining the level of monitoring of IG principles, assessing the impact of actions in this area on the achievement of the institution's goals, and measuring staff satisfaction. Clear and precise metrics must be defined for this purpose (Proença, Vieira, & Borbinha, 2014). For example, staff satisfaction could correspond to the evaluation of user feedback, and the level of knowledge and application of the IG policy, data for which could be collected through interviews or by observing the occurrence of informational risks after the implementation of the policy.…”

Section: Methodsmentioning

confidence: 99%

An Information Governance Policy Is Required for My Institution, What to Do?

Shabou

2019

Diverse Applications and Transferability of Maturity Models

View full text Add to dashboard Cite

Effective business management within organizations depends, among other factors, on the availability and proper management of appropriate resources. Information resources are one of those resources. This chapter offers practical answers to the many questions that information professionals in an institution may have about how to ensure performing secure and rational management for corporate informational assets. After a brief presentation and discussion of main concepts, it defines and describes the information governance policy, which is the key tool of an advanced information governance approach. It specifies how and when a maturity model should help to develop and update a corporate information governance policy. In addition, it presents the main practical guidelines including specific recommendations on the structure, content, and format of an information governance policy. A discussion of the development and implementation process is then proposed.

show abstract

A Maturity Model for Information Governance

Cited by 18 publications

References 19 publications

Maturing research data services and the transformation of academic libraries

Maturing research data services and the transformation of academic libraries

“The margin between the edge of the world and infinite possibility”

An Information Governance Policy Is Required for My Institution, What to Do?

Contact Info

Product

Resources

About