link to ARMA about us

General Information                     
Overview
What is RIM?
RIM FAQs
Leadership                       
Board of Directors  
Executive Officers  
Staff Contacts  
Governance                      
Mission, Vision, Values  
Governance Policies and Procedures  
Code of Professional Responsibility  
Strategic Issues*  
Operating Plan*  
Board Minutes/Reports*  
State of the Association*  
Election Information*  
Chapters & Regions                              
Chapter Leadership Directory
Region Leadership Directory
Leadership Resources**
Chapter Listing
Awards                                                    
Awards
Cobalt Award
Educational Foundation  
Media Relations  
Advertising Information  

join ARMA

Member Benefits  
Membership Applications                                 
New Application
Renewal Application*
Industry Member Application
LINC Application
Networking Opportunities                            
ARMA iConference
Social Media Sites
Chapter Leadership Directory
Volunteer Opportunities                            
Task Forces
Officer Candidate Application*
Code of Professional Responsibility  

ARMA publications

What is RIM?  
Regulatory Updates           
Washington Policy Brief
Canadian Policy Brief
Global Policy Brief
Standards           
Standards & Best Practices
Glossary of RIM Terms
Information Management magazine  
Buyers Guide  
InfoPro Online*  
RIMinder Newsletter  
Newswire  
Washington Policy Brief  
Canadian Policy Brief  
Global Policy Brief  
Hot Topic  
Advertising Opportunities  

ARMA Resources

Standards           
Standards & Best Practices
Glossary of RIM Terms
Professional Competencies  
Code of Professional Responsibility  
Generally Accepted Recordkeeping Principles ®  
Training Programs  
Podcasts  
RIM Promotion Materials  
RIM 101  
Media Releases  
Job Search  
Risk Assessments  
Facilitator Resources
Social Media
Young Professional Resources

ARMA bookstore

New Releases  
Product Search  
View Order Status  

goto customer service

FAQs
Update Profile
Change Password
View Recent Purchases
Bookstore Order Status
Contact Us
Privacy Policy

My ARMA

Member Logon
Update Profile
Change Password
Account Preferences
Member Directory
Board Minutes*
Strategic Plan*

ARMA site map

   
   
 

 

ARMA International Maturity Model for Information Governance

A Picture of Effective Information Governance

The Maturity Model for Information Governance begins to paint a more complete picture of what effective information governance looks like. It is based on the eight GARP ® principles as well as a foundation of standards, best practices, and legal/regulatory requirements.

GARP ®
Principle
Level 1
(Sub-Standard)

Level 2
(In Development)

Level 3
(Essential)

Level 4
(Proactive)

Level 5
(Transformational)

Integrity
A recordkeeping program shall be constructed so the records and information generated or managed by or for the organization have a reasonable and suitable guarantee of authenticity and reliability.

There are no systematic audits or defined processes for showing the origin and authenticity of a record.

Various organizational functions use ad hoc methods to demonstrate authenticity and chain of custody, as appropriate, but their trustworthiness cannot easily be guaranteed.

 Some organizational records are stored with their respective metadata that demonstrate authenticity; however, no formal process is defined for metadata storage and chain of custody.

Metadata storage and chain of custody methods are acknowledged to be important, but are left to the different departments to handle as they determine is appropriate.

 The organization has a formal process to ensure that the required level of authenticity and chain of custody can be applied to its systems and processes.

Appropriate data elements to demonstrate compliance with the policy are captured.

The organization has defined specific goals related to integrity.

 There is a clear definition of metadata requirements for all systems, business applications, and paper records that are needed to ensure the authenticity of records.

Metadata requirements include security and signature requirements and chain of custody as needed to demonstrate authenticity.

The metadata definition process is an integral part of the records management practice in the organization.

 There is a formal, defined process for introducing new record-generating systems and the capture of their metadata and other authenticity requirements, including chain of custody.

This level is easily and regularly audited.

The organization’s stated goals related to integrity have been met. The organization can consistently and confidently demonstrate the accuracy and authenticity of its records.

For each principle, the maturity model associates various characteristics that are typical for each of the five levels in the model:

  • Level 1 (Sub-standard): This level describes an environment where recordkeeping concerns are either not addressed at all, or are addressed in a very ad hoc manner. Organizations that identify primarily with these descriptions should be concerned that their programs will not meet legal or regulatory scrutiny.
  • Level 2 (In Development): This level describes an environment where there is a developing recognition that recordkeeping has an impact on the organization, and that the organization may benefit from a more defined information governance program. However, in Level 2, the organization is still vulnerable to legal or regulatory scrutiny since practices are ill-defined and still largely ad hoc in nature.
  • Level 3 (Essential): This level describes the essential or minimum requirements that must be addressed in order to meet the organization's legal and regulatory requirements. Level 3 is characterized by defined policies and procedures, and more specific decisions taken to improve recordkeeping. However, organizations that identify primarily with Level 3 descriptions may still be missing significant opportunities for streamlining business and controlling costs.
  • Level 4 (Proactive): This level describes an organization that is initiating information governance program improvements throughout its business operations. Information governance issues and considerations are integrated into business decisions on a routine basis, and the organization easily meets its legal and regulatory requirements. Organizations that identify primarily with these descriptions should begin to consider the business benefits of information availability in transforming their organizations globally.
  • Level 5 (Transformational): This level describes an organization that has integrated information governance into its overall corporate infrastructure and business processes to such an extent that compliance with the program requirements is routine. These organizations have recognized that effective information governance plays a critical role in cost containment, competitive advantage, and client service.

Download Full .PDF Version of the GARP ® Information Governance Maturity Model.

Information Governance Maturity Model © 2010, ARMA International


Special thanks to our GARP® outreach sponsors:

   

 
     
 
about arma     advertising     join arma     your membership     contact arma     help   privacy policy


© 2012, ARMA International