Who Owns Data Management? IT, Legal Disagree

    Nov 25, 2015

    Recent research conducted by Iron Mountain and the International Data Corp. (IDC) shows that IT and legal departments often disagree about who should oversee data management.

    According to “Mining for Insight: Rediscovering the Data Archive,” 45% of legal and compliance respondents said they believe they should be responsible for determining what to archive, but only 25% of IT respondents agreed. Additionally, only 38% of legal and compliance respondents said they view archives as enhancing revenue, compared to 70% of IT respondents.

    John Sharpe, Iron Mountain’s director of product management, data management, noted that the disparity likely stems from the fundamental difference in each group’s goals for data management.

    “Legal’s need to access data drives cases, whereas IT often has more of a support function; it doesn’t necessarily have the same urgency … Legal has high expectations for IT to accomplish their data objectives, and that is a disconnect. They don’t care about 1s and 0s; they care about emails and messages, the two are not necessarily aligned,” he said.

    According to the research, legal’s data requirements are for specific content, while IT’s focus is on storing and supporting all data. This misalignment creates misunderstandings between the two groups and impairs their ability to meet expectations.

    Although storage costs continue to decrease, the associated costs of growing data volumes and the risks of potentially mismanaging these volumes mean legal and IT must be more strongly aligned. A good first step is for them to work together to define clear processes.

    This could also help solve another problem the study identified: difficulty in accessing information. According to the research, 49% of respondents said significant productivity is lost in the search for difficult-to-access archived information.

    ARMA International points out that these numbers highlight the importance of what many in the industry refer to as “unified information governance” (IG). Legal and IT aren’t the only parts of the organization that have a disconnect; the same dynamic can occur between privacy and security groups. The greatest disconnect in the organization, though, is the disconnect from business units, which are generally focused on the organization’s mission-critical functions.

    The business units’ records and information are the lifeblood of the organization’s success and must be drawn into the IG process. Which brings us to the other missing piece from this survey – the records and information management (RIM) group.

    Unified IG calls for a steering committee to coordinate the viewpoints and needs of ALL stakeholders into a set of policies and procedures that serves the needs of all. A robust RIM program already brings the viewpoints and needs together and provides a solid foundation for enhancing the organization’s overall governance structure.

    Unified IG has the goals of increasing business efficiency and effectiveness while mitigating risk and ensuring compliance. Achieving these goals requires forethought and routine implementation of defined procedures. In short, an organization that waits until litigation hits has waited too long.

    More information about ARMA International’s IG approach and the tools needed for implementation can be found at and in a large variety of resources available in the ARMA online store at

    LegalTech News

    © 2017, ARMA International