Page Banner Image

Information Management Systems: Managing and Protecting Business-Critical Information Assets

A Data Management White Paper


Over the past decade the amount of information stored by small and mid-sized businesses has grown exponentially, the majority of which is stored electronically. All that storage comes at a cost – both for the space and the time it takes to organize and manage it all. So how do we manage those costs and all of the data that’s business-critical? The answer is a systematic, organization-wide approach to data management.

An information management system is a method for managing corporate information and data that includes practices, policies, internal and vendor processes and tools to align the business value of information with the cost and flexibility needed to provide and protect it.  The bad news is that there is no “one size, fits all” solution for information management systems. The good news is that even small, incremental changes can make a big difference and save thousands of dollars.

Systems Engineering suggests beginning an information management planning exercise by focusing on three key areas:

  1. Governance – A good information management plan needs leaders from all facets of the company – an executive sponsor, a project leader, functional area representatives and an IT steward.
  2. File and Server Management – Data falls into two categories: structured and unstructured. Start with your unstructured content – the content that lives on file servers and users’ desktops.
  3. Email Management – While many continue to use email as a document management system (DMS), it’s important to start managing files outside of email stores and to shift to using email as intended – as a communications system.

Once all three components of the plan have been established, it’s time to determine how you will classify and then sort your data. First, conduct an audit of your file stores to understand the different types of data that are being stored – from paper documents to social media to presentations and electronic files – and create a list of all the different places this information is stored. Next, categorize these documents based on their file type and priority. Documents should be prioritized based on their business-critical value and difficulty to reproduce. Certain industries, such as healthcare organizations and financial services companies, have established guidelines for prioritizing information. These guidelines provide an excellent starting point when developing an information management plan.

Once information has been prioritized, it’s time to create policies and procedures to enforce the organizational system. These policies should be clear, realistic and enforceable – and should include plans for corrective action, should they be necessary. Policies should also inform how information is treated and categorized. At a minimum, most organizations need:

  1. An information security policy
  2. An acceptable technology use policy
  3. A privacy and confidentiality policy (to include social media)
  4. A business continuity and disaster recovery planning policy

Once policies are in place, the next step is to create a file system and collaboration platform to store prioritized data. Many organizations choose a DMS to assist in creating file structures that support all content classes, and create a file sharing system (such as an intranet built on SharePoint) for managing shared documents.

Once all of the important data has been efficiently categorized and stored, it’s time to purge low priority documents. For many organizations, a “save all” information management system is simply unsustainable. In an effort to keep backup costs manageable, it’s critical to purge low priority data on a regular basis.

The last, and arguably most important aspect of an information management system, is protecting stored data. Not only does stored data need to be protected from hackers, it also needs to be protected in the event of a loss of data caused by hardware failures or other catastrophic events. Protect important information by mapping content and establishing a disaster recovery plan.

No matter how you structure an information management plan, the most important consideration is to align the business value of your information with the cost to manage it. Over time, file stores will increase in size no matter how well you manage information – the goals are to manage the rate of information growth and to ensure you are investing in managing and protecting your most valuable business information.

For more information and additional resources for building an effective information management plan for your organization, contact an SE representative.