SEMESTER RESEARCH PROJECT
UNIVERSITY OF THE CUMBERLANDS
ITS 833 INFORMATION GOVERNANCE
2018 FALL – IG BI-TERM
GENERAL DESCRIPTION FOR SEMESTER PROJECT:
The importance of Information Governance is being realized across all industries. While
there are some common aspects of Information Governance that are common to all industries, still
information governance cannot be applied in a “cookie-cutter” fashion. That is, there are certain
characteristics or aspects of Information Governance that are unique to a given industry or
discipline. And even within the same industry, a good information governance program must be
tailored to fit the unique needs of each organization.
The Financial Services industry is no different. It is undergoing comprehensive
transformational change. Consequently, Financial Services professionals are faced with new
regulations and requirements that make effective information governance essential. Quick access
to complete, comprehensive and accurate information is essential to the goal of providing financial
services to the customer. Financial Service professionals are faced with the reality that information
is a critical asset that must be managed in a way that optimizes safe, cost-effective and high quality
care to the customer/depositor/borrower/investor, while at the same time meeting the
organization’s financial needs, reducing risk, and increasing availability for business needs such
as analytics and for use on the financial/bond/stock/investment markets and exchanges. Of course,
the financial advisor must do all of this while at the same time insuring that it is operating ethically,
will be able to quickly and completely respond to e-discovery requests and holds, and that it is
operating within the confines of both federal and state laws in all regards.
Information Governance initiatives in the financial services industry has been a priority for
more than a decade, and as technology has advanced, and cyber criminals have become more
savvy, changes have been implemented in information governance and related best practices.
There are a number of associations that have become industry leaders in advancing Information
Governance in the financial services industry in the United States.
Assume you have a B.S. Information Management and a Masters’ degree in Finance. Upon
completion of your masters degree you were hired by what was then a local bank. Over the years,
you have grown with the “bank”. It has now become a complete Financial Services organization,
offering a complete range of services including commercial banking (a National bank), mortgage,
commercial and residential lending. In addition, the organization offers investment/brokerage
services, and administers group retirement accounts for large corporate entities. The organization
offers a complete line of on-line banking/financial services. The organization also issues and
services its own credit cards in association with VISA. While you started your career as a bank
teller, you have worked in nearly every department of the organization including lending, finance,
records management, billing, accounting, marketing, investments and IT. The organization saw
that you had a promising career in the financial services industry and gave you the opportunity to
complete banking school. In addition, you advanced your education and became a licensed
investment broker. Your employer, “NATIONAL CITY FINANCIAL SERVICES
CORPORATION”, requires a “formal” information governance program, although it has been
implementing some aspects of information governance in some of its departments.
You have just been named Vice President and Chief Financial Officer for NATIONAL
CITY FINANCIAL SERVICES CORPORATION. You have agreed to chair the information
governance committee that will be responsible for designing and implementing a “formal”
information governance program for the organization.
You have put together an Information Governance Committee (or “TEAM”) consists of a
representative from nearly every department including commercial banking, commercial lending,
finance, legal, accounting, risk management, investment services, retirement account servicing,
quality and compliance areas, human resources, credit card servicing, and marketing.
Your team has had only one organizational meeting. At that initial meeting, the team was
asked to do two things. One was to identify what each team member perceives as worthy goals of
the information governance program, and secondly, to identify areas that are in immediate need of
improvement, from their own background and perspective. They team returned the following:
The goal of the information governance program should include but not be limited to the
following:
1. Developing processes to ensure better coordination of care throughout the entire organization;
2. Maintain a competitive advantage in the geographical regions served;
3. Ensuring that the organization is analytics-driven;
4. Improved performance and outcomes;
5. Becoming nimble enough to respond quickly and accurately to information requests from your depositors, borrowers, investors, credit card customers, overall customer
care, legal holds, e-discovery and litigation, and for accountability and auditing;
6. Develop a viable retention and destruction schedule for active and inactive customer information;
7. Improve security and protect sensitive data while at the same time allowing necessary access to eliminate impediments for staff that make it difficult to accomplish their job
duties; and,
8. Increase the accuracy of information related to outcomes, and financial leadership to ensure the organization will meet or exceed its financial goals.
At its initial meeting, your newly formed Information Governance Committee, after some
brainstorming and collaboration produced the following list, which is by no means complete, but
which was identified by your team members as “high” on their list of problems facing the
organization which the team members believed could be resolved and/or minimized through
effective information governance:
1. A number of serious errors that adversely affect patient safely resulted from inadequate
user training on how to use the system, as well as laziness of staff in documenting and
charting;
2. Inability to capture information necessary for required reporting related to deposits,
withdrawals, lending and investment records;
3. Inaccurate and incomplete release of information for litigation and business purposes that
had resulted from poor systems integration and improper data retention policies;
4. Issues associated with a high rate of customer matching and cross referencing errors in all
the master depositor database, master borrower database, master investor database, and
master credit card holder database;
5. Need for updating access controls that ensured appropriate security levels for those
handing deposit accounts, investment accounts, credit cards, and loans, and for those
having access to customer records for purposes of billing and reporting, and;
6. Need for better security of protected financial/banking/investment information in order to
comply with stricter regulatory requirements.