SEMESTER RESEARCH PROJECT

UNIVERSITY OF THE CUMBERLANDS

ITS 833 INFORMATION GOVERNANCE

2018 FALL – IG BI-TERM

GENERAL DESCRIPTION FOR SEMESTER PROJECT:

The importance of Information Governance is being realized across all industries. While

there are some common aspects of Information Governance that are common to all industries, still

information governance cannot be applied in a “cookie-cutter” fashion. That is, there are certain

characteristics or aspects of Information Governance that are unique to a given industry or

discipline. And even within the same industry, a good information governance program must be

tailored to fit the unique needs of each organization.

The Financial Services industry is no different. It is undergoing comprehensive

transformational change. Consequently, Financial Services professionals are faced with new

regulations and requirements that make effective information governance essential. Quick access

to complete, comprehensive and accurate information is essential to the goal of providing financial

services to the customer. Financial Service professionals are faced with the reality that information

is a critical asset that must be managed in a way that optimizes safe, cost-effective and high quality

care to the customer/depositor/borrower/investor, while at the same time meeting the

organization’s financial needs, reducing risk, and increasing availability for business needs such

as analytics and for use on the financial/bond/stock/investment markets and exchanges. Of course,

the financial advisor must do all of this while at the same time insuring that it is operating ethically,

will be able to quickly and completely respond to e-discovery requests and holds, and that it is

operating within the confines of both federal and state laws in all regards.

Information Governance initiatives in the financial services industry has been a priority for

more than a decade, and as technology has advanced, and cyber criminals have become more

savvy, changes have been implemented in information governance and related best practices.

There are a number of associations that have become industry leaders in advancing Information

Governance in the financial services industry in the United States.

Assume you have a B.S. Information Management and a Masters’ degree in Finance. Upon

completion of your masters degree you were hired by what was then a local bank. Over the years,

you have grown with the “bank”. It has now become a complete Financial Services organization,

offering a complete range of services including commercial banking (a National bank), mortgage,

commercial and residential lending. In addition, the organization offers investment/brokerage

services, and administers group retirement accounts for large corporate entities. The organization

offers a complete line of on-line banking/financial services. The organization also issues and

services its own credit cards in association with VISA. While you started your career as a bank

teller, you have worked in nearly every department of the organization including lending, finance,

records management, billing, accounting, marketing, investments and IT. The organization saw

that you had a promising career in the financial services industry and gave you the opportunity to

complete banking school. In addition, you advanced your education and became a licensed

investment broker. Your employer, “NATIONAL CITY FINANCIAL SERVICES

CORPORATION”, requires a “formal” information governance program, although it has been

implementing some aspects of information governance in some of its departments.

You have just been named Vice President and Chief Financial Officer for NATIONAL

CITY FINANCIAL SERVICES CORPORATION. You have agreed to chair the information

governance committee that will be responsible for designing and implementing a “formal”

information governance program for the organization.

You have put together an Information Governance Committee (or “TEAM”) consists of a

representative from nearly every department including commercial banking, commercial lending,

finance, legal, accounting, risk management, investment services, retirement account servicing,

quality and compliance areas, human resources, credit card servicing, and marketing.

Your team has had only one organizational meeting. At that initial meeting, the team was

asked to do two things. One was to identify what each team member perceives as worthy goals of

the information governance program, and secondly, to identify areas that are in immediate need of

improvement, from their own background and perspective. They team returned the following:

The goal of the information governance program should include but not be limited to the

following:

1. Developing processes to ensure better coordination of care throughout the entire organization;

2. Maintain a competitive advantage in the geographical regions served;

3. Ensuring that the organization is analytics-driven;

4. Improved performance and outcomes;

5. Becoming nimble enough to respond quickly and accurately to information requests from your depositors, borrowers, investors, credit card customers, overall customer

care, legal holds, e-discovery and litigation, and for accountability and auditing;

6. Develop a viable retention and destruction schedule for active and inactive customer information;

7. Improve security and protect sensitive data while at the same time allowing necessary access to eliminate impediments for staff that make it difficult to accomplish their job

duties; and,

8. Increase the accuracy of information related to outcomes, and financial leadership to ensure the organization will meet or exceed its financial goals.

At its initial meeting, your newly formed Information Governance Committee, after some

brainstorming and collaboration produced the following list, which is by no means complete, but

which was identified by your team members as “high” on their list of problems facing the

organization which the team members believed could be resolved and/or minimized through

effective information governance:

1. A number of serious errors that adversely affect patient safely resulted from inadequate

user training on how to use the system, as well as laziness of staff in documenting and

charting;

2. Inability to capture information necessary for required reporting related to deposits,

withdrawals, lending and investment records;

3. Inaccurate and incomplete release of information for litigation and business purposes that

had resulted from poor systems integration and improper data retention policies;

4. Issues associated with a high rate of customer matching and cross referencing errors in all

the master depositor database, master borrower database, master investor database, and

master credit card holder database;

5. Need for updating access controls that ensured appropriate security levels for those

handing deposit accounts, investment accounts, credit cards, and loans, and for those

having access to customer records for purposes of billing and reporting, and;

6. Need for better security of protected financial/banking/investment information in order to

comply with stricter regulatory requirements.