Skip to content. | Skip to navigation

Personal tools

Reference and guide to SFIA version 7. Framework status: Current standard.

Information governance IRMG

The overall governance of how all types of information, structured and unstructured, whether produced internally or externally, are used to support decision-making, business processes and digital services. Encompasses development and promotion of the strategy and policies covering the design of information structures and taxonomies, the setting of policies for the sourcing and maintenance of the data content, and the development of policies, procedures, working practices and training to promote compliance with legislation regulating all aspects of holding, use and disclosure of data.

Information governance: Level 7

Specifies at a strategic level the business functions and data subjects needed to support future business, thereby enabling the development of an Information Architecture. Establishes and communicates the organisation's information management strategy, developing it as an integral part of the business strategy. Directs information resources, to create value for the stakeholders by improving the performance of the organisation, whilst maintaining the principles of professional standards, accountability, openness, equality, diversity, and clarity of purpose. Responsible for compliance with regulations, standards and codes of good practice relating to information and documentation, records management, information assurance and data protection.

Information governance: Level 6

Develops organisational policies, standards, and guidelines for information and records management ensuring that uniformly recognised and accepted data definitions are developed and applied throughout the organisation. Ensures that the business processes and information required to support the organisation are defined, and devises appropriate processes and data architectures. Identifies the impact of any relevant statutory, internal or external regulations on the organisation's use of information and develops strategies for compliance. Leads and plans activities to communicate and implement information management strategies. Coordinates information resources to meet specific business objectives whilst maintaining the principles of professional standards, accountability, openness, equality, diversity and clarity of purpose. Implements systems and controls to measure performance and manage risk.

Information governance: Level 5

Understands the implications of information, both internal and external, that can be mined from business systems and elsewhere. Makes decisions based on that information, including the need to make changes to the systems. Reviews new change proposals and provides specialist advice on information and records management, including advice on and promotion of collaborative working and assessment and management of information-related risk. Creates and maintains an inventory of information assets, which are subject to relevant legislation. Prepares and reviews the periodic notification of registration details and submits them to the relevant regulatory authorities. Ensures that formal information access requests and complaints are dealt with according to approved procedures. Contributes to development of policy, standards and procedures for compliance with relevant legislation.

Information governance: Level 4

Ensures implementation of information and records management policies and standard practice. Ensures effective controls are in place for internal delegation, audit and control relating to information and records management. Assesses and manages risks around the use of information. Provides reports on the consolidated status of information controls to inform effective decision making. Recommends remediation actions as required. Ensures that information is presented effectively.