How do you get employees to actually follow information governance rules?
Getting employees to follow information governance (IG) rules is rarely a matter of willpower. People comply when the right behavior is clear, easy, supported, and reinforced. Mandates alone produce checkbox compliance; durable adherence comes from aligning policy, process, and culture.
Make the rules clear and reachable
Most non-compliance is not defiance. It is confusion. Staff cannot follow rules they cannot find or understand. Write policies in plain language, tie each rule to a concrete action (“file this type of record here, keep it this long”), and make guidance available at the moment of need rather than buried in a binder. A strong governance program documents who is responsible for what, so accountability is never ambiguous.
Reduce friction
If the compliant path is harder than the shortcut, people take the shortcut. Embed governance into the tools and workflows employees already use, so that correct classification, retention, and storage happen by default. The easier you make the right thing, the less you have to police the wrong thing.
Train for roles, not for the audit
Generic, once-a-year training fades quickly. Tailor instruction to what each role actually does with information, use real examples, and refresh it as systems and obligations change. Help employees understand why the rules exist, such as legal holds, privacy, FOIA, and audit readiness, so the behavior makes sense rather than feeling arbitrary.
Build accountability and visible leadership
Compliance follows expectations that are owned and measured. Assign clear ownership, set measurable expectations, and monitor outcomes. Leadership matters more than any memo: when managers model good recordkeeping and treat it as part of the job, staff follow. Recognize good practice, and address lapses consistently and fairly.
Treat it as ongoing, not one-time
Governance is a continuous program. Monitor practices, gather feedback on where rules are hard to follow, fix the friction points, and adjust. Internationally recognized records management practice frames this as a managed, repeatable system rather than a one-off project, supported by policy, assigned roles, and regular review.
For a broader overview of building and sustaining these programs, see the information governance topic hub.
Sources & further reading
Authoritative government and non-profit references.
- Records management policy and guidance — National Archives (NARA)
- ISO 15489-1 Records management — ISO
How to cite this page
APA
RM University Editorial. (2026). How do you get employees to actually follow information governance rules?. Records Management University. https://www.recordsmgmt.org/questions/how-do-you-get-employees-to-actually-follow-information-governance-rules/
MLA
RM University Editorial. "How do you get employees to actually follow information governance rules?." Records Management University, 16 June 2026, www.recordsmgmt.org/questions/how-do-you-get-employees-to-actually-follow-information-governance-rules/.
Related questions
- Big-bucket vs item-level retention schedules: how do I choose between them?
- Can a company be penalized for keeping data too long under privacy laws even if nothing was breached?
- Can a US company store records in the EU, or do data localization and cross-border transfer rules block it?
- Can executives or board members be held personally liable for information governance failures?
- Can information governance help reduce cloud storage costs, and how?