What does an information governance committee actually do day to day?
An information governance (IG) committee is the cross-functional body that decides how an organization creates, uses, protects, and disposes of information. Its purpose is rarely glamorous, but its day-to-day work keeps records reliable, risk manageable, and compliance defensible. Most committees pull together representatives from records management, legal, IT, security, privacy, and key business units so that decisions reflect the whole enterprise rather than one silo.
Setting and Maintaining Policy
A large share of committee work is policy stewardship. Members draft, review, and update the rules that govern information across its lifecycle: retention schedules, classification standards, acceptable-use policies, and disposition procedures. They periodically revisit these documents to keep pace with new laws, new systems, and new types of records (such as collaboration messages or cloud-stored files). When a gap or conflict surfaces, the committee is where it gets resolved.
Making Operational Decisions
Beyond writing policy, the committee makes ongoing calls that individual staff cannot make alone:
- Approving new retention periods or changes to existing schedules.
- Authorizing destruction of records that have met their retention.
- Reviewing requests to keep, migrate, or decommission systems holding records.
- Issuing and lifting legal holds when litigation or investigation is anticipated.
- Weighing in on where sensitive or regulated data may be stored and shared.
Oversight, Risk, and Coordination
The committee also monitors how well policy is actually working. That means reviewing audit results, tracking compliance metrics, investigating incidents (lost records, privacy breaches, mishandled data), and recommending corrective action. It coordinates the response to access demands such as records requests, discovery, and audits, ensuring the right people and processes are engaged.
Just as important is the human side: championing training, raising awareness, and clarifying roles so employees understand their recordkeeping responsibilities. Recognized frameworks like ISO 15489 stress that effective records management depends on clear accountability and sustained oversight rather than one-time projects.
In short, an IG committee spends its time translating principles into practice: deciding what information is kept, for how long, who can touch it, and when it goes away. Much of that work is routine review and quiet coordination, but it is what makes an organization’s information trustworthy and its risk defensible.
Learn more at the information governance topic hub.
Sources & further reading
Authoritative government and non-profit references.
- ISO 15489-1 Records management — ISO
- ARMA International — ARMA International
How to cite this page
APA
RM University Editorial. (2026). What does an information governance committee actually do day to day?. Records Management University. https://www.recordsmgmt.org/questions/what-does-an-information-governance-committee-actually-do-day-to-day/
MLA
RM University Editorial. "What does an information governance committee actually do day to day?." Records Management University, 16 June 2026, www.recordsmgmt.org/questions/what-does-an-information-governance-committee-actually-do-day-to-day/.
Related questions
- Big-bucket vs item-level retention schedules: how do I choose between them?
- Can a company be penalized for keeping data too long under privacy laws even if nothing was breached?
- Can a US company store records in the EU, or do data localization and cross-border transfer rules block it?
- Can executives or board members be held personally liable for information governance failures?
- Can information governance help reduce cloud storage costs, and how?