What is information governance?
Information governance (IG) is the overarching framework of policies, roles, accountability, and controls through which an organization manages all of its information — treating information both as a strategic asset to be used and as a liability to be controlled.
Broader than records management
Records management focuses on records specifically: capturing, retaining, and disposing of the recorded information an organization must keep as evidence. Information governance is broader. It unites several functions that are often run in silos:
- Records and information management
- Privacy and data protection
- Information security
- Data management and analytics
- E-discovery and litigation readiness
- Regulatory compliance
Where records management asks “how do we manage this record?”, IG asks “how does the whole organization make consistent, accountable decisions about its information so that those functions reinforce rather than contradict one another?”
The core elements
A working information governance program generally includes:
- Policy — clear, organization-wide rules for how information is created, used, retained, protected, and disposed of.
- Accountability — defined ownership, often a cross-functional governance body with executive sponsorship, so decisions stick.
- Defensible retention and disposition — keeping information as long as required and no longer.
- Privacy and security controls matched to the sensitivity of the data.
- E-discovery readiness — the ability to find and produce relevant information when litigation arises.
Frameworks such as the Information Governance Reference Model (IGRM) map how these pieces relate.
Why organizations invest in it
The drivers are practical: the sheer volume of information, the cost of storing and securing it, expanding privacy regulation, and the risk of holding data longer than necessary have all pushed governance to the executive level. Crucially, IG reframes disposing of unneeded information as a benefit rather than a loss — less data means lower storage cost, smaller breach exposure, and less burden in discovery.
In short, records management is a pillar within information governance. Building the broader framework ensures recordkeeping, privacy, security, and legal obligations all pull in the same direction. See the information governance hub for more.
Sources & further reading
Authoritative government and non-profit references.
- The Sedona Conference — Commentary on Information Governance — The Sedona Conference
How to cite this page
APA
RM University Editorial. (2026). What is information governance?. Records Management University. https://www.recordsmgmt.org/questions/what-is-information-governance/
MLA
RM University Editorial. "What is information governance?." Records Management University, 15 March 2026, www.recordsmgmt.org/questions/what-is-information-governance/.
Related questions
- Big-bucket vs item-level retention schedules: how do I choose between them?
- Can a company be penalized for keeping data too long under privacy laws even if nothing was breached?
- Can a US company store records in the EU, or do data localization and cross-border transfer rules block it?
- Can executives or board members be held personally liable for information governance failures?
- Can information governance help reduce cloud storage costs, and how?