Ten Basic Principles

These ten principles was included in the Handbook for Information Policy, that I wrote for the US DoD in 1999. They are equally relevant today and they focus on governing data and information as vital resources/assets:

1. Data/Information Principle - Data and Information are invaluable resources that should be managed and shared across organizational boundaries. This principle reduces barriers between functional business areas, between partners, allies, individuals, disciplines and organizations. Shared information must be secured and privacy protected while making it available to those who need it to do their job.


2. Management Principle - Managing information is a fundamental and individual responsibility, which cannot be delegated. Executive leadership and involvement is critical to the success of information management.
   
3. Standards Principle - Information should have standardized structures and representations. Standard content (name, classes and definitions), context (business rules) and various types of associations will simplify interoperability, usage, quality and safety.
   
4. People Principle - Information empowers people. Government workers can do their jobs better and citizens can participate in our democracy more effectively with good information.
   
5. Electronic Principle - Information resources/assets are created, stored and maintained in electronic form. Redundant information resources will be avoided (prepared/created once and used many times).


6. International Principle - Information is an international resource/asset. This principle allows us to create new avenues for cooperation, due to the fact that our problems are shared with all other nations. We share the same technical, legal and security problems and barriers.


7. Lifecycle Principle - Information Resources/Assets will be maintained and made available for all appropriate processes and applications throughout its lifecycle (which can be much longer than the object it describes). The information will therefore be the stabilizing factor to support and facilitate flexible changes into business processes and information technology.


8. Independence Principle - Mission applications are independent of the data repository process, providing a modular environment that permits rapid business processes change. Information resources/assets must therefore be managed separately from stovepipe, proprietary and short lifecycle applications (this was written before SOA was defined).


9. Security Principle - Define and assign access levels and implement safeguards can be made to avoid unauthorized disclosure, contamination or destruction through inadvertent mistakes. The information resources/assets shall enable levels of accessibility, assure integrity, and give timely availability in a distributed environment.


10. Quality Principle - Reliable, accurate, timely and understandable data brings trust and authority. Data quality is primarily achieved during preparation of data instead of through detection and correction.

Information Management Precepts

Information management will focus on development and modernization of policy in accordance the following precepts:

• Information is created once, updated and universally available to authorized users throughout the product life cycle.


• In the shared data environment, sharing or reuse of existing data is the norm. Source Data is prepared or acquired one time. Data models and associated business rules ensure consistency of structure and content and a common understanding of the data. Commercial and international standards shall be applied.


• Information is managed as an asset. - The notion of data as being owned by a particular individual, organization, or information system has given way to a new view. Data is now perceived as a valuable asset, to be treated as other enterprise assets. Principles must be established, policies implemented, and strategies developed for the management of data. The best policies, plans, data architecture, and strategies are of no benefit, however, unless responsibility and accountability for the data are assigned.


• Information assurance. Access to information and the aggregation of information is governed by the strict adherence to protocols, which provide assurance and mitigate the potential for contamination and compromise of information.


• Enable electronic business. The capability to efficiently transact and conduct business partnerships with industry is dependent upon the availability and agreed use of interface standards, which facilitate the electronic communications and data sharing. Commercial and international standards will be applied.


• Extend the integrated data environment, developed during initial acquisition, throughout the life cycle. This will enable efficient data distribution and data sharing as well as concurrent accomplishment of tasks throughout the life cycle. The success of working across functional boundaries will be reflected in cost savings resulting from successful data sharing projects and from reuse of data made visible to the user community via a shared information infrastructure.


• Metrics and incentives for life cycle behavior will be in place.