top of page

Compliance Governance & Oversight Council (CGOC) Process Maturity Model

As noted in last night's tip, the EDRM's Information Governance Reference Model is based in part on the Compliance Govermance & Oversight Council's (CGOC) Process Maturity Model. This model can be found in CGOC's Information Governance Benchmark Report in Global 1000 Companies . One of the founder's of the EDRM, George Socha, helped to prepare the report. While this entire report goes into some depth about information governance, you can find the Process Maturity Model on page 22.

The model lists different actions to be taken at four levels for 13 different processes in three areas.

Legal Holds (Scope Custodians; Scope Information; Publish; Interview Custodians)

Collection (Workflow; Methodology; Containment; Compliance)

Records and Information Management (Establish Retention Program, Catalog Laws; Manage Departmental Information Management Procedures; Routine Disposal; Disposition Legacy Data; Information Policy Audit)

For each process the model gives a brief description of what can by done at the ad hoc level; the manual, but structured level; the semi-automated level; and the fully automated level. So for example, when reading about electronic discovery, you hear an awful lot about the need to interview custodians. But how do you exactly go about this?

Well at the semi-automated level you'd "Online/auto interviews with system follow-up, view individual and aggregated responses, auto non-response escalations, alerts for specific answers, export for O/C." and at the automated level "Individual responses propagated to collections,custodian-specific collections instructions, interview results shared with outside counsel to interview by exception."

bottom of page