Article

From intention to strategy:

Building an information governance plan that fits your firm

1448x853 - Hero (case study)-2
Group 117 Risk to readiness: Article 2
In this article, Antony Wells explores the why building a strong governance plan before executing strategies benefits law firms.
 
This article also explores the positive aspects of having strong data and solid information governance when realising AI ambitions for legal firms. 

Across Australian law firms, there is broad agreement that information governance matters. Partners understand the risks associated with uncontrolled data growth. IT leaders see the operational strain of storage sprawl and inconsistent retention. Risk teams are aware of increasing scrutiny from clients and regulators. And executive management knows that AI ambitions cannot be realised on top of unmanaged information.

Yet despite this awareness, many firms remain in a holding pattern.

Policies exist. Conversations happen. Committees meet. But progress stalls between intention and execution.

The problem is rarely a lack of commitment. It is usually a lack of a strategy that feels achievable.

 

Why governance strategies stall

 

In mid-sized and even larger Australian firms, governance initiatives often falter for predictable reasons:

    • They feel too large to tackle in one piece.
    • Ownership is unclear.
    • The work competes with billable priorities.
    • The proposed “end state” seems disconnected from current reality.
    • There is concern about disruption.

Governance quickly becomes framed as a transformation programme rather than an operational discipline. That framing alone can be enough to delay action.

The firms that make progress approach governance differently. They do not attempt to design a perfect future-state model. They design a practical plan that reflects how their firm actually operates.

 

Start with maturity, not ambition

 

The first step in building a workable information governance strategy is understanding your starting point.

Where is information stored?
How consistent are retention practices?
Who owns disposal decisions?
What evidence could you provide today if a major client requested assurance?
How exposed are you to a large-scale discovery exercise?

For many firms, the answers reveal uneven maturity rather than total absence of governance. Some practice groups may operate with discipline; others may rely heavily on individual behaviour. Email retention may differ from document management practices. Legacy repositories may remain largely untouched.

A realistic strategy acknowledges these inconsistencies and prioritises them.

Rather than aiming for “complete governance maturity,” firms should identify:

    • Areas of highest legal and regulatory risk
    • Areas of greatest cost exposure
    • Areas most likely to be scrutinised by clients
    • Areas critical to AI readiness

This approach reduces overwhelm and creates momentum.

Designing a phased approach

 

Australian firms operate in a competitive and regulated environment. The Privacy Act, evolving data breach expectations, increasing client due diligence, and sector-specific obligations (including APRA requirements for some clients) all contribute to governance pressure.

However, responding to all of this at once is unrealistic.

A phased strategy typically follows a sequence such as:

sat around meeting table

Strategy must reflect operating reality

 

A common mistake is borrowing governance models from global firms without considering structural differences.

Mid-sized Australian firms often operate with leaner operational teams. Governance cannot rely on large compliance departments or standalone governance officers. Instead, it must operate through shared responsibility.

That means:

  • IT supports technical execution.

  • Records teams guide retention logic.

  • Risk teams align policy to regulatory obligations.

  • Practice management reinforces behavioural consistency.

A strategy that assumes new headcount is rarely approved. A strategy that redistributes clarity and accountability is far more realistic.

 

Align governance to business priorities

 

Governance strategies succeed when they are connected to immediate business objectives.

For some firms, that priority may be cost control. Storage growth and cloud migration expenses are tangible pressures. Reducing data volumes through disciplined retention can produce measurable savings.

For others, client assurance is the driver. Increasingly, Australian and international clients expect evidence of data management discipline. Being able to demonstrate structured governance can strengthen competitive positioning.

For firms investing in AI, governance becomes foundational. AI systems are only as reliable as the data they draw from. Poor data quality undermines innovation.

By explicitly aligning governance phases to these priorities, the strategy becomes commercially relevant rather than compliance-driven.

 

Avoid the “Big Bang” trap

 

There is a temptation to launch governance initiatives as large, highly visible programmes. This can create short-term attention but long-term fatigue.

Instead, governance should be embedded incrementally. Early wins — such as reducing a legacy archive or implementing consistent retention in a high-risk area — build credibility.

Success becomes cumulative.

 

Make strategy measurable

 

An effective governance strategy includes metrics from the outset. These might include:

    • Reduction in total data volume
    • Percentage of repositories aligned to retention policy
    • Time to respond to information requests
    • Audit findings and remediation timelines
    • Disposal volumes over defined periods

Measurement transforms governance from aspiration into management discipline.

From intention to action

 

The shift from intention to strategy is not about complexity. It is about structure.

Australian firms do not need theoretical frameworks or external benchmarks to begin. They need:

    • Clear visibility into current information holdings
    • Defined governance priorities
    • Phased, realistic sequencing
    • Shared ownership
    • Measurable outcomes

When governance strategy is grounded in operational reality and aligned to firm priorities, it becomes deliverable.

And once strategy becomes deliverable, execution becomes possible.

Read the other articles in this series by clicking the button below.

Risk-to-readiness series

About the author

 

Antony Wells is a seasoned professional committed to helping organisations optimise their information management responsibilities. In his role as Commercial Director, EMEA at LegalRM, Antony leads initiatives aimed at enhancing firms' information governance strategies, with a keen focus on compliance, risk mitigation, and cost reduction.

Before joining LegalRM, Antony amassed invaluable experience guiding firms in selecting and implementing document management solutions, throughout the legal and professional services market.

To get in touch with Antony to discuss how we could help you with your information governance strategy connect on Linkedin.

Originally published in Australia.