EDRM updates information governance model for AI and privacy era

EDRM has released IGRM v4.1, its first major update to the Information Governance Reference Model since 2012, to help organizations manage information value, risk, and compliance across business, legal, IT, security, privacy, and records functions. The revision adds guidance for unified governance and AI-era data governance, and it will inform the upcoming EDRM 2.0 revision. Why it matters: - Organizations are facing tighter pressure to balance the value, risk, and cost of information across its full lifecycle. - EDRM says the revised model is meant to help enterprises make defensible decisions as AI, privacy, and cross-functional governance needs grow more complex. - The update also positions information governance as a foundation for the next revision of EDRM 2.0. What happened: - EDRM released Information Governance Reference Model version 4.1 on June 18, 2026. - The release marks the first major revision to the IGRM since 2012. - The model is designed as an intellectual framework for integrating policy and process across information stakeholders. - The stakeholder groups include business leaders, IT, security, records and information management, legal counsel, risk professionals, and privacy professionals. - Eric Mandel, IGRM Project Trustee and director of global advisory services at KLDiscovery Ontrack, said the revision was a collaborative effort by practitioners. - David R. Cohen, CEO of ATJustice and chair of EDRM’s Board of Project Trustees, said information governance is increasingly important in the era of AI. - Mary Mack, EDRM CEO and chief legal technologist, said the model is intended to support collaboration and enterprise-wide alignment. The details: - IGRM v4.1 offers guidance on policies and processes that integrate stakeholder perspectives and align competing priorities. - The model covers information decisions from creation through disposal. - The revision emphasizes a perpetual policy-process cycle, where governance changes through ongoing interaction between policy development and real-world implementation. - Key enhancements include expanded guidance on unified governance structures. - The update adds clearer articulation of stakeholder viewpoints and interdependencies. - The model provides a clearer framework for balancing value and risk. - EDRM says the guidance includes practical strategies for operationalizing information governance at enterprise scale. - The revision reflects lessons learned from organizations worldwide. - The model addresses the intersection of information governance and data governance in AI-driven business decisions. - EDRM listed the project contributors as Matthew Bernstein, David R. Cohen, Robert Daniel, Tara Emory, Kyle Goyette, Ronald Hyams, Doug Kaminski, Brenda Kramer, Paul Mullon, Rebecca Perry, Eric M. Robinson, and Eric Sedwick. - The IGRM 4.1 User Guidelines are available for download. Between the lines: - The update suggests EDRM sees governance as a shared operating model, not a siloed compliance function. - The timing points to a broader shift in which AI and data governance are becoming inseparable from records, legal, privacy, and security planning. - By tying IGRM v4.1 to EDRM 2.0, EDRM is signaling that the new framework may shape its broader standards work. What’s next: - EDRM says IGRM v4.1 will serve as the foundation for the upcoming revision to EDRM 2.0. - The organization invites organizations and users to access its resources and contact info@edrm.net for more information. - EDRM continues to position the model as a reference point for teaching and implementing information governance across enterprises. The bottom line: - EDRM is updating its core information governance framework for an AI-driven, privacy-sensitive environment, with a stronger emphasis on unified decision-making across the enterprise.