In the case mentioned above, the company failed to create adequate policies for the preservation of evidence related to litigation, and as a result, the jury was specifically instructed about its wrongdoing. There have been countless other cases where organizations paid a price simply because they did not invest the time and money required to create a set of policies and procedures adequate to address their Information Management needs. Policies and procedures don't need to be complex—in fact, often the simpler they are, the better.

Policies and procedures are the management tools that an organization uses to codify and communicate its approach to Information Management. They serve a variety of legal, compliance, operational, and business purposes. And, in the context of IMC, they provide the criteria that the program itself must comply with.

Policies and procedures work together to provide a two-tiered set of directives and guidelines. While policies provide a high-level articulation of an organization's position on particular issues, procedures bring ...