This isn’t about information as such, but more about compliance and third parties.
Regulators of offshore drilling have normally looked solely to the oil & gas leaseholder (e.g., Shell, BP, or ExxonMobil) with regard to safety, rather than going one step further and directly reaching the contractors of the leaseholder (e.g., Halliburton, Schlumberger) or their subcontractors (e.g., Bubba’s Offshore Services). But in 2011 the Bureau of Safety and Environmental Enforcement (part of the Department of the Interior) starting looking at contractors, too0, holding both the leaseholder and the contractor liable for violations. OSHA’s enforcement authority is problematic offshore; there are difficult issues of jurisdiction and transportation between OSHA (the Department of Labor agency that normally investigates workplace deaths) and the US Coast Guard.
So, when a Filipino welder falls from an offshore platform and dies, Offshore Specialty Fabricators (who employed the welder) is being investigated, along with Energy Resource Technology ( a subsidiary of Talos Energy), who owns the platform and who contracted with Offshore for some dismantling work.
“More scrutiny for offshore work,” Houston Chronicle, November 3, 2013, D3 http://bit.ly/1aWbhVZ
What does this have to do with information governance/management? If you give your information to a contractor, does (s)he in turn give it to a subcontractor? Do the contractor and subcontractor both follow your controls on information management? How do you know? Is a paragraph in the contractor cover it all? What’s the risk?
I also think that today information governance/management occupies the same space in the minds of management as safety and environmental issues did fifty years ago.