I would first recommend that you itemize and classify all “types” of Data and Information. For example:
- Internal Databases
- External Databases
- Data Feeds Into the Enterprise (i.e. from External Data Sources)
- Data Feeds Leaving the Enterprise (i.e. to External Data Targets)
- Laptop Storage
- Desktop Storage
- Server Storage
- Mainframe Storage
- Internet Data
- Extranet Data
- Intranet Data
- Marketing/Communications Data & Information
- Support/Service Data & Information
The list can be long. However, starting with the list will help you go after each line item, individually, and show measured progress as you develop a plan and set of policies for each.
I hope this helps.