I would first recommend that you itemize and classify all “types” of Data and Information. For example:
– Internal Databases
– External Databases
– Data Feeds Into the Enterprise (i.e. from External Data Sources)
– Data Feeds Leaving the Enterprise (i.e. to External Data Targets)
– Laptop Storage
– Desktop Storage
– Server Storage
– Mainframe Storage
– Internet Data
– Extranet Data
– Intranet Data
– Marketing/Communications Data & Information
– Support/Service Data & Information
The list can be long. However, starting with the list will help you go after each line item, individually, and show measured progress as you develop a plan and set of policies for each.
I hope this helps.