Discussion Information Governance

 There are several steps in Information Risks planning.  How can you utilize these steps to create a “Security Data Policy for employees storing personal data on their work computers.” Describe how you will use each step. Will you need to use all the steps, if not what steps would be eliminated and why?  

CHAPTER

Don't use plagiarized sources. Get Your Custom Essay on
Discussion Information Governance
Just from $13/Page
Order Essay

3

INFORMATION GOVERNANCE

IG Principles
ITS

8

33

Dr. Mia Simmons

Chapter Overview

■ This chapter will cover pages

2

5

– in your book.

■ This chapter will cover the

10

Key Principles of IG, which are

the Basis for IG Best Practices

2

Key Principles

■ Executive sponsorship – The sponsor must drive the effort, clear
obstacles for the IG team or committee, communicate the goals and
business objectives that the IG program addresses, and keep upper
management informed on progress

■ Information policy development and communication – Clear
policies must be established for the access and use of information, and
those policies must be communicated regularly and crisply to
employees.

■ Information integrity – This area considers the consistency of
methods used to create, retain, preserve, distribute, and track
information

– data governance – techniques and technologies to ensure quality
data.

– Information integrity means there is the assurance that
information is accurate, correct, and authentic.

3

Key Principles
■ Information organization and classification – This means

standardizing formats, categorizing all information, and semantically linking
it to related information.

– document labeling -can assist in identifying and classifying
documents. Metadata associated with documents and records must
be standardized and kept up-to-date.

■ Information security- This means securing information in its three
states: at rest, in motion, and in use. It means implementing measures to
protect information from damage, theft, or alteration by malicious outsiders
and insiders as well as non malicious (accidental) actions that may
compromise information.

– personally identifiable information (PII)

■ Information accessibility – Accessibility is vital not only in the short term
but also over time using long-term digital preservation (LTDP) techniques
when appropriate (generally if information is needed for over five years).

– Accessibility must be balanced with information security concerns.

4

Key Principles

■ Information control – Document management and report management
software must be deployed to control the access to, creation, updating, and printing

of documents and reports.

– Legal Hold Process for cases and court proceedings.

■ Information governance monitoring and auditing – To ensure that
guidelines and policies are being followed and to measure employee

compliance levels, in-formation access and use must be monitored.

– document analytics can track how many documents or reports users

access and print and how long they spend doing so

■ Stakeholder consultation – Those who work most closely to information
are the ones who best know why it is needed and how to manage it, so

business units must be consulted in IG policy development.

■ Continuous improvement – ongoing programs that must be reviewed
periodically and adjusted to account for gaps or shortcomings as well as

changes in the business environment, technology usage, or

business strategy

5

GAR Principles “The Principles”
■ ARMA International published a set of 8 Generally Accepted

Record keeping Principles

1. Accountability

2. Transparency

3. Integrity

4. Protection.

5. Compliance.

6

. Availability.

7. Retention.

8. Disposition.

6

7

The Generally Accepted Recordkeeping Principles maturity model measures

record keeping maturity in five levels

Methods of Disposition
■ Discard.

– The standard destruction method for nonconfidential records. If
possible, all records should be shredded prior to recycling. Note that
transitory records can also be shredded.

■ Shred.

– Confidential and sensitive records should be processed under strict
security. This may be accomplished internally or by secure on-site
shredding by a third party vendor who provides certificates of secure
destruction. The shredded material is then recycled.

■ Archive.

– This designation is for records requiring long-term or permanent
preservation. Records of enduring legal, fiscal, administrative, or
historical value are retained.

■ Imaging.

– Physical records converted to digital images, after which the original
paper documents are destroyed.

■ Purge.

– This special designation is for data, documents, or records sets that
need to be purged by removing material based on specified criteria.
This often ap-plies to structure records in databases and applications

8

Improvement Areas

9

Chapter Summary

10

Information Governance

Chapter 3

Complete Week 2 Objectives

Calculator

Calculate the price of your paper

Total price:$26
Our features

We've got everything to become your favourite writing service

Need a better grade?
We've got you covered.

Order your paper