© May not be reproduced without permission of Financial Ombudsman Service Ltd 1 what is “information risk” and what should we be doing about it? Christina.

Slides:



Advertisements
Similar presentations
Conducting your own Data Life Cycle Audit
Advertisements

TWO STEP EQUATIONS 1. SOLVE FOR X 2. DO THE ADDITION STEP FIRST
Planning Reports and Proposals
The Principal Financial Group High-level Site Audit.
Slide 1 Insert your own content. Slide 2 Insert your own content.
Chapter 24 Quality Management.
1 Chapter 40 - Physiology and Pathophysiology of Diuretic Action Copyright © 2013 Elsevier Inc. All rights reserved.
1 of 13 Organization and Management Information Management in Your Organization IMARK Investing in Information for Development Organization and Management.
1 of 21 Information Strategy Developing an Information Strategy © FAO 2005 IMARK Investing in Information for Development Information Strategy Developing.
1 of 19 How to invest in Information for Development An Introduction IMARK How to invest in Information for Development An Introduction © FAO 2005.
1 of 18 Information Access Introduction to Information Access © FAO 2005 IMARK Investing in Information for Development Information Access Introduction.
Ashutosh Pednekar, FCA, CISA, ISA (ICA), LLB (Gen), B.Com. Partner, M P Chitale & Co. November 6, 2007 IRDA – ICAI Round Table Meeting on Insurance Industry.
September 2013 ASTM Officers Training Workshop September 2013 ASTM Officers Training Workshop Strategic Planning & New Activity Development September 2013.
THE CERTIFYING AUTHORITY
The Managing Authority –Keystone of the Control System
The Copyright Hub Licences for Europe Working Group 2 – UGC and Small scale users 7 March 2013 Dr Ros Lynch Director, Copyright Licensing Coordination.
0 - 0.
SUBTRACTING INTEGERS 1. CHANGE THE SUBTRACTION SIGN TO ADDITION
MULT. INTEGERS 1. IF THE SIGNS ARE THE SAME THE ANSWER IS POSITIVE 2. IF THE SIGNS ARE DIFFERENT THE ANSWER IS NEGATIVE.
Teacher Name Class / Subject Date A:B: Write an answer here #1 Write your question Here C:D: Write an answer here.
Addition Facts
Preventing Infringement of Intellectual Property (IP) Rights in the Workplace Awareness raising to how to prevent infringement within [business name] September.
Introduction into files and folders (directory). 2 Learning Outcome Develop file management strategies Explore files and folders Create, name, copy, move,
1 Portals – an institutional imperative Paisleys portal production process Tony Shaw, Anne Strachan Network and Information Systems Management University.
Project Appraisal Module 5 Session 6.
Tel Marketing and Profile-raising through blogging Christine Goodair, BA MCLIP CIG Workshop 8 th June 2007.
Preserving and Sharing Digital Data Greg Colati, Director, Archives and Special Collections May 11, 2012.
Nigel Curry Helices Consulting Ltd Rethinking Construction and Centre for Construction Innovation.
A brief for top management Prepared by the Institute of Quality Assurance Integrated Management Special Interest Group Future management is integrated.
Effectively applying ISO9001:2000 clauses 6 and 7.
“The Honeywell Web-based Corrective Action Solution”
5.9 + = 10 a)3.6 b)4.1 c)5.3 Question 1: Good Answer!! Well Done!! = 10 Question 1:
2 1.Client protection principles 2.Principle #6 in practice 3.The client perspective 4.Participant feedback 5.Tools for improving practice 6.Conclusion.
Determining the Significant Aspects
Why Security? A Commitment for [the Agency’s] Executives [CIO’s name] EC Presentation [date]
Digital Futures International Forum - Tuesday 18th September 1 Digital Futures International Forum The Digitisation Standard: Back & Forth Stephen Clarke.
Take from Ten First Subtraction Strategy -9 Click on a number below to go directly to that type of subtraction problems
1 Functional Strategy – IS & IT Geoff Leese November 2006, revised July 2007, September 2008, August 2009.
Strategic Financial Management 9 February 2012
2 3 There are two basic areas where there is a need to have resources available. Internal:  Financial  Personnel  Assets  Time External  Consultants.
Past Tense Probe. Past Tense Probe Past Tense Probe – Practice 1.
1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.
Addition 1’s to 20.
© 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice HP TRIM HP Information Management.
1 A risk-based approach to auditing procurement in English councils Mark Wardman Senior Manager Audit Commission 19 May 2014.
Test B, 100 Subtraction Facts
1 Budgets and Budgetary Control Prepared and Presented By Gladstone K. Hlalakuhle.
11 = This is the fact family. You say: 8+3=11 and 3+8=11
Don’t Lose the Lettuce Cash Handling Procedures Cash Handling Procedures “Don’t Lose the Lettuce” Pepperdine University Cashier’s.
Week 1.
Chapter Ten Marketing Communications and Customer Response.
GRS Transmittal 23 GRS Team Records Management Services Office of the Chief Records Officer.
International Opportunities
Operations Management: Financial Dimensions
1 Ke – Kitchen Elements Newport Ave. – Lot 13 Bethesda, MD.
20-1 Retail Mgt. 11e (c) 2010 Pearson Education, Inc. publishing as Prentice Hall Integrating and Controlling the Retail Strategy RETAIL MANAGEMENT: A.
Strand 2 Supporting Providers to Engage with Employers Commissioned and funded byOrganised by.
Slide 1 of 16 An Overview of Legal Issues Relating to BCE and pointers to specific legal resources Supporting Professional Development for Engagement:
Chapter 14 Fraud Risk Assessment.
INFORMÁCIÓMENEDZSMENT CILIP irányelvek szervezetek számára 2014.
Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Effectively applying ISO9001:2000 clauses 5 and 8
Recordkeeping for Good Governance Toolkit Digital Recordkeeping Guidance Funafuti, Tuvalu – June 2013.
The Government Recordkeeping Survey 2008 Natalie Dewson, Senior Advisor, Government Recordkeeping Programme, Archives New Zealand.
Public Protection Service 2008/9 Charter Mark and Electronic Data Management System (EDMS) Improve performance and efficiency together with improving customer.
SCHOOLS FINANCE OFFICERS MEETINGS Records Management, “Paper-Lite” Environments and Procedures when a school closes Elizabeth Barber.
University Information Audit 2014
Rich Grudman Program Administrator 10/9/08
Outlook and Shared Drives
Why do we need to keep records
Presentation transcript:

© May not be reproduced without permission of Financial Ombudsman Service Ltd 1 what is “information risk” and what should we be doing about it? Christina Somovilla & Aynsley Taylor

© May not be reproduced without permission of Financial Ombudsman Service Ltd 2 the Financial Ombudsman Service  established by the Financial Services and Markets Act 2000  funded by the financial services industry  complaints about regulated financial services and products  can be brought by individuals and some small businesses  we are now around ten times the size we were at the beginning  started out in one building, we now occupy four

© May not be reproduced without permission of Financial Ombudsman Service Ltd 3 the Financial Ombudsman Service

© May not be reproduced without permission of Financial Ombudsman Service Ltd 4 the big issues  41% of organizations are not confident that their electronic information is “accurate, accessible, and trustworthy” AIIM Research, 2013  government and third sector lose £29bn a year through poor information management EDM group research, 2013

© May not be reproduced without permission of Financial Ombudsman Service Ltd 5 In the public imagination

© May not be reproduced without permission of Financial Ombudsman Service Ltd 6 defining “information risk”  understanding information as a key business asset  what value do we give it?  how does it compare to other business assets?

© May not be reproduced without permission of Financial Ombudsman Service Ltd 7 what are the risks?  two types of loss  failing to exploit what we have  not understanding its value  not understanding its nature

© May not be reproduced without permission of Financial Ombudsman Service Ltd 8 internal and external  our website  sharing directly with other organisations   publishing our decisions  our case-handling system  shared drives   intranet

© May not be reproduced without permission of Financial Ombudsman Service Ltd 9 analogue and digital  old wine in new bottles?  applying methodology to all media and formats  changing expectations of staff and customers  opportunities from digitising content

© May not be reproduced without permission of Financial Ombudsman Service Ltd 10 what we are doing There are 3 separate strands of work:  information security  information rights  information management…

© May not be reproduced without permission of Financial Ombudsman Service Ltd 11 what we are doing: information management  Aims  Find information quickly and easily  Know what information we’ve got and where it is stored  Sharing information appropriately  Reduce the volumes of information we hold

© May not be reproduced without permission of Financial Ombudsman Service Ltd 12 what we are doing: information management  Shared drive – what we had:  Unstructured information  Difficult to find information  Out of date  No ownership  Lots of duplication  Lots of personal data  Silos of information  No formal permission process

© May not be reproduced without permission of Financial Ombudsman Service Ltd 13 what we are doing: information management  Shared drive – what we did  Audit  File plan  Retention schedules  Access control  Local records officers  Shared spaces  Awareness raising  Monitoring

© May not be reproduced without permission of Financial Ombudsman Service Ltd 14 what we are doing: information management  Unfinished job!  Expansion = less control  Review of file plan  Surfacing “lost” information  More collaborative workspaces needed

© May not be reproduced without permission of Financial Ombudsman Service Ltd 15 what we want to do “information risk management”  evaluate information  identify risks  consider likelihood  consider impact  appropriate and proportionate action

© May not be reproduced without permission of Financial Ombudsman Service Ltd 16 what we want to do  information architecture  community of practice  join up with other projects and programmes  cultural change

© May not be reproduced without permission of Financial Ombudsman Service Ltd 17 Q&A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.