Why Information Governance….instead of Records & Information Management? Angela Fares, RHIA, CRM, CISA, CGEIT, CRISC, CISM 817.352.4929 or

Slides:



Advertisements
Similar presentations
The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.
Advertisements

Fe Angela M. Verzosa1 Effective Records Management.
The Impact of Auditing on Records Management Risk and Compliance Susan B. Whitmire, CRM, FAI Manager, Enterprise Records and Information Management BlueCross.
What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.
Records Management for UW-Madison Employees – An Introduction UW-Madison Records Management UW-Archives & Records Management 2012 Photo courtesy of University.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
Security Controls – What Works
Developing a Records & Information Retention & Disposition Program:
August 9, 2005UCCSC Converting Policy to Reality Building Campus Security Programs Karl Heins -- Director of IT Audit Services Office of the University.
1 © Copyright 2008 EMC Corporation. All rights reserved. Litigation Response Planning: eDiscovery Best Practices Stephen O’Leary Sr. eDiscovery and Compliance.
Welcome! Records Management July 21, Good Management of Records Serve as evidence of relationship between City and its citizens Document current.
Achieving our mission Presented to Line Staff. INTERNAL CONTROLS What are they?
The Role of Risk Management and Assurance in Effective Organizational Governance Urton Anderson The University of Texas at Austin.
Department of Commerce Records Management Training.
Created May 2, Division of Public Health Managing Records What is a Record? What is a Records Retention & Disposition Schedule? Why is this Important?
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
The Principles: How we incorporated them into our Business Process by Lawrie Barroner.
Why Records Management
Internal Auditing and Outsourcing
Project Human Resource Management
U.S. Department of the Interior U.S. Geological Survey USGS Records Management Program: Initiatives, Opportunities, and Assistance Administration and Enterprise.
By Helen Streck President/CEO Kaizen InfoSource LLC Litigation Readiness: Information Manager’s Role.
Social Media Jeevan Kaur, Michael Mai, Jing Jiang.
Local records in the corporate retention schedule - are they in or out? Business Archives Council 10 November 2011.
Electronic Records Management: What Management Needs to Know May 2009.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
1 Comp7780 Update  Why?  What?  How? What have you learnt? Comp
BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Global Program Management Dawn Davis, SVP Global Records Management.
Lecture #9 Project Quality Management Quality Processes- Quality Assurance and Quality Control Ghazala Amin.
Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.
Establishing A Compliance Program: It Makes Sense
© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.
STORAGE MANAGEMENT/ EXECUTIVE: Managing a Compliant Infrastructure Processes and Procedures Mike Casey Principal Analyst Contoural Inc.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.
Roles and Responsibilities
Implementing and Auditing Ethics Programs
Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International.
Marco Nasca Senior Director, Client Solutions TRANSFORMING DISCOVERY THROUGH DATA MANAGEMENT.
Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Serving the Public. Regulating the Profession.. A Strategic Plan is not an ends… …but rather a means 2.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 7 Database Auditing Models.
Privacy Project Framework & Structure HIPAA Summit Brent Saunders
CRM Prep Workshop Part 4 Records Appraisal, Retention, Protection and Disposition.
ILTA – Insight 2007 E-Disclosure --Preparing for Compliance-- Moderator: Sally Gonzalez, Director, Navigant Consulting, Inc. Panelists: Oz Benamram, Director.
The Value Driven Approach
Data Governance 101. Agenda  Purpose  Presentation (Elijah J. Bell) Data Governance Data Policy Security Privacy Contracts  FERPA—The Law  Q & A.
Jeff Miller Tamra Pawloski IT Procurement Summit headline news…
The Direction of Information Security and Privacy in State Government Presented by Colleen Pedroza Chief Information Security Officer California State.
DATA IT Senate Data Governance Membership IT Senate Data Governance Committee Membership Annie Burgad, Senior Programmer, Central IT Julie Cannon, Director.
1 1 Building RIM Programs Chattanooga Chapter of ARMA International by Helen Streck President and CEO Kaizen InfoSource LLC.
Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International.
Information Security Office: Function, Alignment in the Organization, Goals, and Objectives Presentation to Sacramento PMO March 2011 Kevin Dickey.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
Information Governance: A Grassroots Success Story
Leveraging the Data Map – A Case Study November 15, 2016
CPA Gilberto Rivera, VP Compliance and Operational Risk
Data Minimization Framework
Microsoft 365 Get help with regulatory compliance
eDiscovery & Information Governance Think Tank
San Francisco IIA Fall Seminar
I have many checklists: how do I get started with cyber security?
Privacy Project Framework & Structure
RECORDS AND INFORMATION
The General Data Protection Regulation: Are You Ready?
Managing IT Risk in a digital Transformation AGE
Data Governance & Management Skills and Experience
IUC Records Retention Tool: Zasio’s Versatile Retention
Presentation transcript:

Why Information Governance….instead of Records & Information Management? Angela Fares, RHIA, CRM, CISA, CGEIT, CRISC, CISM or May 12, 2015

Why Information Governance?  Explosive growth of information outside of traditional records and information management venues.  Challenges to maintenance of data integrity, availability, and data control in the face of massive volumes of data.  Technology advances that have culturally changed how we create, capture, use, retrieve, and manage records.  Regulatory requirements that require new measures of security and protection of information.  Regulatory requirements that require production of data rather than just records (information that is not a distinct physical document.

What is Information Governance? “Security, control, and optimization of information” Robert Smallwood “Information governance is the activities and technologies that organizations employ to maximize the value of their information while minimizing associated risks and costs.” Information Governance Initiative “Comprehensive, holistic approach to information management that manages information throughout its lifecycle.” Penny Quirk

Benefits  Retention of information in compliance with regulations, operating needs, and legal hold requirements.  Systematic disposition of information when it has no further legal or business value  Improved access to and preservation of needed information for both business and legal purposes.  Protection of private and sensitive information requiring heightened security controls and oversight.  Overall contribution to the mission and vision of an organization.

Key Components: Information Governance Steering Committee  Executive Leadership  Inclusive Representation  Working Teams  Information Stewards/Coordinators

Key Components: Information Governance Policy  Scope  Purpose  Objectives  Responsibilities  Standards

Key Components: Information Mapping  Retention Schedule  Discovery Data Maps  Application Profiles  Information Security and Data Classification Inventories  Privacy Data Flows  Historical Records Preservation  Vital Records Protection  Definitions

Key Components: Information Governance Strategy  Creating a common language of definitions  Process for management of physical records  Process for management of structured databases  Process for management of unstructured content: , collaborative environments, information shares, etc.  Process for risk-based assessments that are aligned with corporate goals and strategies

Key Components: Privacy and Security  Privacy Policy and Program  Data Loss Prevention  Data Minimization  Information Storage Program  Breach Response Program

Key Components Employee Training & Compliance  New employees  Existing employees  Contractors  Third Parties

Key Components: Discovery Readiness Program  Ensure that the discovery process is managed, executed, and documented in a repeatable and defensible manner.  Establish and communicate roles and responsibilities of each member of the discovery readiness team.  Comply with applicable state and federal laws as well as “best practice” guidelines and recommendations pertaining to discovery.  Reasonably respond to regulatory inquiries, discovery requests, and subpoenas in an efficient, effective, and fiscally responsible way.

Key Components: Measure and Adjust  Risk Assessments  Follow-Up  Monitoring  Controlled Self Assessments  Change Control  Project Team Participation

Key Components: Success Metrics!  Number of employees that complete training on privacy and information management.  Identification and elimination of duplicate, unstructured content on file shares using file analysis software.  Elimination of orphaned content from decommissioned systems, terminated employees, and abandoned projects.  Successful completion of intrusion detection, data leakage, or vulnerability testing.  Employees trained on information privacy, management, and security.  Successful defense against cyber attacks.  Reduced costs for discovery.  Reduction of storage space consumed.

Information Governance: A New Program

Future Challenges  Culture  Poor data quality  Cost  Risk  Privacy

Future Roles  Data Stewards  Information Governance Professionals  Project Managers  Business Analysts  Business Process Engineers  Information Analysts  Information Security Officers and Privacy Officers  Information Technology Auditors  Compliance or Information Officers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.