Skip Ribbon Commands
Skip to main content

Information Governance is a Risk Management Function

27/05/2019


Good information governance practices add value across so many risk reduction vectors that it’s no longer possible for smart organizations to ignore. Success in the growing global economy – where data crosses borders, litigation and investigations cross jurisdictions and corporate information is under frequent threat of data breaches and targeted hacks – will require more information governance to ensure organizations make the best business decisions possible.

Open to Information, Open to Threats

The growing variety of information sources and increased velocity and volume of data flowing within organizations has required firms to enable their information systems to handle the influx of data. But it’s important to consider the trade-off: Opening systems to a larger number of entry points exposes greater risks and makes security the weak link.

Increasingly Sophisticated Breach Tactics

Data breaches are on the rise, especially with the leak of the NSA hacking tools. This makes more organizations susceptible to security threats, which we’ve recently witnessed with the WannaCry and Petya virus attacks. Not only do organizations need to improve their perimeter security, but also that of their internal data – including redundancy, archives and backup.

Data Privacy a Growing Concern

Data privacy is a historically overlooked component of information governance. However, organizations need to be more diligent about incorporating privacy into the their information security and governance processes – especially with breaches growing and new legislation being enacted around the globe. News reports are increasingly focused on the violation of personal privacy as a result of these reported attacks, but the organization’s reputational risk is not the only concern. Data privacy also affects the interests of customers, employees and other stakeholders.

The European Union's General Data Protection Regulation (GDPR) – currently the world’s most comprehensive privacy regulation – took effect in May 2018. With potential impacts to organizations anywhere in the world who collect and store information on EU citizens, the GDPR is forcing organizations to look at data privacy in a new light. Anyone without a solid information governance framework will struggle to comply with the GDPR, increasing their risk.

Clients are Watching Your Next Move

Robust information governance frameworks (including data privacy) are necessary to compete in the global marketplace and to ensure appropriate protection for clients and customer data. How does your organization stack up?

Tomorrow’s technology is shaping business today. To learn more about how MNP can help you optimize your information management practices to reduce cyber security risks, contact John Desborough, Director Consulting and Technology Solutions at [email protected]