book

Information Governance: Concepts, Strategies, and Best Practices

by Robert F. Smallwood

April 2014

Intermediate to advanced

464 pages

14h 46m

English

Wiley

Read now

Unlock full access

Defining Information GovernanceIG Is Not a Project, But an Ongoing ProgramWhy IG Is Good BusinessFailures in Information GovernanceForm IG Policies, Then Apply Technology for EnforcementNotes
Data GovernanceIT GovernanceInformation GovernanceImpact of a Successful IG ProgramSumming Up the DifferencesNotes

Accountability Is KeyGenerally Accepted Recordkeeping Principles®Assessment and Improvement RoadmapWho Should Determine IG Policies?Notes
Step 1: Survey and Determine Legal and Regulatory Applicability and RequirementsStep 2: Specify IG Requirements to Achieve ComplianceStep 3: Create a Risk ProfileStep 4: Perform Risk Analysis and AssessmentStep 5: Develop an Information Risk Mitigation PlanStep 6: Develop Metrics and Measure ResultsStep 7: Execute Your Risk Mitigation PlanStep 8: Audit the Information Risk Mitigation ProgramNotes
Crucial Executive Sponsor RoleEvolving Role of the Executive SponsorBuilding Your IG TeamAssigning IG Team Roles and ResponsibilitiesAlign Your IG Plan with Organizational Strategic PlansSurvey and Evaluate External FactorsFormulating the IG Strategic PlanNotes
A Brief Review of Generally Accepted Recordkeeping Principles®IG Reference ModelBest Practices ConsiderationsStandards ConsiderationsBenefits and Risks of StandardsKey Standards Relevant to IG EffortsMajor National and Regional ERM StandardsMaking Your Best Practices and Standards Selections to Inform Your IG FrameworkRoles and ResponsibilitiesProgram Communications and TrainingProgram Controls, Monitoring, Auditing, and EnforcementNotes
Changing Information EnvironmentCalculating Information CostsBig Data Opportunities and ChallengesFull Cost Accounting for InformationCalculating the Cost of Owning Unstructured InformationThe Path to Information ValueChallenging the CultureNew Information ModelsFuture State: What Will the IG-Enabled Organization Look Like?Moving ForwardNotes
Introduction to e-Discovery: The Revised 2006 Federal Rules of Civil Procedure Changed EverythingBig Data ImpactMore Details on the Revised FRCP RulesLandmark E-Discovery Case: Zubulake v. UBS WarburgE-Discovery TechniquesE-Discovery Reference ModelThe Intersection of IG and E-DiscoveryBuilding on Legal Hold Programs to Launch Defensible DispositionDestructive Retention of E-mailNewer Technologies That Can Assist in E-DiscoveryDefensible Disposal: The Only Real Way To Manage Terabytes and PetabytesRetention Policies and SchedulesNotes
Records Management Business RationaleWhy Is Records Management So Challenging?Benefits of Electronic Records ManagementAdditional Intangible BenefitsInventorying E-RecordsGenerally Accepted Recordkeeping Principles ®E-Records Inventory ChallengesRecords Inventory PurposesRecords Inventorying StepsEnsuring Adoption and Compliance of RM PolicyGeneral Principles of a Retention SchedulingDeveloping a Records Retention ScheduleWhy Are Retention Schedules Needed?What Records Do You Have to Schedule? Inventory and ClassificationRationale for Records GroupingsRecords Series Identification and ClassificationRetention of E-Mail RecordsHow Long Should You Keep Old E-Mails?Destructive Retention of E-MailLegal Requirements and Compliance ResearchEvent-Based Retention Scheduling for Disposition of E-RecordsPrerequisites for Event-Based DispositionFinal Disposition and Closure CriteriaRetaining Transitory RecordsImplementation of the Retention Schedule and Disposal of RecordsOngoing Maintenance of the Retention ScheduleAudit to Manage Compliance with the Retention ScheduleNotes
Data GovernanceSteps to Governing Data EffectivelyData Governance FrameworkInformation ManagementIT GovernanceIG Best Practices for Database Security and ComplianceTying It All TogetherNotes
Cyberattacks ProliferateInsider Threat: Malicious or NotPrivacy LawsDefense in DepthControlling Access Using Identity Access ManagementEnforcing IG: Protect Files with Rules and PermissionsChallenge of Securing Confidential E-DocumentsApply Better Technology for Better Enforcement in the Extended EnterpriseE-Mail EncryptionSecure Communications Using Record-Free E-MailDigital SignaturesDocument EncryptionData Loss Prevention (DLP) TechnologyMissing Piece: Information Rights Management (IRM)Embedded ProtectionHybrid Approach: Combining DLP and IRM TechnologiesSecuring Trade Secrets after Layoffs and TerminationsPersistently Protecting Blueprints and CAD DocumentsSecuring Internal Price ListsApproaches for Securing Data Once It Leaves the OrganizationDocument LabelingDocument AnalyticsConfidential Stream MessagingNotes
Employees Regularly Expose Organizations to E-Mail RiskE-Mail Polices Should Be Realistic and Technology AgnosticE-Record Retention: Fundamentally a Legal IssuePreserve E-Mail Integrity and Admissibility with Automatic ArchivingInstant MessagingBest Practices for Business IM UseTechnology to Monitor IMTips for Safer IMNotes
Types of Social Media in Web 2.0Additional Social Media CategoriesSocial Media in the EnterpriseKey Ways Social Media Is Different from E-Mail and Instant MessagingBiggest Risks of Social MediaLegal Risks of Social Media PostsTools to Archive Social MediaIG Considerations for Social MediaKey Social Media Policy GuidelinesRecords Management and Litigation Considerations for Social MediaEmerging Best Practices for Managing Social Media RecordsNotes
Current Trends in Mobile ComputingSecurity Risks of Mobile ComputingSecuring Mobile DataMobile Device ManagementIG for Mobile ComputingBuilding Security into Mobile ApplicationsBest Practices to Secure Mobile ApplicationsDeveloping Mobile Device PoliciesNotes
Defining Cloud ComputingKey Characteristics of Cloud ComputingWhat Cloud Computing Really MeansCloud Deployment ModelsSecurity Threats with Cloud ComputingBenefits of the CloudManaging Documents and Records in the CloudIG Guidelines for Cloud Computing SolutionsNotes
Process Change, People ChangeWhere to Begin the Planning ProcessPolicy ConsiderationsRoles and ResponsibilitiesEstablish ProcessesTraining PlanCommunication PlanNote
Defining Long-Term Digital PreservationKey Factors in Long-Term Digital PreservationThreats to Preserving RecordsDigital Preservation StandardsPREMIS Preservation Metadata StandardRecommended Open Standard Technology-Neutral FormatsDigital Preservation RequirementsLong-Term Digital Preservation Capability Maturity Model ®Scope of the Capability Maturity ModelDigital Preservation Capability Performance MetricsDigital Preservation Strategies and TechniquesEvolving MarketplaceLooking ForwardNotes
Monitoring and AccountabilityStaffing Continuity PlanContinuous Process ImprovementWhy Continuous Improvement Is NeededNotes
Importance of Navigation and ClassificationWhen Is a New Taxonomy Needed?Taxonomies Improve Search ResultsMetadata and TaxonomyMetadata Governance, Standards, and StrategiesTypes of MetadataCore Metadata IssuesInternational Metadata Standards and GuidanceRecords Grouping RationaleBusiness Classification Scheme, File Plans, and TaxonomyClassification and TaxonomyPrebuilt versus Custom TaxonomiesThesaurus Use in TaxonomiesTaxonomy TypesBusiness Process AnalysisTaxonomy Testing: A Necessary StepTaxonomy MaintenanceSocial Tagging and FolksonomiesNotes
United StatesCanadaUnited KingdomAustraliaNotes
United StatesMajor Privacy Laws Worldwide, by CountryNotes
Notes

Overview

Proven and emerging strategies for addressing document and records management risk within the framework of information governance principles and best practices

Information Governance (IG) is a rapidly emerging "super discipline" and is now being applied to electronic document and records management, email, social media, cloud computing, mobile computing, and, in fact, the management and output of information organization-wide. IG leverages information technologies to enforce policies, procedures and controls to manage information risk in compliance with legal and litigation demands, external regulatory requirements, and internal governance objectives. Information Governance: Concepts, Strategies, and Best Practices reveals how, and why, to utilize IG and leverage information technologies to control, monitor, and enforce information access and security policies.

Written by one of the most recognized and published experts on information governance, including specialization in e-document security and electronic records management
Provides big picture guidance on the imperative for information governance and best practice guidance on electronic document and records management
Crucial advice and insights for compliance and risk managers, operations managers, corporate counsel, corporate records managers, legal administrators, information technology managers, archivists, knowledge managers, and information governance professionals

IG sets the policies that control and manage the use of organizational information, including social media, mobile computing, cloud computing, email, instant messaging, and the use of e-documents and records. This extends to e-discovery planning and preparation. Information Governance: Concepts, Strategies, and Best Practices provides step-by-step guidance for developing information governance strategies and practices to manage risk in the use of electronic business documents and records.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 9781118218303Purchase book

Information Governance: Concepts, Strategies, and Best Practices

by Robert F. Smallwood

Overview

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Information Governance, 2nd Edition

Corporate Governance Matters, 3rd Edition

Information Governance Principles and Practices for a Big Data Landscape

Information Assurance Handbook: Effective Computer Security and Risk Management Strategies

Publisher Resources

Overview

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,and much more.

You might also like

Information Governance, 2nd Edition

Corporate Governance Matters, 3rd Edition

Information Governance Principles and Practices for a Big Data Landscape

Information Assurance Handbook: Effective Computer Security and Risk Management Strategies

Publisher Resources

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.