April 2014
Intermediate to advanced
464 pages
14h 46m
English
Content preview from Information Governance: Concepts, Strategies, and Best Practices
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
CHAPTER 4
Information Risk Planning and Management
Information risk planning involves a number of progressive steps: identifying potential risks to information, weighing those risks, creating strategic plans to mitigate the risks, and developing those plans into specific policies. Then it moves to developing metrics to measure compliance levels and identifying those who are accountable for executing the new risk mitigating processes. These processes must be audited and tested periodically not only to ensure compliance, but also to fine tune and improve the processes.
Depending on the jurisdiction, information is required by specific laws and regulations to be retained for specified periods, and to be produced in specified situations. To determine which laws and regulations apply to your organization's information, research into the legal and regulatory requirements for information in the jurisdictions in which your organization operates must be conducted.
Step 1: Survey and Determine Legal and Regulatory Applicability and Requirements
There are federal, provincial, state, and even municipal laws and regulations that may apply to the retention of information (data, documents, and records). Organizations operating in multiple jurisdictions must maintain compliance with laws and regulations that may cross national, state, or provincial boundaries. Legally required privacy requirements and retention periods must be researched for each jurisdiction (e.g. county, state, country) in ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.