Home Page Icon
Home Page
Table of Contents for
PART ONE: Information Governance Concepts, Definitions, and Principles
Close
PART ONE: Information Governance Concepts, Definitions, and Principles
by Robert F. Smallwood
Information Governance, 2nd Edition
COVER
PREFACE
ACKNOWLEDGMENTS
PART ONE: Information Governance Concepts, Definitions, and Principles
CHAPTER 1: The Information Governance Imperative
Early Development of IG
Big Data Impact
Defining Information Governance
IG Is Not a Project, But an Ongoing Program
Why IG Is Good Business
Failures in Information Governance
Form IG Policies, Then Apply Technology for Enforcement
Notes
CHAPTER 2: Information Governance, IT Governance, Data Governance: What's the Difference?
Data Governance
Data Governance Strategy Tips
IT Governance
IT Governance Frameworks
Information Governance
Impact of a Successful IG Program
Summing Up the Differences
Notes
CHAPTER 3: Information Governance Principles
The Sedona Conference® Commentary on Information Governance
Smallwood IG Principles
Accountability Is Key
Generally Accepted Recordkeeping Principles®
Assessment and Improvement Roadmap
Information Security Principles
Privacy Principles
Who Should Determine IG Policies?
Notes
PART TWO: Information Governance Risk Assessment and Strategic Planning
CHAPTER 4: Information Asset Risk Planning and Management
The Information Risk Planning Process
Create a Risk Profile
Information Risk Planning and Management Summary
Notes
CHAPTER 5: Strategic Planning and Best Practices for Information Governance
Crucial Executive Sponsor Role
Evolving Role of the Executive Sponsor
Building Your IG Team
Assigning IG Team Roles and Responsibilities
Align Your IG Plan with Organizational Strategic Plans
Survey and Evaluate External Factors
Formulating the IG Strategic Plan
Notes
CHAPTER 6: Information Governance Policy Development
The Sedona Conference IG Principles
A Brief Review of Generally Accepted Recordkeeping Principles®
IG Reference Model
Best Practices Considerations
Standards Considerations
Benefits and Risks of Standards
Key Standards Relevant to IG Efforts
Major National and Regional ERM Standards
Making Your Best Practices and Standards Selections to Inform Your IG Framework
Roles and Responsibilities
Program Communications and Training
Program Controls, Monitoring, Auditing, and Enforcement
Notes
PART THREE: Information Governance Key Impact Areas
CHAPTER 7: Information Governance for Business Units
Start with Business Objective Alignment
Which Business Units Are the Best Candidates to Pilot an IG Program?
What Is Infonomics?
How to Begin an IG Program
Business Considerations for an IG Program
Changing Information Environment
Calculating Information Costs
Big Data Opportunities and Challenges
Full Cost Accounting for Information
Calculating the Cost of Owning Unstructured Information
The Path to Information Value
Challenging the Culture
New Information Models
Future State: What Will the IG-Enabled Organization Look Like?
Moving Forward
Notes
CHAPTER 8: Information Governance and Legal Functions
Introduction to E-Discovery: The Revised 2006 and 2015 Federal Rules of Civil Procedure Changed Everything
Big Data Impact
More Details on the Revised FRCP Rules
Landmark E-Discovery Case: Zubulake v. UBS Warburg
E-Discovery Techniques
E-Discovery Reference Model
The Intersection of IG and E-Discovery
Building on Legal Hold Programs to Launch Defensible Disposition
Destructive Retention of E-Mail
Newer Technologies That Can Assist in E-Discovery
Defensible Disposal: The Only Real Way to Manage Terabytes and Petabytes
Notes
CHAPTER 9: Information Governance and Records and Information Management Functions
Records Management Business Rationale
Why Is Records Management So Challenging?
Benefits of Electronic Records Management
Additional Intangible Benefits
Inventorying E-Records
RM Intersection with Data Privacy Management
Generally Accepted Recordkeeping Principles®
E-Records Inventory Challenges
Records Inventory Purposes
Records Inventorying Steps
Appraising the Value of Records
Ensuring Adoption and Compliance of RM Policy
Sample Information Asset Survey Questions
General Principles of a Retention Scheduling
Developing a Records Retention Schedule
Why Are Retention Schedules Needed?
What Records Do You Have to Schedule? Inventory and Classification
Rationale for Records Groupings
Records Series Identification and Classification
Retention of E-Mail Records
How Long Should You Keep Old E-Mails?
Destructive Retention of E-Mail
Legal Requirements and Compliance Research
Event-Based Retention Scheduling for Disposition of E-Records
Prerequisites for Event-Based Disposition
Final Disposition and Closure Criteria
Retaining Transitory Records
Implementation of the Retention Schedule and Disposal of Records
Ongoing Maintenance of the Retention Schedule
Audit to Manage Compliance with the Retention Schedule
Notes
CHAPTER 10: Information Governance and Information Technology Functions
Data Governance
Steps to Governing Data Effectively
Data Governance Framework
Information Management
IT Governance
IG Best Practices for Database Security and Compliance
Tying It All Together
Notes
CHAPTER 11: Information Governance and Privacy and Security Functions
Information Privacy
Generally Accepted Privacy Principles
Fair Information Practices (FIPS)
OCED Privacy Principles
Madrid Resolution 2009
EU General Data Protection Regulation
GDPR: A Look at Its First Year
Privacy Programs
Privacy in the United States
Privacy Laws
Cybersecurity
Cyberattacks Proliferate
Insider Threat: Malicious or Not
Information Security Assessments and Awareness Training
Cybersecurity Considerations and Approaches
Defense in Depth
Controlling Access Using Identity Access Management
Enforcing IG: Protect Files with Rules and Permissions
Challenge of Securing Confidential E-Documents
Apply Better Technology for Better Enforcement in the Extended Enterprise
E-Mail Encryption
Secure Communications Using Record-Free E-Mail
Digital Signatures
Document Encryption
Data Loss Prevention (DLP) Technology
Missing Piece: Information Rights Management (IRM)
Embedded Protection
Hybrid Approach: Combining DLP and IRM Technologies
Securing Trade Secrets After Layoffs and Terminations
Persistently Protecting Blueprints and CAD Documents
Securing Internal Price Lists
Approaches for Securing Data Once It Leaves the Organization
Document Labeling
Document Analytics
Confidential Stream Messaging
Notes
PART FOUR: Information Governance for Delivery Platforms
CHAPTER 12: Information Governance for E-Mail and Instant Messaging
Employees Regularly Expose Organizations to E-Mail Risk
E-Mail Polices Should Be Realistic and Technology Agnostic
E-Record Retention: Fundamentally a Legal Issue
Preserve E-Mail Integrity and Admissibility with Automatic Archiving
Instant Messaging
Best Practices for Business IM Use
Technology to Monitor IM
Tips for Safer IM
Team and Channel Messaging Solutions Emerge
Notes
CHAPTER 13: Information Governance for Social Media
Types of Social Media in Web 2.0
Additional Social Media Categories
Social Media in the Enterprise
Key Ways Social Media Is Different from E-Mail and Instant Messaging
Biggest Risks of Social Media
Legal Risks of Social Media Posts
Tools to Archive Social Media
IG Considerations for Social Media
Key Social Media Policy Guidelines
Records Management and Litigation Considerations for Social Media
Emerging Best Practices for Managing Social Media Records
Notes
CHAPTER 14: Information Governance for Mobile Devices
Current Trends in Mobile Computing
Security Risks of Mobile Computing
Securing Mobile Data
Mobile Device Management (MDM)
IG for Mobile Computing
Building Security into Mobile Applications
Best Practices to Secure Mobile Applications
Developing Mobile Device Policies
Notes
CHAPTER 15: Information Governance for Cloud Computing
Defining Cloud Computing
Key Characteristics of Cloud Computing
What Cloud Computing Really Means
Cloud Deployment Models
Benefits of the Cloud
Security Threats with Cloud Computing
Managing Documents and Records in the Cloud
IG Guidelines for Cloud Computing Solutions
IG for SharePoint and Office365
Notes
CHAPTER 16: Leveraging and Governing Emerging Technologies
Data Analytics
Descriptive Analytics
Diagnostic Analytics
Predictive Analytics
Prescriptive Analytics
Which Type of Analytics Is Best?
Artificial Intelligence
The Role of Artificial Intelligence in IG
Blockchain: A New Approach with Clear Advantages
Breaking Down the Definition of Blockchain
The Internet of Things: IG Challenges
IoT as a System of Contracts
IoT Basic Risks and IG Issues
IoT E-Discovery Issues
Why IoT Trustworthiness Is a Journey and Not a Project
Governing the IoT Data
IoT Trustworthiness
Information Governance Versus IoT Trustworthiness
IoT Trustworthiness Journey
Conclusion
Notes
PART FIVE: Long-Term Program Issues
CHAPTER 17: Long-Term Digital Preservation
Defining Long-Term Digital Preservation
Key Factors in Long-Term Digital Preservation
Threats to Preserving Records
Digital Preservation Standards
PREMIS Preservation Metadata Standard
Recommended Open Standard Technology–Neutral Formats
Digital Preservation Requirements
Long-Term Digital Preservation Capability Maturity Model®
Scope of the Capability Maturity Model
Digital Preservation Capability Performance Metrics
Digital Preservation Strategies and Techniques
Evolving Marketplace
Looking Forward
Conclusion
Notes
CHAPTER 18: Maintaining an Information Governance Program and Culture of Compliance
Monitoring and Accountability
Change Management—Required
Continuous Process Improvement
Why Continuous Improvement Is Needed
Notes
APPENDIX A: Information Organization and Classification: Taxonomies and Metadata
Importance of Navigation and Classification
When Is a New Taxonomy Needed?
Taxonomies Improve Search Results
Metadata and Taxonomy
Metadata Governance, Standards, and Strategies
Types of Metadata
Core Metadata Issues
International Metadata Standards and Guidance
Records Grouping Rationale
Business Classification Scheme, File Plans, and Taxonomy
Classification and Taxonomy
Prebuilt Versus Custom Taxonomies
Thesaurus Use in Taxonomies
Taxonomy Types
Business Process Analysis
Taxonomy Testing: A Necessary Step
Taxonomy Maintenance
Social Tagging and Folksonomies
Endnotes
APPENDIX B: Laws and Major Regulations Related to Records Management
United States
Gramm-Leach-Bliley Act
Healthcare Insurance Portability and Accountability Act of 1996 (HIPAA)
PATRIOT Act (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001)
Sarbanes-Oxley Act (SOX)
SEC Rule 17A-4
CFR Title 47, Part 42—Telecommunications
CFR Title 21, Part 11—Pharmaceuticals
US Federal Authority on Archives and Records: National Archives and Records Administration (NARA)
US Code of Federal Regulations
Canada*
United Kingdom
Australia
Identifying Records Management Requirements in Other Legislation
Notes
APPENDIX C: Laws and Major Regulations Related to Privacy
United States
European Union General Data Protection Regulation (GDPR)
Major Privacy Laws Worldwide, by Country
Notes
GLOSSARY
Notes
ABOUT THE AUTHOR
ABOUT THE MAJOR CONTRIBUTORS
INDEX
END USER LICENSE AGREEMENT
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
ACKNOWLEDGMENTS
Next
Next Chapter
CHAPTER 1: The Information Governance Imperative
PART ONE
Information Governance Concepts, Definitions, and Principles
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset