Information Governance: Concepts, Strategies and Best Practices (Wiley CIO)

Information Governance: Concepts, Strategies and Best Practices (Wiley CIO)

By: Robert F. Smallwood (author)Hardback

Only 1 in stock

£58.50 RRP £65.00  You save £6.50 (10%) With FREE Saver Delivery


Proven and emerging strategies for addressing document and records management risk within the framework of information governance principles and best practices Information Governance (IG) is a rapidly emerging "super discipline" and is now being applied to electronic document and records management, email, social media, cloud computing, mobile computing, and, in fact, the management and output of information organization-wide. IG leverages information technologies to enforce policies, procedures and controls to manage information risk in compliance with legal and litigation demands, external regulatory requirements, and internal governance objectives. Information Governance: Concepts, Strategies, and Best Practices reveals how, and why, to utilize IG and leverage information technologies to control, monitor, and enforce information access and security policies. * Written by one of the most recognized and published experts on information governance, including specialization in e-document security and electronic records management * Provides big picture guidance on the imperative for information governance and best practice guidance on electronic document and records management * Crucial advice and insights for compliance and risk managers, operations managers, corporate counsel, corporate records managers, legal administrators, information technology managers, archivists, knowledge managers, and information governance professionals IG sets the policies that control and manage the use of organizational information, including social media, mobile computing, cloud computing, email, instant messaging, and the use of e-documents and records. This extends to e-discovery planning and preparation. Information Governance: Concepts, Strategies, and Best Practices provides step-by-step guidance for developing information governance strategies and practices to manage risk in the use of electronic business documents and records.

About Author

ROBERT F. SMALLWOOD is Partner and Executive Director of the Information Governance Institute at IMERGE Consulting. Mr. Smallwood is a widely recognized and published authority in IG, with special expertise in e-records management and e-document security. He has been quoted in the Wall Street Journal, Washington Post, New York Times, and appeared on C-SPAN, BBC, and a number of network news programs. Go to for IG education options.


PREFACE xv ACKNOWLEDGMENTS xvii PART ONE Information Governance Concepts, Definitions, and Principles 1 CHAPTER 1 The Onslaught of Big Data and the Information Governance Imperative 3 Defining Information Governance 5 IG Is Not a Project, But an Ongoing Program 7 Why IG Is Good Business 7 Failures in Information Governance 8 Form IG Policies, Then Apply Technology for Enforcement 10 Notes 12 CHAPTER 2 Information Governance, IT Governance, Data Governance: What s the Difference? 15 Data Governance 15 IT Governance 17 Information Governance 20 Impact of a Successful IG Program 20 Summing Up the Differences 21 Notes 22 CHAPTER 3 Information Governance Principles 25 Accountability Is Key 27 Generally Accepted Recordkeeping Principles(R) 27 Contributed by Charmaine Brooks, CRM Assessment and Improvement Roadmap 34 Who Should Determine IG Policies? 35 Notes 38 PART TWO Information Governance Risk Assessment and Strategic Planning 41 CHAPTER 4 Information Risk Planning and Management 43 Step 1: Survey and Determine Legal and Regulatory Applicability and Requirements 43 Step 2: Specify IG Requirements to Achieve Compliance 46 Step 3: Create a Risk Profi le 46 Step 4: Perform Risk Analysis and Assessment 48 Step 5: Develop an Information Risk Mitigation Plan 49 Step 6: Develop Metrics and Measure Results 50 Step 7: Execute Your Risk Mitigation Plan 50 Step 8: Audit the Information Risk Mitigation Program 51 Notes 51 CHAPTER 5 Strategic Planning and Best Practices for Information Governance 53 Crucial Executive Sponsor Role 54 Evolving Role of the Executive Sponsor 55 Building Your IG Team 56 Assigning IG Team Roles and Responsibilities 56 Align Your IG Plan with Organizational Strategic Plans 57 Survey and Evaluate External Factors 58 Formulating the IG Strategic Plan 65 Notes 69 CHAPTER 6 Information Governance Policy Development 71 A Brief Review of Generally Accepted Recordkeeping Principles(R) 71 IG Reference Model 72 Best Practices Considerations 75 Standards Considerations 76 Benefits and Risks of Standards 76 Key Standards Relevant to IG Efforts 77 Major National and Regional ERM Standards 81 Making Your Best Practices and Standards Selections to Inform Your IG Framework 87 Roles and Responsibilities 88 Program Communications and Training 89 Program Controls, Monitoring, Auditing and Enforcement 89 Notes 91 PART THREE Information Governance Key Impact Areas Based on the IG Reference Model 95 CHAPTER 7 Business Considerations for a Successful IG Program 97 By Barclay T. Blair Changing Information Environment 97 Calculating Information Costs 99 Big Data Opportunities and Challenges 100 Full Cost Accounting for Information 101 Calculating the Cost of Owning Unstructured Information 102 The Path to Information Value 105 Challenging the Culture 107 New Information Models 107 Future State: What Will the IG-Enabled Organization Look Like? 110 Moving Forward 111 Notes 113 CHAPTER 8 Information Governance and Legal Functions 115 By Robert Smallwood with Randy Kahn, Esq., and Barry Murphy Introduction to e-Discovery: The Revised 2006 Federal Rules of Civil Procedure Changed Everything 115 Big Data Impact 117 More Details on the Revised FRCP Rules 117 Landmark E-Discovery Case: Zubulake v. UBS Warburg 119 E-Discovery Techniques 119 E-Discovery Reference Model 119 The Intersection of IG and E-Discovery 122 By Barry Murphy Building on Legal Hold Programs to Launch Defensible Disposition 125 By Barry Murphy Destructive Retention of E-Mail 126 Newer Technologies That Can Assist in E-Discovery 126 Defensible Disposal: The Only Real Way To Manage Terabytes and Petabytes 130 By Randy Kahn, Esq. Retention Policies and Schedules 137 By Robert Smallwood, edited by Paula Lederman, MLS Notes 144 CHAPTER 9 Information Governance and Records and Information Management Functions 147 Records Management Business Rationale 149 Why Is Records Management So Challenging? 150 Benefi ts of Electronic Records Management 152 Additional Intangible Benefi ts 153 Inventorying E-Records 154 Generally Accepted Recordkeeping Principles(R) 155 E-Records Inventory Challenges 155 Records Inventory Purposes 156 Records Inventorying Steps 157 Ensuring Adoption and Compliance of RM Policy 168 General Principles of a Retention Scheduling 169 Developing a Records Retention Schedule 170 Why Are Retention Schedules Needed? 171 What Records Do You Have to Schedule? Inventory and Classification 173 Rationale for Records Groupings 174 Records Series Identification and Classification 174 Retention of E-Mail Records 175 How Long Should You Keep Old E-Mails? 176 Destructive Retention of E-Mail 177 Legal Requirements and Compliance Research 178 Event-Based Retention Scheduling for Disposition of E-Records 179 Prerequisites for Event-Based Disposition 180 Final Disposition and Closure Criteria 181 Retaining Transitory Records 182 Implementation of the Retention Schedule and Disposal of Records 182 Ongoing Maintenance of the Retention Schedule 183 Audit to Manage Compliance with the Retention Schedule 183 Notes 186 CHAPTER 10 Information Governance and Information Technology Functions 189 Data Governance 191 Steps to Governing Data Effectively 192 Data Governance Framework 193 Information Management 194 IT Governance 196 IG Best Practices for Database Security and Compliance 202 Tying It All Together 204 Notes 205 CHAPTER 11 Information Governance and Privacy and Security Functions 207 Cyberattacks Proliferate 207 Insider Threat: Malicious or Not 208 Privacy Laws 210 Defense in Depth 212 Controlling Access Using Identity Access Management 212 Enforcing IG: Protect Files with Rules and Permissions 213 Challenge of Securing Confi dential E-Documents 213 Apply Better Technology for Better Enforcement in the Extended Enterprise 215 E-Mail Encryption 217 Secure Communications Using Record-Free E-Mail 217 Digital Signatures 218 Document Encryption 219 Data Loss Prevention (DLP) Technology 220 Missing Piece: Information Rights Management (IRM) 222 Embedded Protection 226 Hybrid Approach: Combining DLP and IRM Technologies 227 Securing Trade Secrets after Layoffs and Terminations 228 Persistently Protecting Blueprints and CAD Documents 228 Securing Internal Price Lists 229 Approaches for Securing Data Once It Leaves the Organization 230 Document Labeling 231 Document Analytics 232 Confidential Stream Messaging 233 Notes 236 PART FOUR Information Governance for Delivery Platforms 239 CHAPTER 12 Information Governance for E-Mail and Instant Messaging 241 Employees Regularly Expose Organizations to E-Mail Risk 242 E-Mail Polices Should Be Realistic and Technology Agnostic 243 E-Record Retention: Fundamentally a Legal Issue 243 Preserve E-Mail Integrity and Admissibility with Automatic Archiving 244 Instant Messaging 247 Best Practices for Business IM Use 247 Technology to Monitor IM 249 Tips for Safer IM 249 Notes 251 CHAPTER 13 Information Governance for Social Media 253 By Patricia Franks, Ph.D, CRM, and Robert Smallwood Types of Social Media in Web 2.0 253 Additional Social Media Categories 255 Social Media in the Enterprise 256 Key Ways Social Media Is Different from E-Mail and Instant Messaging 257 Biggest Risks of Social Media 257 Legal Risks of Social Media Posts 259 Tools to Archive Social Media 261 IG Considerations for Social Media 262 Key Social Media Policy Guidelines 263 Records Management and Litigation Considerations for Social Media 264 Emerging Best Practices for Managing Social Media Records 267 Notes 269 CHAPTER 14 Information Governance for Mobile Devices 271 Current Trends in Mobile Computing 273 Security Risks of Mobile Computing 274 Securing Mobile Data 274 Mobile Device Management 275 IG for Mobile Computing 276 Building Security into Mobile Applications 277 Best Practices to Secure Mobile Applications 280 Developing Mobile Device Policies 281 Notes 283 CHAPTER 15 Information Governance for Cloud Computing 285 By Monica Crocker CRM, PMP, CIP, and Robert Smallwood Defining Cloud Computing 286 Key Characteristics of Cloud Computing 287 What Cloud Computing Really Means 288 Cloud Deployment Models 289 Security Threats with Cloud Computing 290 Benefits of the Cloud 298 Managing Documents and Records in the Cloud 299 IG Guidelines for Cloud Computing Solutions 300 Notes 301 CHAPTER 16 SharePoint Information Governance 303 By Monica Crocker, CRM, PMP, CIP, edited by Robert Smallwood Process Change, People Change 304 Where to Begin the Planning Process 306 Policy Considerations 310 Roles and Responsibilities 311 Establish Processes 312 Training Plan 313 Communication Plan 313 Note 314 PART FIVE Long-Term Program Issues 315 CHAPTER 17 Long-Term Digital Preservation 317 By Charles M. Dollar and Lori J. Ashley Defi ning Long-Term Digital Preservation 317 Key Factors in Long-Term Digital Preservation 318 Threats to Preserving Records 320 Digital Preservation Standards 321 PREMIS Preservation Metadata Standard 328 Recommended Open Standard Technology-Neutral Formats 329 Digital Preservation Requirements 333 Long-Term Digital Preservation Capability Maturity Model(R) 334 Scope of the Capability Maturity Model 336 Digital Preservation Capability Performance Metrics 341 Digital Preservation Strategies and Techniques 341 Evolving Marketplace 344 Looking Forward 344 Notes 346 CHAPTER 18 Maintaining an Information Governance Program and Culture of Compliance 349 Monitoring and Accountability 349 Staffing Continuity Plan 350 Continuous Process Improvement 351 Why Continuous Improvement Is Needed 351 Notes 353 APPENDIX A Information Organization and Classification: Taxonomies and Metadata 355 By Barb Blackburn, CRM, with Robert Smallwood; edited by Seth Earley Importance of Navigation and Classification 357 When Is a New Taxonomy Needed? 358 Taxonomies Improve Search Results 358 Metadata and Taxonomy 359 Metadata Governance, Standards, and Strategies 360 Types of Metadata 362 Core Metadata Issues 363 International Metadata Standards and Guidance 364 Records Grouping Rationale 368 Business Classification Scheme, File Plans, and Taxonomy 368 Classification and Taxonomy 369 Prebuilt versus Custom Taxonomies 370 Thesaurus Use in Taxonomies 371 Taxonomy Types 371 Business Process Analysis 377 Taxonomy Testing: A Necessary Step 379 Taxonomy Maintenance 380 Social Tagging and Folksonomies 381 Notes 383 APPENDIX B Laws and Major Regulations Related to Records Management 385 United States 385 Canada 387 By Ken Chasse, J.D., LL.M. United Kingdom 389 Australia 391 Notes 394 APPENDIX C Laws and Major Regulations Related to Privacy 397 United States 397 Major Privacy Laws Worldwide, by Country 398 Notes 400 GLOSSARY 401 ABOUT THE AUTHOR 417 ABOUT THE MAJOR CONTRIBUTORS 419 INDEX 421

Product Details

  • ISBN13: 9781118218303
  • Format: Hardback
  • Number Of Pages: 464
  • ID: 9781118218303
  • weight: 1
  • ISBN10: 1118218302

Delivery Information

  • Saver Delivery: Yes
  • 1st Class Delivery: Yes
  • Courier Delivery: Yes
  • Store Delivery: Yes

Prices are for internet purchases only. Prices and availability in WHSmith Stores may vary significantly