A Corporate Librarian’s Guide to Information Governance and Data Privacy


Book Description

With the expansion of technology and governance, the information governance industry has experienced dramatic and often, sudden changes. Among the most important shifts are the proliferation of data privacy rules and regulations, the exponential growth of data and the need for removing redundant, obsolete, and trivial information and the growing threat of litigation and regulatory fines based on a failure to properly keep records and manage data. At the same time, longstanding information governance standards and best practices exist, which transcend the sudden vicissitudes of the day. This volume focuses on these core IG principles, with an emphasis on how they apply to our target audience, which includes law librarians, legal and research staff and other individuals and departments in both the public and private sectors who engage deeply with regulatory compliance matters. Core topics that will be addressed include: the importance of implementing and maintaining cohesive records management workflows that implement the classic principles of capturing, checking, recording, consolidation, and review; the classic records management principles of Accountability, Transparency, Integrity, Protection, Compliance, Accessibility, Retention and Disposition; and archives Management and the two principles of Providence and Original Order.




A Government Librarian’s Guide to Information Governance and Data Privacy


Book Description

This book provides a concise and usable overview of the practical implications of important public sector United States federal, state, and municipal laws and standards related to information governance, as they pertain to librarians, research staff, universities, corporate regulatory managers, and public-sector information governance professionals. It is the first in a series of two volumes addressing public sector information governance compliance matters from the perspective of our target audience. Topics addressed in the book include: the evolving role of librarians and the need for librarians and legal researchers to understand the principles of information governance, the importance of broad-based regulatory IG principles such as the Federal Records Act, the Paperwork Reduction Act of 1980 and 36 CFR Chapter XII, Subchapter B – Records Management, that have been promulgated by various federal government agencies in framing public-sector IG principles, a survey of interpretive surveys from the Office of Management and Budget (OMB) that further elucidate the core IG principles applicable to public sector stakeholders, case studies detailing the application of important IG principles by federal agencies and bodies, and a survey of important IG issues facing state and local governments.




A Librarian's Guide to ISO Standards for Information Governance, Privacy, and Security


Book Description

This book was written to demystify critical standards related to information security, records management privacy information management for the modern librarian and archival professional. In the digital age, librarians and archival professionals play a crucial role in safeguarding the world's knowledge. A Librarian's Guide to ISO Standards for Information Governance, Privacy, and Security is a curated resource for librarians, presenting core ISO standards related to information governance, data privacy, and security. The book provides detailed summaries of these standards, along with case studies and advice on applying them in the modern digital age. It empowers library staff and patrons to prioritize data security and privacy, ensuring trust and confidentiality in their services. The purpose is to demystify critical standards related to information security, records management privacy information management for the modern librarian and archival professional. Inside, you will find detailed summaries of the core ISO standards, descriptions, and case studies illustrating how these standards can apply to librarians in the modern digital age, advice on how to cultivate a culture of data security, and privacy awareness among library staff and patrons.




Stop Harming Customers


Book Description

Since the year 2000, banks have been fined almost a third of a trillion dollars. Yet, every year billions more are imposed. Why? This book explains why banks break the law (it’s not just the money), explains the challenges facing Compliance functions, considers that the majority of financiers don’t want to do wrong, and puts forth a proposal to stop banks from harming customers. The lessons in this book are applicable to any business where profit motives can conflict with customer benefit–in short, every business. (And if you’re interested in cryptocurrency, this book’s for you too!)




Mobilizing the C-Suite


Book Description

Cyberattacks are more destructive than ever, but your C-suite can stop them. This book tells you how. Cyberattacks are worse now than ever before. To defeat cybercriminals, companies must focus on the low-hanging fruits of cybersecurity. It’s all about the basics. Companies laid low by ransomware failed to practice good cyber hygiene by recklessly allowing weak or reused passwords, not turning on multifactor authentication, or neglecting to install patches to known software vulnerabilities. Adding insult to grievous injury, many companies failed to mitigate cyber doom by not encrypting their devices, not implementing a data backup plan, or the mother of all blunders, not training their workforce on basic cyber hygiene. Worse still, hidden risks abound for the unwary. A devastating cyberattack is just moments away when C-suite leaders close their eyes to the hazards of shadow IT, data offshoring, mobile devices, and social media. Mobilizing the C-suite: Waging War Against Cyberattacks was written to galvanize C-suite leaders into deploying the basic cybersecurity controls vital to defeating cyberattacks, and to support frontline cybersecurity professionals with companywide cyber hygiene training. Most importantly, the book was written to introduce real-world cybersecurity principles to college students—if our future generation of company leaders enter the C-suite with cyber-savvy, then destructive cyberattacks are not a foregone conclusion.




Enhanced Enterprise Risk Management


Book Description

The performance and survival of a business in a global economy depends on understanding and managing the risks–external and those embedded within its operations. It is vital to identify and prioritize significant risks and detect the weakest points. Adding other elements to an essential ERM program, such as PESTEL and Porter’s 5 forces, treatment plans, scorecards, the three lines of defense (3LoD) components, and process improvements (six sigma, 8D, etc.) significantly increases the ERM success rate. The authors outline a comprehensive strategy to designing and implementing a robust and successful ERM program – and not just successful in implementation but also yielding enormous returns for the organizations that implemented this enhanced ERM program.




Data Governance: The Definitive Guide


Book Description

As your company moves data to the cloud, you need to consider a comprehensive approach to data governance, along with well-defined and agreed-upon policies to ensure you meet compliance. Data governance incorporates the ways that people, processes, and technology work together to support business efficiency. With this practical guide, chief information, data, and security officers will learn how to effectively implement and scale data governance throughout their organizations. You'll explore how to create a strategy and tooling to support the democratization of data and governance principles. Through good data governance, you can inspire customer trust, enable your organization to extract more value from data, and generate more-competitive offerings and improvements in customer experience. This book shows you how. Enable auditable legal and regulatory compliance with defined and agreed-upon data policies Employ better risk management Establish control and maintain visibility into your company's data assets, providing a competitive advantage Drive top-line revenue and cost savings when developing new products and services Implement your organization's people, processes, and tools to operationalize data trustworthiness.




Information Law


Book Description

Library, information and knowledge professionals are often at the front line of managing and monitoring their organisation’s legal compliance and have roles and responsibilities in both complying with the law and taking advantage of its provisions. To do their jobs effectively, they need not only to understand the law, but also to develop the skills, confidence and organisational policy frameworks to apply the law’s principles to their context of use. They need the knowledge and skills to help them decide what is acceptable and to develop appropriate risk aware approaches when things are not clear-cut. Information Law: Compliance for librarians, information professionals and knowledge managers provides an overview of important information law issues along with tools and guidance to help readers establish a framework so that their organisation can both comply with its legal responsibilities and support a suitably risk aware environment which optimises access and use. Based on the authors’ many years in professional practice and on their proven ‘Compliance Methodology’, it will help readers understand the legal issues that are central to the information they hold or that they wish to access.




A Practitioner's Guide to Data Governance


Book Description

Data governance looks simple on paper, but in reality it is a complex issue facing organizations. In this practical guide, data experts Uma Gupta and San Cannon look to demystify data governance through pragmatic advice based on real-world experience and cutting-edge academic research.




IBM Information Governance Solutions


Book Description

Managing information within the enterprise has always been a vital and important task to support the day-to-day business operations and to enable analysis of that data for decision making to better manage and grow the business for improved profitability. To do all that, clearly the data must be accurate and organized so it is accessible and understandable to all who need it. That task has grown in importance as the volume of enterprise data has been growing significantly (analyst estimates of 40 - 50% growth per year are not uncommon) over the years. However, most of that data has been what we call "structured" data, which is the type that can fit neatly into rows and columns and be more easily analyzed. Now we are in the era of "big data." This significantly increases the volume of data available, but it is in a form called "unstructured" data. That is, data from sources that are not as easily organized, such as data from emails, spreadsheets, sensors, video, audio, and social media sites. There is valuable information in all that data but it calls for new processes to enable it to be analyzed. All this has brought with it a renewed and critical need to manage and organize that data with clarity of meaning, understandability, and interoperability. That is, you must be able to integrate this data when it is from within an enterprise but also importantly when it is from many different external sources. What is described here has been and is being done to varying extents. It is called "information governance." Governing this information however has proven to be challenging. But without governance, much of the data can be less useful and perhaps even used incorrectly, significantly impacting enterprise decision making. So we must also respect the needs for information security, consistency, and validity or else suffer the potential economic and legal consequences. Implementing sound governance practices needs to be an integral part of the information control in our organizations. This IBM® Redbooks® publication focuses on the building blocks of a solid governance program. It examines some familiar governance initiative scenarios, identifying how they underpin key governance initiatives, such as Master Data Management, Quality Management, Security and Privacy, and Information Lifecycle Management. IBM Information Management and Governance solutions provide a comprehensive suite to help organizations better understand and build their governance solutions. The book also identifies new and innovative approaches that are developed by IBM practice leaders that can help as you implement the foundation capabilities in your organizations.