Rating: 5 out of 5 stars
5/5
Ebook701 pages5 hours
Total Information Risk Management: Maximizing the Value of Data and Information Assets
Rating: 0 out of 5 stars
()
About this ebook
How well does your organization manage the risks associated with information quality? Managing information risk is becoming a top priority on the organizational agenda. The increasing sophistication of IT capabilities along with the constantly changing dynamics of global competition are forcing businesses to make use of their information more effectively. Information is becoming a core resource and asset for all organizations; however, it also brings many potential risks to an organization, from strategic, operational, financial, compliance, and environmental to societal. If you continue to struggle to understand and measure how information and its quality affects your business, this book is for you. This reference is in direct response to the new challenges that all managers have to face. Our process helps your organization to understand the "pain points" regarding poor data and information quality so you can concentrate on problems that have a high impact on core business objectives. This book provides you with all the fundamental concepts, guidelines and tools to ensure core business information is identified, protected and used effectively, and written in a language that is clear and easy to understand for non-technical managers.
- Shows how to manage information risk using a holistic approach by examining information from all sources
- Offers varied perspectives of an author team that brings together academics, practitioners and researchers (both technical and managerial) to provide a comprehensive guide
- Provides real-life case studies with practical insight into the management of information risk and offers a basis for broader discussion among managers and practitioners
Author
Alexander Borek
Dr. Alexander Borek is the inventor of Total Information Risk Management and the leading expert on how to apply risk management principles to data management. Dr. Borek is a frequent speaker at international information management conferences and author of many research articles covering a range of topics, including EIM, data quality, crowd sourcing and IT business value. In his current role at IBM, Dr. Borek applies data analytics to drive IBM’s world-wide corporate strategy. Previously, he led a team at the University of Cambridge to develop the TIRM process and test it in a number of different industries. He holds a Ph.D. in Engineering from the University of Cambridge.
Related to Total Information Risk Management
Related ebooks
Information Risk Management: A practitioner's guide We Need To Talk: 52 Weeks To Better Cyber-Security Rating: 0 out of 5 stars0 ratingsFISMA and the Risk Management Framework: The New Practice of Federal Cyber Security Rating: 0 out of 5 stars0 ratingsInformation Protection Playbook Rating: 0 out of 5 stars0 ratingsInformation Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance Rating: 5 out of 5 stars5/5Risk Management Framework: A Lab-Based Approach to Securing Information Systems Rating: 2 out of 5 stars2/5Secure Your Business: Insights to Governance, Risk, Compliance & Information Security Rating: 0 out of 5 stars0 ratingsIT Governance: Guidelines for Directors Rating: 0 out of 5 stars0 ratingsSecurity Risk Management: Building an Information Security Risk Management Program from the Ground Up Rating: 4 out of 5 stars4/5Fundamentals of Information Security Risk Management Auditing: An introduction for managers and auditors Rating: 5 out of 5 stars5/5Risk Management and Information Systems Control Rating: 5 out of 5 stars5/5Security Metrics Management: Measuring the Effectiveness and Efficiency of a Security Program Rating: 0 out of 5 stars0 ratingsData Risk Management Rating: 0 out of 5 stars0 ratingsThe Basics of IT Audit: Purposes, Processes, and Practical Information Rating: 4 out of 5 stars4/5Building an Effective Cybersecurity Program, 2nd Edition Rating: 0 out of 5 stars0 ratingsBusiness Continuity and Disaster Recovery Planning for IT Professionals Rating: 0 out of 5 stars0 ratingsData Governance: Governing data for sustainable business Rating: 0 out of 5 stars0 ratingsBecoming a Global Chief Security Executive Officer: A How to Guide for Next Generation Security Leaders Rating: 5 out of 5 stars5/5Security Leader Insights for Risk Management: Lessons and Strategies from Leading Security Professionals Rating: 0 out of 5 stars0 ratingsThe Manager’s Guide to Enterprise Security Risk Management: Essentials of Risk-Based Security Rating: 0 out of 5 stars0 ratingsBusiness Practical Security Rating: 0 out of 5 stars0 ratingsSelling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsInformation Security A Practical Guide: Bridging the gap between IT and management Rating: 5 out of 5 stars5/5Nine Steps to Success: North American edition: An ISO 27001 Implementation Overview Rating: 0 out of 5 stars0 ratingsManaging Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsISO IEC 27001 Lead Implementer A Complete Guide - 2020 Edition Rating: 0 out of 5 stars0 ratingsInformation Security Auditor: Careers in information security Rating: 0 out of 5 stars0 ratingsBusiness Continuity Management Systems: Implementation and certification to ISO 22301 Rating: 0 out of 5 stars0 ratingsBuilding a Practical Information Security Program Rating: 5 out of 5 stars5/5
Enterprise Applications For You
ChatGPT Ultimate User Guide - How to Make Money Online Faster and More Precise Using AI Technology Rating: 0 out of 5 stars0 ratingsCreating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5QuickBooks 2023 All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsBitcoin For Dummies Rating: 4 out of 5 stars4/5Excel : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Excel Programming: 1 Rating: 5 out of 5 stars5/5SharePoint 2016 For Dummies Rating: 5 out of 5 stars5/5Scrivener For Dummies Rating: 4 out of 5 stars4/5Excel Formulas and Functions 2020: Excel Academy, #1 Rating: 4 out of 5 stars4/550 Useful Excel Functions: Excel Essentials, #3 Rating: 5 out of 5 stars5/5Salesforce.com For Dummies Rating: 3 out of 5 stars3/5Systems Thinking: Managing Chaos and Complexity: A Platform for Designing Business Architecture Rating: 4 out of 5 stars4/5The New Email Revolution: Save Time, Make Money, and Write Emails People Actually Want to Read! Rating: 5 out of 5 stars5/5Excel 2019 For Dummies Rating: 3 out of 5 stars3/5QuickBooks 2024 All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsEnterprise AI For Dummies Rating: 3 out of 5 stars3/5Notion for Beginners: Notion for Work, Play, and Productivity Rating: 4 out of 5 stars4/5QuickBooks 2021 For Dummies Rating: 0 out of 5 stars0 ratingsMastering QuickBooks 2020: The ultimate guide to bookkeeping and QuickBooks Online Rating: 0 out of 5 stars0 ratingsExcel Formulas That Automate Tasks You No Longer Have Time For Rating: 5 out of 5 stars5/5Managing Humans: Biting and Humorous Tales of a Software Engineering Manager Rating: 4 out of 5 stars4/5Create Income through Self-Publishing: An Author's Approach on Generating Wealth by Self-Publishing Rating: 5 out of 5 stars5/5Zoom For Dummies Rating: 0 out of 5 stars0 ratings101 Ready-to-Use Excel Formulas Rating: 4 out of 5 stars4/5Excel 2016 For Dummies Rating: 4 out of 5 stars4/5
Related podcast episodes
How To Overcome Challenges Every DPO Faces 0% found this document usefulCISSP Training - Domain 1 - Lecture 1 0% found this document usefulWhy Discovering Your Niche Is Crucial To Career Success 0% found this document usefulNIST Cybersecurity Framework [Special Edition]: NIST Cybersecurity Framework 0% found this document usefulCISA’s Small Business Security Guidance and Listener Questions 0% found this document usefulCIPPE vs. CIPM - Which Certification Is More Likely To Get You A Good Job? 0% found this document usefulHow To Succeed With Privacy By Design 0% found this document usefulCyber Resiliency with Sounil Yu 0% found this document usefulData Governance for Data Science with Adam Wood - #578 0% found this document usefulThe Foolproof Way To Pass The CIPPE Exam In 2 Weeks 0% found this document useful66. The 4 core principles of crisis management, w/Ellen Kullman (DuPont, Carbon) 0% found this document useful
Related articles
The Need To Rethink Risk Governance The European Business ReviewArticle
The Need To Rethink Risk Governance
Jul 26, 2021
5 min read“DORA Is A Force For Good And Will Help Businesses To Make Better Decisions, Faster” PC Pro MagazineArticle
“DORA Is A Force For Good And Will Help Businesses To Make Better Decisions, Faster”
Apr 10, 2022
6 min readData Security Standards Linux FormatArticle
Data Security Standards
Aug 24, 2021
A lot of engineers like to rail against standards as pointless box-checking and in some cases they are. Especially when it comes to things like PCI-DSS. Fundamentally, any engineer can look at PCI-DSS and say honestly that it’s obvious, and that all
1 min readCyber Security IS A SHARED RESPONSIBILITY AT THE C-LEVEL Inc.Article
Cyber Security IS A SHARED RESPONSIBILITY AT THE C-LEVEL
Sep 21, 2016
Data breaches can have far-reaching repercussions; protecting against them is a companywide mandate
2 min readCyber Safe Facility ManagementArticle
Cyber Safe
Dec 23, 2018
4 min readAct, Don't React: A Leader's Guide to Cybersecurity Rotman ManagementArticle
Act, Don't React: A Leader's Guide to Cybersecurity
Sep 1, 2019
9 min readHow Do You Know You Are Okay? NZBusiness and ManagementArticle
How Do You Know You Are Okay?
May 27, 2019
2 min readLeadership Forum: Making Digital Transformation A Reality Rotman ManagementArticle
Leadership Forum: Making Digital Transformation A Reality
Jan 1, 2018
Glenda Crisp Senior Vice President and Chief Data Officer, TD Bank Group + Connie Bonello Associate Partner, Financial Services, IBM Canada IN MOST OF TODAY’S ORGANIZATIONS, data underpins every transaction, operation and interaction. And yet, the ab
8 min readStaying Relevant NewsweekArticle
Staying Relevant
Dec 24, 2021
7 min readWaking Up To Data Quality The European Business ReviewArticle
Waking Up To Data Quality
May 22, 2018
8 min readStaying Relevant Newsweek InternationalArticle
Staying Relevant
Dec 24, 2021
7 min readIntelligence Analysis PRIVATE GAME WILDLIFE RANCHINGArticle
Intelligence Analysis
Jun 13, 2018
3 min read“How Do You Launch A Product Without Alienating Or Damaging Your Customers?” PC Pro MagazineArticle
“How Do You Launch A Product Without Alienating Or Damaging Your Customers?”
Feb 10, 2022
6 min readGlobal Cybersecurity Guide For Directors NZBusiness and ManagementArticle
Global Cybersecurity Guide For Directors
Apr 25, 2021
Cybersecurity failure is a “clear and present danger” and critical global threat, yet responses from board directors have been fragmented, risks not fully understood and collaboration between industries limited, according to the World Economic Forum.
2 min readQ&A Rotman ManagementArticle
Q&A
May 1, 2023
Describe the capability that companies like Netflix, UPS, Amazon and Caesars Entertainment have in common. These are all leading firms in their industries with respect to leveraging analytics as a source of competitive advantage. We now have so much
7 min readSearching For Privacy NZ MarketingArticle
Searching For Privacy
Dec 8, 2021
6 min read“I Find Myself Incapable Of Moving Away From My Laptop As I Await Further Updates” PC Pro MagazineArticle
“I Find Myself Incapable Of Moving Away From My Laptop As I Await Further Updates”
Mar 9, 2023
It happened again. I was due to run a training course on international data transfers at the end of November 2022. I had prepared a pack of materials, and took great pride in my new case study, taking delegates through the process for a transfer risk
6 min readArnab PANDEY TechfastlyArticle
Arnab PANDEY
Apr 1, 2021
11 min readSignals Of Change: how To Evolve For The New Global Reality Rotman ManagementArticle
Signals Of Change: how To Evolve For The New Global Reality
May 1, 2022
11 min readWhy Are Leaders Trusting Their Gut Instinct Over Analytics? AND WHAT TO DO ABOUT IT NZBusiness and ManagementArticle
Why Are Leaders Trusting Their Gut Instinct Over Analytics? AND WHAT TO DO ABOUT IT
Mar 26, 2019
3 min readLeading in the Age of Disruption: Five Critical Skills Rotman ManagementArticle
Leading in the Age of Disruption: Five Critical Skills
Jan 1, 2022
10 min readRigor And Transparency As An Antidote To Politicization At EPA’s Integrated Risk Information System Union of Concerned ScientistsArticle
Rigor And Transparency As An Antidote To Politicization At EPA’s Integrated Risk Information System
Feb 2, 2018
5 min readAre You Prepared To Take The Risk? The European Business ReviewArticle
Are You Prepared To Take The Risk?
May 25, 2021
Risk is a fact of life for businesses of all kinds – large and small. If we’re lucky, we might see it coming, so that we have an opportunity to formulate a coping strategy. But how can managers and employees be best prepared to deal with the unexpect
9 min readGetting It Done Rotman ManagementArticle
Getting It Done
Sep 1, 2020
You developed the GettingItDone® management system and have been teaching it to Rotman MBA students for 19 years. What are its key principles? The system applies the thinking of three well known management gurus. The first is the late-great Peter F.
5 min read‘MBAs THAT DON’T FOCUS ON DATA & TECH WON’T DO WELL’ Business TodayArticle
‘MBAs THAT DON’T FOCUS ON DATA & TECH WON’T DO WELL’
Oct 28, 2022
6 min readBusinesses Were Not Prepared For The Pandemic, Warns IBM Chief Executive Evening StandardArticle
Businesses Were Not Prepared For The Pandemic, Warns IBM Chief Executive
Sep 7, 2020
4 min readIBM Boss: Big Companies Were Not Prepared For The Pandemic Evening StandardArticle
IBM Boss: Big Companies Were Not Prepared For The Pandemic
Sep 4, 2020
Sreeram Visvanathan is the new chief executive of IBM UK and Ireland. The 53 year-old is from Bangalore in India and previously led IBM’s global Public Sector team. In the middle of London Tech Week, he talked to the Evening Standard about the future
4 min readWhy We Need To Fear The Risk Of AI Model Collapse Evening StandardArticle
Why We Need To Fear The Risk Of AI Model Collapse
Dec 17, 2023
4 min readHow To Make Sense From And With AI ? The European Business ReviewArticle
How To Make Sense From And With AI ?
Sep 25, 2021
4 min readDIGITAL CROWN JEWELS: How to Protect Your Data Assets Rotman ManagementArticle
DIGITAL CROWN JEWELS: How to Protect Your Data Assets
Sep 1, 2023
10 min read
Reviews for Total Information Risk Management
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews
Book preview
Total Information Risk Management - Alexander Borek
University.
Introduction
What you will learn in this chapter:
The purpose of this book
Intended audiences
Structure of this book
How to use this book
We are living in exciting times. The notion of Big Data has become a much discussed topic in the business world. Almost every chief executive officer (CEO) who regularly reads business magazines has to ask: Am I on the right track with data and information management and utilization in my company?
In most organizations there are several new technologies emerging on top of what is already a myriad of old technologies, and this brings with it specific challenges. Many organizations are desperately seeking to hire data scientists to help weave through the complexity now being seen, and the new discipline of data science is evolving at a fast pace.
Data becomes the focus of executives because it is the essential material to generate the information insights that a business needs to strive in today’s increasingly competitive environment. Information insights allow commercial businesses to allocate resources more profitably, satisfy their customers more effectively, reduce costs, save energy and materials, and offer better products and services that consumers really want and that are priced competitively. Public authorities, governments, and local communities can use analytics to minimize the financial burdens placed on taxpayers, reduce crime, optimize transportation, improve reliability and quality of utility and citizen services, and diminish environmental pollution. Nonprofit organizations are also able to take considerable advantage of information insights to increase the speed of support logistics in crisis regions, achieve a better allocation of resources to solve global challenges, and speed up medical progress in fighting diseases. It is not an overstatement to say that advanced data analytics will drive a smarter and hopefully better planet.
As much as data and information are becoming key assets for all organizations, however, its use does undoubtedly bring with it many potential risks from strategic, operational, financial, compliance, governance, environmental, and societal perspectives. Information governance is increasingly exercising the minds of many organizations, not least because of more stringent legal and regulatory requirements being imposed on both private and public sector entities. All organizations handle information. The governance of information is absolutely vital to the early identification of potential risk, the prevention of risk, and ensuring business continuity in the event of adverse risk. Accurate data records and the maintenance of such records is critical not only for meeting compliance requirements but for the longer-term survival of the organization. Organizations that fail to manage information risk effectively leave themselves open to fines, sanctions, and other penalties, not to mention loss of reputation and potential failure of the business.
Poor information management is not an option. There are many ways in which information can be compromised, damaged, or destabilized, leading to a multiplicity of problems. These range from those that are merely an inconvenience to those that can cause significantly harm to the organization. Nevertheless, the management of information risks is often poorly achieved because organizations give it low priority and, indeed, low visibility. Many view information risk an as intangible and do not know how best to manage it. Consequently, and due to the challenges it brings, it is not given all the time and attention that it rightly deserves. The fact is that in today’s increasingly intensive information-driven economy, new risks derived from information with poor-quality levels can and do appear quickly.
Organizations should recognize information risk management as being of vital strategic importance and a key component of overall business strategy. Managing information risk is important for all organizations regardless of size or structure—people within organizations need to be encouraged to manage the associated risks and regard such management as part and parcel of their day-to-day operations. Without an appreciation of the role they play, employees may either undertake activities or conversely fail to undertake activities, which consequently leave the organization exposed to unnecessary risks. Many organizations struggle to understand how to measure and quantify the impact information quality has on performance.
Luckily, the well-established discipline of risk management offers a variety of recognized concepts and methods to control the impact of uncertain events. In the data and information management discipline, thus far, risk management has been used in the past either to manage risks connected to disclosure of information or that arise from the failure of IT systems, but not directly to manage the risks when data and information assets are of poor quality. Therefore, existing information risk management processes address only a very small subset of the range of risks that are caused by poor data and information management.
The core idea in this book is to provide managers with a practical guide on how to apply risk management methods and principles more directly to data and information management. The journey to effectively manage information risks will undoubtedly require some initial investment in time and resources. But we also believe that managing information risk is an imperative for all organizations that want to protect themselves from malfunctioning. And there is a very positive side of managing information risk too: in the long term, the rewards for those organizations that manage information risk effectively will be significant, ranging from higher profitability, happier customers, and improved operational efficiency, to better investment decisions, and eventually leading to a sustainable competitive advantage.
What is Total Information Risk Management?
Managers have to address the new challenges posed by the rising importance of data and information being viewed as key assets. Data and information are such important assets for an organization that it is vital to understand how they impact the business performance of an organization. Data and information have an impact in every part of the organization; not taking these business impacts seriously can lead to risks that damage the organization.
Total Information Risk Management (TIRM) is a collection of concepts, methods, and techniques that we have developed to address these new challenges. The TIRM process has been advanced after conducting ground-breaking research at the University of Cambridge, funded by the British Engineering and Physical Sciences Research Council (EPSRC). Our research was undertaken in collaboration with many other international universities and many different organizations in a number of industrial sectors.
TIRM draws upon the extensive body of knowledge in the well-established discipline of risk management, as well as the newer discipline of data and information management. It provides organizations with the tools necessary to understand, measure, and control the business impact of data and information assets, effectively and efficiently.
Purpose of This Book
In our view, current approaches to data and information management do not create a clear enough link between data and its actual business value. Many of the existing data management books deal with the technicalities of data management but only a few discuss in detail how data and information should be governed. This emphasis is well described in the following recommended texts: Danette McGilvray’s Executing Data Quality Projects
, David Loshin’s The Practitioner’s Guide to Data Quality Improvement
, Thomas C. Redman’s Data-Driven: Profiting From Your Most Important Business Asset
and John Ladley’s books Data Governance
and Making Enterprise Information Management (EIM) Work for Business
.
One of the most integral questions about the management of data and information currently remains unanswered: it is very hard to provide real evidence as to where data and information really impact the business, and it is even more difficult to say to what extent an organization might be affected. This book offers an innovative approach to TIRM, which achieves a clear link between data, information, and the business. We demonstrate how best to achieve this by integrating risk management methods and techniques with the discipline of data and information management.
Intended Audiences
The target audience for this book is people who want to learn how to make closer linkages between data and information and business value—that is, people who want to ensure that poor data and information do not threaten the well-being of their organization. The readership is targeted at both students and professionals in data management, business intelligence, and in the management of information systems and IT. This book will also be of interest to general managers and risk management practitioners. The book is written in a language that does not require readers to have any specific technical knowledge. Additionally, if readers are interested in how best to integrate the concepts in this book into a new or existing software system, Chapter 12 on software tools offers valuable
Enjoying the preview?
Page 1 of 1