jeudi 9 mai 2013

Sure, information has value, but don't forget the risks

A lire sur:

Enterprises are clogging their arteries with information, most of which has no real value but carries costs and risks. The CPO can help in disposing of that information that can only cause harm.

By Deidre Paknad
May 7, 2013 02:41 PM ET
Computerworld - Most companies describe information as the lifeblood of the organization. But too many enterprises have clogged their arteries.
How can this be? Over time, the value of information declines, while the associated costs remain constant and the compliance and legal risks actually rise. This conclusion, based on research conducted by members of the Compliance Governance and Oversight Council (CGOC), implies that those who champion the defensible disposal of all information that has no legal, regulatory or business value can help their companies significantly reduce costs and risk.
The corporate officer best positioned to be such a champion is the chief privacy officer (CPO). Defensible disposal is a particularly appealing idea for CPOs, who already help their organizations identify information of value, catalog where that information resides, and determine how it must be managed and disposed of in order to protect the organization, its employees and its customers.
It's time for corporations to take the next step and give the CPO a seat at the information governance table as an ally and champion in developing information life-cycle governance (ILG) practices that transform the organization's information economics. Not familiar with information economics? Well, if economics is "the discipline of analyzing the production, distribution and consumption of goods and services," then information economics is the discipline of analyzing the production, distribution and consumption of information. Think of it this way. Organizations obtain value from the information they generate and collect, but this value is offset by the cost to access and manage it and by the risks associated with it, including growing privacy risks. The goal in improving information economics is to develop the ability to control information cost and risk while increasing the value derived from it in order to significantly improve the profit margin on information.
The CPO is key in achieving those goals. In fact, the growing importance of the role of the CPO in the information governance function led the Electronic Discovery Reference Model (EDRM) to announce that its Information Governance Reference Model (IGRM) project now includes privacy and security as primary stakeholders in effective information governance.

Understanding Information's Value

Achieving a healthy information economy, where the value of information is greater than its costs and potential risks, starts with the ability to accurately identify information value. The difficulty with this is that the value depends on a variety of factors, such as the type of information, its stakeholders, the company's industry, its geographic location, and the duration of customer and product life cycles. For example, email (a type of information) may lose its business value very quickly but be relevant to regulators (one of the stakeholders, determined by industry and geographic location) for three years. As for product life cycles, design information for products with a short market lifespan, such as consumer electronics, is useful for a much shorter period of time than design information for products, such as aircraft engines, that are used for decades. Yet, in both cases, the length of time that back-office information is of value is likely similar. Meanwhile, information that is deemed to be clearly valuable can be extremely risky to hold on to. For example, marketing often wants to save all personal customer information in order to extract business value from it over the long, but this often conflicts with new privacy requirements.

Aucun commentaire:

Publier un commentaire