![]() ![]() The following list describes some general areas of responsibility. Everyone should be subject to the organization’s security policy, including employees, management, consultants, and vendors. This will be a tremendous help when dealing with any security issues. There must be a clear division of roles and responsibility. Process-This includes methods and tools used to transmit or modify the data.ĭata security requires responsibility. As examples, you must retain tax records for a minimum number of years, while you may only retain customers’ for only the time it takes to process a single transaction. As an example, social security numbers, data of birth, medical history, etc.Įnsuring Law/Legal Compliance-This includes items related to legal compliance. ![]() Sensitivity-This includes issues related to the sensitivity of data that should be protected against unwarranted disclosure. Liability-This refers to the financial and legal costs an organization would bear should data be lost, stolen, or hacked. This is why users pay for a software license and not the ownership of the software itself, and typically have only the compiled “.exe” file and not the source code itself. As an example, you may be the custodian of fifty copies of Microsoft Windows Server 2012 yet the code is owned by Microsoft. Ownership-This includes concerns as to who owns the data or who might be a custodian. To improve the security of data, including confidentiality, integrity, and availabilityĬost-This can include the cost of providing access to the data as well as the cost to protect it. To ensure that once data are located, users have enough information about the data to interpret them correctly and consistently To establish appropriate responsibility for the management of data Such specifications can involve directives for business process management (BPM) and enterprise risk planning (ERP), as well as security, data quality, and privacy. Data governance programs generally address the following types of data: A data governance policy is a documented set of specifications for the guarantee of approved management and control of an organization’s digital assets and information. Generally you can think of policies as high-level documents developed by management to transmit the guiding strategy and philosophy of management to employees. Today, electronic data might be found on thumb drives, SAN storage arrays, laptop hard drives, mobile devices, or might even be stored in a public cloud. Years ago, people only had to be concerned with paper documents and control might have only meant locking a file cabinet. Learn More Buy Data Management: Determine and Maintain Ownershipĭata management is not easy and has only become more complex over the last ten to fifteen years. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |