1st Edition

Information Governance and Assurance Reducing risk, promoting policy

By Alan MacLennan Copyright 2014
    192 Pages
    by Facet Publishing

    This comprehensive textbook discusses the legal, organizational and ethical aspects of information governance, assurance and security and their relevance to all aspects of information work.

    Information governance describes the activities and practices which have developed to control the use of information, including, but not limited to, practices mandated by law. In a world in which information is increasingly seen as a top-level asset, the safeguarding and management of information is of concern to everyone. From the researcher who is responsible for ethical practices in the gathering, analysis, and storage of data, to the reference librarian who must deliver unbiased information; from the records manager who must respond to information requests, to the administrator handling personnel files, this book with equip practitioners and students alike to implement good information governance practice in real-world situations.

    Key topics covered include:

    Information as an asset

    The laws and regulations

    Data quality management

    Dealing with threats

    Security, risk management and business continuity

    Frameworks, policies, ethics and how it all fits together.

    Readership: Fully supported by examples, discussion points and practical exercises, this is essential reading for everyone who needs to understand, implement and support information assurance policies and information governance structures. It will be particularly valuable for LIS students taking information management and information governance courses, and information professionals with an advisory or gatekeeping role in information governance within an organization.


    1. Introduction Rationale Data and information Information as an asset Where is our information? Threats Standards, frameworks and a framework for information governance and assurance Policy Assurance How to use this book 2. The laws and regulations Introduction A standard for records The Information Commissioner’s Office The Freedom of Information Act 2000 Data protection Environmental Information Regulations (EIR) Policy The role of the information professional Discussion points Conclusion References 3. Data quality management Introduction What is data quality? Dimensions of data quality A different perspective Example Data quality tools Products versus processes Data silos Master data management (MDM) Single customer view Further library examples Data quality policy/strategy The role of the information professional in data quality management Discussion points Conclusion References 4. Dealing with threats Introduction Internal threats External threats The law Policy Exercise Conclusion References 5. Security, risk management and business continuity Introduction The security environment Strategy and tactics Standards – the ISO 27000 series Practical measures Risk management Business continuity management (BCM) Policy Exercises Conclusion References 6. Frameworks, policies, ethics and how it all fits together Introduction Moving from standards to frameworks The information governance and assurance framework in operation Ethics The role of the information professional in the information governance and assurance framework Discussion points Conclusion References Discussion points and exercises Index


    Alan MacLennan