The information audit. What’s that?
What information do you have and how do you look after it?
I have become increasingly vocal about organisational risk analysis relating to data.
As part of any risk analysis strategy, knowing what data is held by a company, where it is and who has access to it are three fundamental questions.
Easy right? Well is it?
Call it data mapping, an information audit or something more multi-syllabic if you want to, this really still boils down to some simple questions:
- What data do you have?
- Where is it?
- Is it on paper?
- Do you know where ALL of it is?
- How do you know?
- Should you even be keeping it (Data Protection Act 2018, i.e. GDPR)?
And what do other people in your organisation do with data?
Do they have their own data repositories (or should we call them hoards!)?
Do you know what they have… for instance, do people store work data in their:
- Personal home devices like PCs?
- Any PII?
- Is there any encryption?
Simple company policy guidelines, such as enforcement of work data only being stored centrally (think fileserver, SharePoint and Google drive as examples) can significantly reduce the headaches of data locations.
Do you need to keep it?
Are you just being lazy and holding on to it “just in case”? Ask the question again. Are you allowed to keep it? What would happen if it was hacked or lost?
The benefits of such an analysis include: truly understanding what is required to safeguard your organisation’s information: the financial cost. The resources needed.
An information management checklist: what tasks need to be undertaken? How frequently? You might even put together a time table and (Heavens to Betsy!) put it in a calendar; even delegating some of the tasks… (I am getting too excited…).
Tidy mind syndrome: if you know what you have and where it is – it’s a big win for productivity.
If you are audited by the ICO or some other regulatory authority guess what: your work is done! If you have approached this process conscientiously and comprehensively you will be able to answer any question with ease…