In today's information-driven economy, it's not enough for organizations to say 'we know what our information risks are.' The newspapers are filled with stories about how improper management and control of information have led to regulatory fines, sanctions, reputation damage and loss of customer trust.
Readers of this paper will learn about:
• controls that can be put in place to manage information-related risks effectively
• a suggested risk-rating system for capturing the current status of your organization's environment
• the roles and responsibilities individuals in your organization may have with respect to risk and compliance
• overall suggestions for best practices for information management and a control framework.