Download Flyer Request e-Inspection Copy

Information Governance and Assurance: Reducing risk, promoting policy


This comprehensive textbook discusses the legal, organizational and ethical aspects of information governance, assurance and security and their relevance to all aspects of information work.
Information governance describes the activities and practices which have developed to control the use of information, including, but not limited to, practices mandated by law. In a world in which information is increasingly seen as a top-level asset, the safeguarding and management of information is of concern to everyone. From the researcher who is responsible for ethical practices in the gathering, analysis, and storage of data, to the reference librarian who must deliver unbiased information; from the records manager who must respond to information requests, to the administrator handling personnel files, this book with equip practitioners and students alike to implement good information governance practice in real-world situations.
Key topics covered include:

  • Information as an asset
  • The laws and regulations
  • Data quality management
  • Dealing with threats
  • Security, risk management and business continuity
  • Frameworks, policies, ethics and how it all fits together.

Readership: Fully supported by examples, discussion points and practical exercises, this is essential reading for everyone who needs to understand, implement and support information assurance policies and information governance structures. It will be particularly valuable for LIS students taking information management and information governance courses, and information professionals with an advisory or gatekeeping role in information governance within an organization.

1. Introduction

  • Rationale
  • Data and information
  • Information as an asset
  • Where is our information?
  • Threats
  • Standards, frameworks and a framework for information governance and assurance
  • Policy
  • Assurance
  • How to use this book

2. The laws and regulations

  • Introduction
  • A standard for records
  • The Information Commissioner's Office
  • The Freedom of Information Act 2000
  • Data protection
  • Environmental Information Regulations (EIR)
  • Policy
  • The role of the information professional
  • Discussion points
  • Conclusion
  • References

3. Data quality management

  • Introduction
  • What is data quality?
  • Dimensions of data quality
  • A different perspective
  • Example
  • Data quality tools
  • Products versus processes
  • Data silos
  • Master data management (MDM)
  • Single customer view
  • Further library examples
  • Data quality policy/strategy
  • The role of the information professional in data quality management
  • Discussion points
  • Conclusion
  • References

4. Dealing with threats

  • Introduction
  • Internal threats
  • External threats
  • The law
  • Policy
  • Exercise
  • Conclusion
  • References

5. Security, risk management and business continuity

  • Introduction
  • The security environment
  • Strategy and tactics
  • Standards – the ISO 27000 series
  • Practical measures
  • Risk management
  • Business continuity management (BCM)
  • Policy
  • Exercises
  • Conclusion
  • References

6. Frameworks, policies, ethics and how it all fits together

  • Introduction
  • Moving from standards to frameworks
  • The information governance and assurance framework in operation
  • Ethics
  • The role of the information professional in the information governance and assurance framework
  • Discussion points
  • Conclusion
  • References
  • Discussion points and exercises
  • Index

Dr Alan MacLennan is Course Leader for the MSc in Information Management at Robert Gordon University, UK and teaches modules in Databases, Networking and Records Management on the course. His teaching areas span both "traditional" librarianship - cataloguing to AACR2R2 and MARC, and some classification - and topics in the forefront of today's Information revolution, such as networking, the Internet, the World Wide Web and HTML authoring and page design. He completed a postgraduate diploma and linked Master's in Librarianship and Information Studies at Robert Gordon University and has been lecturing since 1993.

"This is one of the few books that brings together the concepts of records and information management and information security and is a really solid introduction to the way in which the various information disciplines, whether concerned with security and protection or reuse and optimisation, need to come together to ensure that information remains useful yet is appropriately secured to minimise risk."

Records Management Journal

The book is written in a clear, concise and readable style. The text includes appropriate and interesting case study examples in places, and the exercises and discussion points would make it useful for a small group to work together.


You might also be interested in..

« Back