Custom Search

Information Management For Mid Market Enterprises

What is Information Management?

Information Management in the mid market space and the mid enterprise space enabling an organisation to most effectively deliver it's products and services to it's clients and users so it's seen as an IT function but in reality it's a business function it's knowing how an individual department will create, use, store, maintain the information in its remit, how that information is shared so its an all encompassing information flow throughout the organisation and it needs to be seen like that, it's an iatrical part of the business process therefore developing an enterprise architecture without understanding the information flow and the information architecture you're always going to be missing a critical piece.

How do I define an information asset?

An information asset as with any business asset has to have value it's also important to recognise that it's a corporate asset and not an individual asset therefore they may be custodians of it, they may create it they may be responsible for it but unless it is shared and used by the business as a whole as a creation of wealth by that organisation it isn't really an asset it's actually a liability. Therefore we've got to consider does it cost more to create and retain this piece of information and is the information known to the rest of the organisation, we see an awful lot of repeat work being carried out by different departments there's a lot of confusion over which piece of information is correct and if you don't know what's driving the decision because you're using the wrong information that it's actually a real liability to an organisation.

What are the key challenges of Information Management?

The main challenge of information management is making sure you're joined across the organisation, you understand the work flow, you understand the business process that is generating that information so it is not one department's responsibility it's an organisational one, therefore if you're not concerned about how your data is being backed up or you as an IT department are backing up data in groups without real knowledge of what's sat there then you have an information management challenge to overcome, in this case I'd recommend engaging with your CEO and saying we need to have an asset information management policy document that makes it very clear what information is available, who's responsible, what shouldn't be created and that then will define privacy laws retention requirements under various regulations and you're then mapping to a policy rather than mapping to an IT perception of what may or may not be required and it's very common to fund IT departments backing things up and when challenge what the users need it for, why they need it, not so clear on why more a case of it being best practice, my recommendation would be to get an advocate to sit in with the departmental meeting and understand how and their challenges around Information Management and then it becomes end to end.

What is structured and unstructured data?

There are some schools of thought that believe that with enough money you can put structure into anything, in reality mid market organisations are not going to spend a great amount of money and time analyzing a word document to get something called the ultimate truth so in reality, unstructured data is the files, office documents, PDF's, images that all reside on things like file systems where the content is open to interpretation either in its creation or in its reading so structured data tends to be more associated with data bases so there's a very fixed rule that says a certain piece of information will always be in this field. You can have poorly written applications that make a nonsense of that statement and you still get confusion, however in reality when you're looking at unstructured data you're looking at those files that are irregular, so email for example is turned to semi structured because it has some code that is always the same now that may just be the words hello and goodbye because it's a conversation and not really a document as such but keeping the two separate actually you're missing the point of information management, information os stored across the business it can be unstructured but knowing the business truth, what is your master data, where is it stored and where should everyone go for that is key to understand. If you have unstructured data where there's multiple versions of the truth that's where confusion lies for the business.

What is Information Lifecycle Management (ILM)?

ILM or information lifecycle management is typically IT's response to the growing storage pressure that they are seeing so at the 120% growth per annum there's going to be a significant proportion of that data that is unused so with tools to analyse the system they can see what hasn't been used for the last six month and move that down to a lower tier of storage by doing that however you are continuing the gap you have with the business unit you're supporting. You don't really know whether the information you're moving down onto this lower tier should actually be kept by the organisation it's important to understand that there are requirements to occasionally delete information and by continuing the amount of information that's under a department's remit if that continues to grow their ability to then know where their data is also challenged so you become more reliant on people's memory of where things are rather than a clear policy of the business process, this is the workflow and this is the information that's created from it my recommendation for any company that has that type if ILM system is it's never going to be redundant it's worth maintaining but reengage the business and say, this is the data that's in care at the moment what should be here and evolve that system moving forwards so that it is correctly privatized, it isn't in the big departmental bucket because there are different responsibilities within an organisation department and you can have and should have different document requirements to reflect that.

What is archive data?

Its important for IT departments to recognise what an archive is for it's there to generate an image of a business at a particular point in time therefore many organisations that take a copy of the back up cycle out and put it in a safe for five years have missed the point because tying to store an image at that point in time is very complex you have to understand the application, you have to understand the data and where exactly it is and if you're looking at unstructured data the person who created it may no longer be in the organisation so it's important to go back and say why do I have an archive at that point you can go back and say ok, the image that I want is of this section of data if that can be independent of the application then you're not tied down to maintaining old legacy systems you can actually view it in isolation for the auditors or regulators or whoever needs to see this, it's an ongoing process but it isn't a part of back ups it is it's own separate process.

What is private data?

Data privacy is becoming more important as the IT world grows so it's important to understand what constitutes private data. Private data is anything that can identify you as an individual so your surname on it's own isn't going to identify you but your surname with your address, your telephone number, credit card details, that type of thing is going to identify you and it's going to put your information and who you are at risk. On top of that you're going to have sensitive private data so information that would cause adverse distress if it was used inappropriately and by that sensitive information includes sexual orientation, your health, political or religious believes so all of these things need to be protected managed within an organisation but again it's not in IT's responsibility to manage the data protection it is a business process of which they are a part of.

What regulations apply to data?

There are potentially thousands of rules and regulations that apply to the data within your organisation which is why its key to engage with an industry specialist to understand the nuances in each individual industry. However some of the more common ones like the data protection act in the UK and the tax laws there are industry regulations such as MIFED or barzil two in the banking industry MOPE in the police PCIDSS which is the protection of credit card information in the retail sector so there's lots of regulations so it's important not to get stuck on one because your business unit you're supporting will have a very good idea of what it's roles and responsibilities are so engage with them and talk to them to find out what rules apply and if they don't know it needs to be raised with your risk manager within your organisation because they definitely need an understanding of it because they're managing your system within an industry and failure within an industry can lead to very bad press and often the ending of your business within that industry.

What are the principles of the Data Protection Act?

The data protection act is the UK's implantation of EU law around the privacy of an individuals information so the most current information is available from information commissioners office however there are eight principles that guide your usage and retention of information and private information, is it lawful is first, is it for a purpose that is clearly deifned and understood by the end user, is it current, is it accurate, is it retained within the EU or are you shipping that data out to an organisation that may not have the same standards as the EU in which case you've got to be very clear on what the information is and how it's being passed out making sure it's only for the purpose and it's recognised by the individual for the purpose by which it was given so if you're providing information for a sale you understand how that's being used if that system is then cloned and put into a test and development system and the end user isn't really aware that that's the purpose for him providing you with the information and also with outsourcing of test and development to off country then you run a real risk of exposing yourself to he data protection act because you're retaining the private information within that clone but it no longer has the same restrictions and very often it is not secured adequately to the same level that your production system s and there's real risk there of data loss and exposure to fines.

How do I privatise data and when do I use it?

With any data sharing it's important to understand why that data is being shared, so with the correct information assets management policy you know that by passing the information onto another organisation the reason you're doing that so by understanding why you're doing that you can also then look at the document and say actually is this adequate for the purpose that we're sharing or is there more information than I really need to share at that point you say to I redact the data if it's a document so white out the relevant pieces of information that they may not need access to, if it's a database then privatizing the information that basically ammonizes the individual still has the context of the database, they're still able to test and do the development on that but it's no longer going to identify any of the individuals and therefore it is private. So first of all you need to establish the reason then establish whether they need to see it in its original format if they don't and then there's a real value in ammonizing it. How you anatomize it is then a challenge if you encrypt the data so it's scrabbled information very often in test and development you find that users concentrate on the scrabbled data as an error rather than focusing on the functionality that's being built in so data ammonization and data privatization techniques that act at the record level keep consistency across the system as you present it out improves the user experience and actually makes testing more effective and you're no longer worried about the privacy issues that it entails.

How do I change Information Management practice?

The key thing to remember as an IT department assisting an organisation to change it's information management policy you have to make the end user experience effectively easier it's got to be not harder than before and preferably you'll improve the experience for them and remove pain points from their process for example currently a lot of information shared by email has a lot of risk entailed because you have multiple copies you no longer have the single version multiple updates take place and you have the security risk of who has control of this document to the end point security is an issue, but at the moment email is an easy way to share information so by clicking on a document and adding it with a number of users that you wish to share that with its don't and dusted and you've pushed it out to the organisation so how do you share information effectively and take away that policy problem, so one way would be to set up a team room or something like that where you end up controlling the document from a single point where everyone there can view that and this is going to become more critical as web 2.0 and collaboration improve and users expect to be able to get to information more rapidly, if it's spread out throughout an organisation they are going to have issues so pull it back in and improve their experience and they'll join you on your journey to improve their information management policies.

By: Erica.Soundimage

Article Directory: http://www.articledashboard.com

GuruOnline has answers to your Information Management questions, all in bite-sized videos.

Misc
Print This Article
Add To Favorites
Email to Friends
Ezine Ready
Sponsored Links
Join Our Community
Sign Up for an account or learn more.
Article Dashboard Authors
Submit Articles
Member Login
Submission Guidelines
Article RSS Feeds
Site Information
About Us
Link to Us
Contact Us
Privacy Policy
Terms of Service
Favicon Generator

© 2005-2011 Article Dashboard