Phone: 650-474-0955


Jan 30

Information - Governance, Risk and Compliance – GRC - Part 2

Information - Governance, Risk and Compliance – GRC - Part 2 In my last post about governance, risk, and compliance, I have described why information governance is important and where to begin with the information governance. Today, I will describe what needs to be considered in information governance polices and will give some recommendations.   What needs to be considered in information governance polices?   Government mandates - If you are in a regulated industry, you need to consider first and foremost government mandates such as GMP/GxP, ISO 9001. You need to make sure that your documents management and IT are compliant with these requirements.   Proliferation of content - there has been explosive growth in the creation and collection of content by organization and individuals. Content is stored in CMS, data warehouses, physical warehouses, desktop computers, file shares, back-up archives, mobile devices, cloud services, employees personal computers and other devices such as tablets, smart phones, etc. To complicate matters this information is also geographically disbursed. Read more
Add CommentViews: 4477
Jan 28

Information - Governance, Risk and Compliance – GRC - Part 1

Information - Governance, Risk and Compliance – GRC - Part 1 Governance is about securing the information and also about using information for greater value. People don’t talk much about value of information but information is strategic asset of a company.   What makes a company great among other things is the ability to take information and use it as an asset. Information is what drives an organization, whether it is through development of new drugs, new products, looking into new geographic regions to expand to, etc.   Governance is like an insurance policy that you feel like you are paying for nothing, until you need it. You don’t know when and if an “accident” will happen and you don’t know how big it will be, but when it does happen, you are very happy that you have that insurance policy. Until then you resent having to pay for it. Governance which is controls is your insurance policy. Read more
Add CommentViews: 2412
Aug 10

E-Discovery and Records Management

E-Discovery and Records Management Discovery is the pre-trial phase in a lawsuit in which each party can request documents and other evidence from opposing parties. E-discovery deals with discovery of electronically stored information (ESI), including documents and e-mails.   E-Discovery preparedness makes it imperative for organizations to develop an enterprise wide strategy to manage the volume of electronic information. The discovery process affects many individuals in an organization, not just lawyers and others involved in discovery, but also IT professionals and records managers, who have to be prepared to produce electronic content for discovery and litigation.   For legal counsel, it means having a review process to determine what discovered content is relevant to the case. For an IT person, it means restoring backup tapes to show evidence on file shares, content management systems, e-mail systems, or other applications. But for records managers, this work will have begun long before any lawsuit with managing records for retention, placing legal holds, and finalizing disposition.   Read more
Add CommentViews: 2460