Presentation is loading. Please wait.

Presentation is loading. Please wait.

© May not be reproduced without permission of Financial Ombudsman Service Ltd 1 what is “information risk” and what should we be doing about it? Christina.

Similar presentations


Presentation on theme: "© May not be reproduced without permission of Financial Ombudsman Service Ltd 1 what is “information risk” and what should we be doing about it? Christina."— Presentation transcript:

1 © May not be reproduced without permission of Financial Ombudsman Service Ltd 1 what is “information risk” and what should we be doing about it? Christina Somovilla & Aynsley Taylor

2 © May not be reproduced without permission of Financial Ombudsman Service Ltd 2 the Financial Ombudsman Service  established by the Financial Services and Markets Act 2000  funded by the financial services industry  complaints about regulated financial services and products  can be brought by individuals and some small businesses  we are now around ten times the size we were at the beginning  started out in one building, we now occupy four

3 © May not be reproduced without permission of Financial Ombudsman Service Ltd 3 the Financial Ombudsman Service

4 © May not be reproduced without permission of Financial Ombudsman Service Ltd 4 the big issues  41% of organizations are not confident that their electronic information is “accurate, accessible, and trustworthy” AIIM Research, 2013  government and third sector lose £29bn a year through poor information management EDM group research, 2013

5 © May not be reproduced without permission of Financial Ombudsman Service Ltd 5 In the public imagination

6 © May not be reproduced without permission of Financial Ombudsman Service Ltd 6 defining “information risk”  understanding information as a key business asset  what value do we give it?  how does it compare to other business assets?

7 © May not be reproduced without permission of Financial Ombudsman Service Ltd 7 what are the risks?  two types of loss  failing to exploit what we have  not understanding its value  not understanding its nature

8 © May not be reproduced without permission of Financial Ombudsman Service Ltd 8 internal and external  our website  sharing directly with other organisations   publishing our decisions  our case-handling system  shared drives   intranet

9 © May not be reproduced without permission of Financial Ombudsman Service Ltd 9 analogue and digital  old wine in new bottles?  applying methodology to all media and formats  changing expectations of staff and customers  opportunities from digitising content

10 © May not be reproduced without permission of Financial Ombudsman Service Ltd 10 what we are doing There are 3 separate strands of work:  information security  information rights  information management…

11 © May not be reproduced without permission of Financial Ombudsman Service Ltd 11 what we are doing: information management  Aims  Find information quickly and easily  Know what information we’ve got and where it is stored  Sharing information appropriately  Reduce the volumes of information we hold

12 © May not be reproduced without permission of Financial Ombudsman Service Ltd 12 what we are doing: information management  Shared drive – what we had:  Unstructured information  Difficult to find information  Out of date  No ownership  Lots of duplication  Lots of personal data  Silos of information  No formal permission process

13 © May not be reproduced without permission of Financial Ombudsman Service Ltd 13 what we are doing: information management  Shared drive – what we did  Audit  File plan  Retention schedules  Access control  Local records officers  Shared spaces  Awareness raising  Monitoring

14 © May not be reproduced without permission of Financial Ombudsman Service Ltd 14 what we are doing: information management  Unfinished job!  Expansion = less control  Review of file plan  Surfacing “lost” information  More collaborative workspaces needed

15 © May not be reproduced without permission of Financial Ombudsman Service Ltd 15 what we want to do “information risk management”  evaluate information  identify risks  consider likelihood  consider impact  appropriate and proportionate action

16 © May not be reproduced without permission of Financial Ombudsman Service Ltd 16 what we want to do  information architecture  community of practice  join up with other projects and programmes  cultural change

17 © May not be reproduced without permission of Financial Ombudsman Service Ltd 17 Q&A


Download ppt "© May not be reproduced without permission of Financial Ombudsman Service Ltd 1 what is “information risk” and what should we be doing about it? Christina."

Similar presentations


Ads by Google