Total Information Risk Management : Maximizing the Value of Data and Information Assets.
Title:
Total Information Risk Management : Maximizing the Value of Data and Information Assets.
Author:
Borek, Alexander.
ISBN:
9780124058613
Personal Author:
Physical Description:
1 online resource (315 pages)
Contents:
Front Cover -- Total Information Risk Management: Maximizing the Value of Data and Information Assets -- Copyright -- Dedication -- In praise of Total Information Risk Management: Maximizing the Valueof Data and Information Assets -- Contents -- Acknowledgments -- Foreword by Thomas C. Redman -- Foreword by John Ladley -- About the Authors -- Introduction -- WHAT IS TOTAL INFORMATION RISK MANAGEMENT? -- PURPOSE OF THIS BOOK -- INTENDED AUDIENCES -- STRUCTURE OF THIS BOOK -- HOW TO USE THIS BOOK -- WHAT IS THE VALUE OF READING THIS BOOK? -- SUMMARY -- Part 1 Total Information Risk Management Background -- Chapter 1 Data and Information Assets -- WHERE NAPOLEON MEETS MICHAEL PORTER: DATA AND INFORMATION ARE ASSETS -- HOW DATA AND INFORMATION HAVE BECOME THE MOST IMPORTANT ASSETS OF THE 21ST CENTURY -- WHAT ARE DATA AND INFORMATION ASSETS? -- THE ANALOGY TO TRADITIONAL MANUFACTURING: HOW RAW DATA IS TRANSFORMED INTO INFORMATION PRODUCTS -- LIFE CYCLE OF DATA AND INFORMATION ASSETS -- QUALITY OF DATA AND INFORMATION ASSETS -- HOW DATA AND INFORMATION ASSETS INFLUENCE ORGANIZATIONAL SUCCESS -- WHY WE NEED BETTER METHODS TO UNDERSTAND AND MEASURE THE IMPACT OF DATA AND INFORMATION QUALITY -- REFERENCES -- Chapter 2 - Enterprise Information Management -- WHAT IS ENTERPRISE INFORMATION MANAGEMENT? -- BIG DATA AND HOW IT REQUIRES NEW THINKING IN EIM -- FURTHER CHALLENGES FOR EIM -- SUMMARY -- REFERENCES -- Chapter 3 - How Data and Information Create Risk -- INTRODUCTION -- INTRODUCTION TO THE ANATOMY OF INFORMATION RISKS -- SOURCES OF INFORMATION RISK -- DIFFERENT WAYS TO MITIGATE INFORMATION RISK -- THE UPSIDE OF INFORMATION RISK -- THE CASE FOR QUANTIFYING INFORMATION RISK -- WHY RISK MANAGEMENT BECOMES IMPORTANT FOR INFORMATION MANAGEMENT -- REFERENCES -- Chapter 4 - Introduction to Enterprise Risk Management -- INTRODUCTION -- WHAT IS RISK?.
WHAT IS ENTERPRISE RISK MANAGEMENT? -- WHAT IS THE GENERIC RISK MANAGEMENT PROCESS? -- ASSESSMENT OF RISK -- RISK APPETITE AND RISK CRITERIA -- TREATMENT OF RISK -- CHIEF RISK OFFICER -- SUMMARY -- REFERENCES -- Part 2 Total Information Risk Management Process -- Chapter 5 Overview of TIRM Process and Model -- INTRODUCTION -- WHAT DOES THE WORD TOTAL STAND FOR IN TIRM? -- STAGES OF THE TIRM PROCESS -- COMMUNICATE AND CONSULT -- MONITOR AND REVIEW -- TIRM MODEL: QUANTIFYING INFORMATION RISK -- DETERMINING RISK APPETITE FOR TIRM -- SUMMARY -- REFERENCES -- Chapter 6 - TIRM Process Stage A: Establish the Context -- INTRODUCTION -- TIRM PROJECT KICKOFF -- STEP A1: SET THE MOTIVATION, GOALS, INITIAL SCOPE, RESPONSIBILITIES, AND CONTEXT OF THE TIRM PROCESS -- STEP A2: ESTABLISH THE EXTERNAL ENVIRONMENT -- STEP A3: ANALYZE THE ORGANIZATION -- STEP A4: IDENTIFYING BUSINESS OBJECTIVES, MEASUREMENT UNITS, AND RISK CRITERIA -- STEP A.5: UNDERSTAND THE INFORMATION ENVIRONMENT -- SUMMARY -- REFERENCES -- Chapter 7 - TIRM Process Stage B: Information Risk Assessment -- INTRODUCTION -- STEP B1: ANALYZE TASKS IN EACH BUSINESS PROCESS -- STEP B2: EXAMINE INFORMATION NEEDED FOR EACH TASK -- STEP B3: IDENTIFY INFORMATION QUALITY PROBLEMS DURING TASK EXECUTION -- STEP B4: IDENTIFY CONSEQUENCES OF INFORMATION QUALITY PROBLEMS -- STEP B5: IDENTIFY FOR EACH CONSEQUENCE THE BUSINESS OBJECTIVES THAT ARE AFFECTED -- STEP B6: EXAMINE EXISTING RISK CONTROLS -- STEP B7: ESTIMATE LIKELIHOOD AND IMPACT OF EACH CONSEQUENCE -- STEP B8: REFINE NUMBERS AND VERIFY RESULTS -- STEP B9: EVALUATE AND RANK INFORMATION RISKS -- SUMMARY -- Chapter 8 - TIRM Process Stage C: Information Risk Treatment -- INTRODUCTION -- STEP C1: ANALYZE CAUSES OF INFORMATION QUALITY PROBLEMS -- STEP C2: IDENTIFY AND DESCRIBE TREATMENT OPTIONS -- STEP C3: ESTIMATE COSTS, BENEFITS, AND RISKS OF TREATMENT OPTIONS.
STEP C4: EVALUATE AND SELECT TREATMENT OPTIONS -- STEP C5: COMMUNICATE THE RESULTS TO STAKEHOLDERS -- STEP C6: DEVELOP INFORMATION RISK TREATMENT PLANS -- STEP C7: IMPLEMENT INFORMATION RISK TREATMENT PLANS -- STEP C8: VERIFY EFFECTIVENESS OF INFORMATION RISK TREATMENTS -- SUMMARY -- REFERENCES -- Chapter 9 - Integrating the TIRM Process within the Organization -- INTRODUCTION -- ROLES AND RESPONSIBILITIES FOR TIRM -- THE RELATIONSHIP BETWEEN TIRM AND EIM -- TIRM INTEGRATED WITH ERM -- SUMMARY -- REFERENCES -- Chapter 10 - TIRM Process Application Example -- INTRODUCTION -- STAGE A: ESTABLISH THE CONTEXT -- STAGE B: INFORMATION RISK ASSESSMENT -- STAGE C: INFORMATION RISK TREATMENT -- SUMMARY -- Part 3 Total Information Risk Management Techniques -- Chapter 11 Risk Assessment Techniques for TIRM -- INTRODUCTION -- BRAINSTORMING -- SEMI-STRUCTURED AND STRUCTURED INTERVIEWS -- DELPHI METHOD -- CHECKLISTS -- MONTE CARLO SIMULATION -- RISK INDICES -- STRUCTURED "WHAT IF" TECHNIQUE -- SCENARIO ANALYSIS -- FN CURVES -- ROOT CAUSE ANALYSIS -- FAILURE MODE EFFECT AND CRITICALITY ANALYSIS -- FAULT-TREE ANALYSIS -- BOW-TIE DIAGRAMS -- RISK MATRIX -- SUMMARY -- Chapter 12 - Software Tools: Automated Methods for TIRM -- INTRODUCTION -- AUTOMATING THE UNDERSTANDING THE INFORMATION ENVIRONMENT STEP -- IDENTIFY INFORMATION QUALITY PROBLEMS DURING TASK EXECUTION -- INFORAS: A RISK ANALYSIS TOOL COVERING STAGE B OF TIRM -- SOFTWARE TOOLS FOR DETECTING AND TREATING INFORMATION RISKS -- CONCLUSION -- REFERENCE -- Chapter 13 - Establishing Organizational Support and Employee Engagement for TIRM -- INTRODUCTION -- ESTABLISH ORGANIZATIONAL SUPPORT AND CHANGING ORGANIZATIONAL CULTURE -- EMPLOYEE ENGAGEMENT IN TIRM -- SUMMARY -- REFERENCES -- Part 4 Conclusion -- Chapter 14 Conclusions and Outlook -- Index.
Abstract:
How well does your organization manage the risks associated with information quality? Managing information risk is becoming a top priority on the organizational agenda. The increasing sophistication of IT capabilities along with the constantly changing dynamics of global competition are forcing businesses to make use of their information more effectively. Information is becoming a core resource and asset for all organizations; however, it also brings many potential risks to an organization, from strategic, operational, financial, compliance, and environmental to societal. If you continue to struggle to understand and measure how information and its quality affects your business, this book is for you. This reference is in direct response to the new challenges that all managers have to face. Our process helps your organization to understand the "pain points" regarding poor data and information quality so you can concentrate on problems that have a high impact on core business objectives. This book provides you with all the fundamental concepts, guidelines and tools to ensure core business information is identified, protected and used effectively, and written in a language that is clear and easy to understand for non-technical managers. Shows how to manage information risk using a holistic approach by examining information from all sources Offers varied perspectives of an author team that brings together academics, practitioners and researchers (both technical and managerial) to provide a comprehensive guide Provides real-life case studies with practical insight into the management of information risk and offers a basis for broader discussion among managers and practitioners.
Local Note:
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2017. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Genre:
Electronic Access:
Click to View