1 / 64

Digital Continuity: An introduction

Digital Continuity: An introduction. Digital continuity…. The ability to use your information in the way you need for as long as you need. Information is usable if you can…. Find it when you need it Open it as you need it Work with it in the way that you need to

hammer
Download Presentation

Digital Continuity: An introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Digital Continuity:An introduction

  2. Digital continuity… The ability to use your information in the way you need for as long as you need

  3. Information is usable if you can… • Find it when you need it • Open it as you need it • Workwith it in the way that you need to • Understand what it is and what it’s about • Trust that it is what it says it is

  4. It does make the headlines…

  5. We haven’t made this up… • “Any electronic data degrades over time. Some of this information is more than 20 years old. I'm not even sure that the xxx still has the tools needed to retrieve data from that era. You're talking about technology that would qualify as museum pieces now.” • “The transition to the new system has, however brought to light discrepancies in our existing records and this is resulting in a number of incorrect notices being issued. “ • “The only evidence beyond surmise that Dept X rely upon to support their assertion that the document is not held, is their failure to locate it. “ • “Transfer of records from Dept Y to Depts Z and A has resulted in two scenarios that have effectively rendered metadata captured in the EDRMS as lost.”

  6. Digital information is vulnerable… • Risks are inherent in change • Organisational change • Technology change • Process and policy change in how information is managed

  7. The impact of change… • information ownership becomes unclear - risks are missed or unmanaged • information is not disposed of appropriately • information is not migrated to new technologies effectively • information is trapped in legacy IT systems – or locked in a format that can’t be opened or used • information is no longer understood by the organisation – or cannot be trusted

  8. Why it matters… • Efficiency and effectiveness • Transparency and accountability • Managing information risk

  9. Managing digital continuity… Plan for action Define what you need Assess and manage risks Maintain digital continuity

  10. The Digital Continuity Service… • Guidance • Risk Assessment Self-Assessment Tool • Procurement Framework • DROID

  11. Stage 1: Planning

  12. Managing digital continuity… Plan for action Define what you need Assess and manage risks Maintain digital continuity

  13. Plan for Action… • Key roles understand risk and responsibilities • SRO for digital continuity • Multi-disciplinary team • Embed approach in business as usual

  14. Role of the SRO… • Champion digital continuity • Lead action to manage risk and embed • Co-ordinate across disciplines • Prioritise resources • Escalate issues

  15. Introducing DoRA… • You are the SRO • Who do you need to be involved in managing digital continuity? • What are their drivers for taking action?

  16. Roles and responsibilities… • SIRO and information risk management • IAOs • Information assurance • Information management • Information technology • Change and project management

  17. Stage 2: Define Requirements

  18. Managing digital continuity… Plan for action Define what you need Assess and manage risks Maintain digital continuity

  19. Technical Environment Information Assets Digital Continuity Business Needs

  20. Technical Environment Information Assets Digital Continuity Business Needs

  21. Technical Environment Information Assets Business Needs

  22. Technical Environment Information Assets Business Needs

  23. Technical Environment Information Assets Business Needs

  24. Technical Environment Information Assets Business Needs

  25. Technical Environment Information Assets Business Needs

  26. Understand what information you have and how it’s managed… • What information do you have? • Where is it? • How is it organised and managed? • Have you defined all your information assets?

  27. Understand what information you have and how it’s managed… • An information asset is a body of information defined and managed as a single unit so that it can be understood, shared, protected and exploited effectively

  28. Understand how you need to use your information… • Who needs to be able to find it? • What do they need to be able to open it? • How do they need to work with it? • Can they understand what it is and what it is about? • Can they trust that it is what they think it is?

  29. Understand your technical environment… • What IT systems do you have? • What is their lifecycle? • What hardware are they reliant on? • What is their lifecycle? • What file formats is your information in? • What storage media are you using?

  30. Define what you need for digital continuity… Usable = complete + available

  31. Documenting what you know… • Information Asset Register • Configuration Management Database • Maintenance as important as capture

  32. Understanding DoRA… • You have to build an: • Information Asset Register • Configuration Management Database • What information do you need to capture? • How can you maintain the relationships between the information assets and technology?

  33. IAR CMDB • Name and description • Owners and users • Retention period • Usability requirements • Technology dependencies • Lifecycle • Support and warranties • Dependencies and relationships • Owners and users • Information assets

  34. Over lunch…. • Questions • Confessions • DROID demo

  35. Stage 3: Risk Assessment

  36. Managing digital continuity… Plan for action Define what you need Assess and manage risks Maintain digital continuity

  37. Technical Environment Information Assets Digital Continuity Business Needs

  38. Identify your risks (and opportunities)… • Do you know what information you have, where it is, what it’s for? • Does the way you manage your information and IT environment keep your information usable as you need? • Are there opportunities to get rid of information and technology you don’t need?

  39. Risk assessment… • You can assess your whole organisation • You can assess risks to particular assets – perhaps at point of change • Regularly review and update risk assessments

  40. Risk assessing DoRA… • What risks to digital continuity is DoRA facing? • How can you mitigate against them? • Can you identify just FIVE mitigations to address all of the risks you’ve found? • Feedback: What is your highest priority mitigation and what risks will this address?

  41. Mitigation strategies… • Change your : • technology • information • policies and procedures • Governance • And test for continuity

  42. Stage 4: Maintaining

  43. Managing digital continuity… Plan for action Define what you need Assess and manage risks Maintain digital continuity

  44. Maintain your digital continuity… • Plan for change • Build your digital continuity and usability requirements into your plans and processes • Manage your IT and information for future flexibility and agility • Manage digital continuity through change • Change Projects to assess impact on information

  45. Technology Change at DoRA… • Supplier is withdrawing support for BlackHole 2.0. • Three choices of what to do now: • Keep using the legacy system • Buy an off-the-shelf product • Build another bespoke system • Assess the risk to digital continuity of your information from each option • Identify potential mitigations in each case • Feedback - Decide what option you would choose and why

  46. Assessing the risks… • Legacy technology hard to maintain – risks increase over time • Bespoke technology becomes legacy eventually • Bespoke technology requires specialist knowledge to maintain • Off-the-shelf may not meet all business needs • Off –the-shelf might still bring interoperability issues – can you migrate data in?

  47. Organisational change at DoRA… Review of ALBs prompts reorganisation of DoRA with its agencies being closed, transferred or merged. • Assess the risks to digital continuity from these changes • Identify possible mitigations in each case • Decide how you will tackle the operational process of managing this change • Feedback – what are the key elements of your action plan?

  48. Managing change … • Think about prevention and preparation for change • Manage the process • Learn lessons • Key things to remember: • Ownership • Usability requirements • Relationships between technology and information • Knowledge and skills needed • Mapping policies and procedures • Maintaining governance

More Related