What is information risk and what should we be doing about it christina somovilla aynsley taylor
This presentation is the property of its rightful owner.
Sponsored Links
1 / 17

the Financial Ombudsman Service PowerPoint PPT Presentation


  • 137 Views
  • Uploaded on
  • Presentation posted in: General

what is “information risk” and what should we be doing about it? Christina Somovilla & Aynsley Taylor. established by the Financial Services and Markets Act 2000 funded by the financial services industry complaints about regulated financial services and products

Download Presentation

the Financial Ombudsman Service

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


What is information risk and what should we be doing about it christina somovilla aynsley taylor

what is “information risk” and what should we be doing about it?Christina Somovilla & Aynsley Taylor


The financial ombudsman service

established by the Financial Services and Markets Act 2000

funded by the financial services industry

complaints about regulated financial services and products

can be brought by individuals and some small businesses

we are now around ten times the size we were at the beginning

started out in one building, we now occupy four

the Financial Ombudsman Service


The financial ombudsman service1

the Financial Ombudsman Service


The big issues

the big issues

  • 41% of organizations are not confident that their electronic information is “accurate, accessible, and trustworthy”

    AIIM Research, 2013

  • government and third sector lose £29bn a year through poor information management

    EDM group research, 2013


In the public imagination

In the public imagination


Defining information risk

defining “information risk”

  • understanding information as a key business asset

  • what value do we give it?

  • how does it compare to other business assets?


What are the risks

what are the risks?

  • two types of loss

  • failing to exploit what we have

  • not understanding its value

  • not understanding its nature


Internal and external

our website

sharing directly with other organisations

email

publishing our decisions

our case-handling system

shared drives

email

intranet

internal and external


Analogue and digital

analogue and digital

  • old wine in new bottles?

  • applying methodology to all media and formats

  • changing expectations of staff and customers

  • opportunities from digitising content


What we are doing

what we are doing

There are 3 separate strands of work:

  • information security

  • information rights

  • information management…


What we are doing information management

what we are doing: information management

  • Aims

    • Find information quickly and easily

    • Know what information we’ve got and where it is stored

    • Sharing information appropriately

    • Reduce the volumes of information we hold


What we are doing information management1

what we are doing: information management

  • Shared drive – what we had:

    • Unstructured information

    • Difficult to find information

    • Out of date

    • No ownership

    • Lots of duplication

    • Lots of personal data

    • Silos of information

    • No formal permission process


What we are doing information management2

what we are doing: information management

  • Shared drive – what we did

    • Audit

    • File plan

    • Retention schedules

    • Access control

    • Local records officers

    • Shared spaces

    • Awareness raising

    • Monitoring


What we are doing information management3

what we are doing: information management

  • Unfinished job!

  • Expansion = less control

  • Review of file plan

  • Surfacing “lost” information

  • More collaborative workspaces needed


What we want to do

what we want to do

“information risk management”

  • evaluate information

  • identify risks

  • consider likelihood

  • consider impact

  • appropriate and proportionate action


What we want to do1

what we want to do

  • information architecture

  • community of practice

  • join up with other projects and programmes

  • cultural change


The financial ombudsman service

Q&A


  • Login