what is information risk and what should we be doing about it christina somovilla aynsley taylor
Download
Skip this Video
Download Presentation
the Financial Ombudsman Service

Loading in 2 Seconds...

play fullscreen
1 / 17

the Financial Ombudsman Service - PowerPoint PPT Presentation


  • 193 Views
  • Uploaded on

what is “information risk” and what should we be doing about it? Christina Somovilla & Aynsley Taylor. established by the Financial Services and Markets Act 2000 funded by the financial services industry complaints about regulated financial services and products

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'the Financial Ombudsman Service' - keran


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
what is information risk and what should we be doing about it christina somovilla aynsley taylor

what is “information risk” and what should we be doing about it?Christina Somovilla & Aynsley Taylor

the financial ombudsman service
established by the Financial Services and Markets Act 2000

funded by the financial services industry

complaints about regulated financial services and products

can be brought by individuals and some small businesses

we are now around ten times the size we were at the beginning

started out in one building, we now occupy four

the Financial Ombudsman Service
the big issues
the big issues
  • 41% of organizations are not confident that their electronic information is “accurate, accessible, and trustworthy”

AIIM Research, 2013

  • government and third sector lose £29bn a year through poor information management

EDM group research, 2013

defining information risk
defining “information risk”
  • understanding information as a key business asset
  • what value do we give it?
  • how does it compare to other business assets?
what are the risks
what are the risks?
  • two types of loss
  • failing to exploit what we have
  • not understanding its value
  • not understanding its nature
internal and external
our website

sharing directly with other organisations

email

publishing our decisions

our case-handling system

shared drives

email

intranet

internal and external
analogue and digital
analogue and digital
  • old wine in new bottles?
  • applying methodology to all media and formats
  • changing expectations of staff and customers
  • opportunities from digitising content
what we are doing
what we are doing

There are 3 separate strands of work:

  • information security
  • information rights
  • information management…
what we are doing information management
what we are doing: information management
  • Aims
    • Find information quickly and easily
    • Know what information we’ve got and where it is stored
    • Sharing information appropriately
    • Reduce the volumes of information we hold
what we are doing information management1
what we are doing: information management
  • Shared drive – what we had:
    • Unstructured information
    • Difficult to find information
    • Out of date
    • No ownership
    • Lots of duplication
    • Lots of personal data
    • Silos of information
    • No formal permission process
what we are doing information management2
what we are doing: information management
  • Shared drive – what we did
    • Audit
    • File plan
    • Retention schedules
    • Access control
    • Local records officers
    • Shared spaces
    • Awareness raising
    • Monitoring
what we are doing information management3
what we are doing: information management
  • Unfinished job!
  • Expansion = less control
  • Review of file plan
  • Surfacing “lost” information
  • More collaborative workspaces needed
what we want to do
what we want to do

“information risk management”

  • evaluate information
  • identify risks
  • consider likelihood
  • consider impact
  • appropriate and proportionate action
what we want to do1
what we want to do
  • information architecture
  • community of practice
  • join up with other projects and programmes
  • cultural change
ad