When IT Meets Politics

Nov 12 2009   12:00PM GMT

From Toxic Liability to Strategic Asset: Unlocking the Value of Information

Philip Virgo Profile: Philip Virgo

Tags:
Asset-centric
Data protection
information assurance
Information governance
Information security
SAS
Security-Centric

There has been much debate on “The Value of Information” and on responsibilities for protecting personal data. Last week the Audit Commission released a report on the need to address the problems of quality in public sector information: “Nothing but the Truth“. Today the Information Society Alliance (EURIM) released a one page summary for political audiences on the need to treat information as an asset in order to prevent it from turning into a liability.

 

This links to a six page status report and micro-site of resources, produced by a working group which has been reviewing the current state of guidance in this area.

 

The one page summary reads as follows:

 

From Toxic Liability to Strategic Asset: Unlocking the Value of Information

 

EURIM has reviewed approaches to managing and exploiting the value of information in a six page report with links to current guidance and reference material. The key points are:

 

1) Treat information as a valuable asset or it will become a toxic liability.

Compared to a ‘security-centric’ approach, an ‘asset-centric’ approach to information management is more likely to succeed in both protecting against abuse and realising value. A culture that sees information as the life-blood of the organisation, alongside finance, people and property, is more likely to adopt and deploy the disciplines necessary to ensure quality and security.

 

2) Quality of service delivery correlates with quality of information management.

Research by the Audit Commission and the private sector shows clear linkages between good information management and improved performance. Poor management leads to inferior performance, higher costs, poor reputation and even loss of life. All reports into public sector data losses and tragedies, such as Baby P, have highlighted systemic information governance deficiencies.

 

3) Treating information as an asset changes visibility, approach and achievable benefits.

The process of creating Information Asset Registers and valuing their content entails involving Chief Financial Officers in scrutiny, governance and benefits assessment. This commonly leads to more efficient management and use of information, including the removal of duplication and waste. There are, however, issues regarding the supply and availability of those with the necessary information management skills.

 

4) Parliament should require impact assessments covering the opportunities and intentions for exploiting the creation of any new information systems or the innovative use of existing ones.

Those for new systems should include clear statements as to why these would be better and less costly than extending the scope and improving the quality, security and availability of existing systems.

 

5) All public sector bodies with their own systems should have Information Asset Registers.

The National Audit Office and Audit Commission should define common standards for valuation, quality and performance measurement and audit, in co-operation with professional bodies, trade associations and prospective private sector partners.

 

6) The Knowledge Council should develop and disseminate good practice guidance.

The Council is a neutral focus for collecting and publishing good practice in information asset management. They should coordinate contributions from the National School of Government, professional bodies, trade associations, academic institutions and suppliers.

 

7) EURIM should work with its members and others to help educate the new intake of MPs on the critical importance of good information governance to policy formation and public service delivery.

 

The EURIM Press release quotes Professor Jim Norton, who chaired the group that produced the report, as saying: “Treating information as the very valuable asset it increasingly is, provides a ‘win-win’ situation. It helps establish a culture where information is valued and exploited appropriately and at the same time provides the incentives for a more responsible approach to security and quality.”

 

Dave Waltho, Head of Government Affairs, Public Sector (SAS) who, with Professor Chris Higson of London Business School produced the status report and identified the material for the micro-site, is quoted as saying “What we don’t value, we don’t take care of. All organisations acknowledge the importance of measuring, protecting and optimising the potential value of pounds or property, yet most do not apply the same disciplines to their information – a strategic asset of at least equal importance.”

 

This paper addresses the second of the six threads in the Information Society Alliance programme that was launched after the Director’s Round table on Information Governance almost exactly a year ago:

 

  • Basic Principles: organising the multi-media competition described in my blog yesterday to educate the untimate in influence-rich, time poor audiences (politicians) on the need to balance usefulness, usability, accuracy, timeliness and security in looking at the systems that are to support and help deliver their objectives  
  •  
  • Quality: as addressed in the Audit Commission report on “Nothing but the Truth“, where private sector decision-takers need to realise how much errors and distortion are costing them in wrong choices, wasted resources and lost business, and their public sector equivalents need to add the cost in suffering and even death
  • Value: the case for addressing quality and security issues – hence the paper released today
  • Secure sharing: including rationalising the jungle of protocals and standards that get in the way of sharing but often do little, or nothing, to prevent abuse – whether by insiders, those blagging their past under-trained or over-stressed staff or those hacking their way through insecure on-line services
  • Security by Design: the means of reducing or removing vulnerabilities and ensuring sysems and services are fitter for purpose. This sub-group group is reviewing what will hopefully be the penultimate version of its report tomorrow       

  • Identity Governance: where centuries old tensions between Government who wish to know who they can tax or conscript and Bankers who wish to organise transactions between those who have never met and have no wish to be taxed or conscripted have been compounded by snake-oil salesmen who want us to believe that the Internet changes everything.
  •  

     

     

     

     Comment on this Post

     
    There was an error processing your information. Please try again later.
    Thanks. We'll let you know when a new response is added.
    Send me notifications when other members comment.

    Forgot Password

    No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

    Your password has been sent to:

    Share this item with your network: