Information Governance

Information Governance
Information Governance

Information governance is a discipline that helps organisations meet their obligations in demonstrating that they are managing their information correctly.

Your organisation, whether it is from the private, public or third sector, has obligations to demonstrate that it is managing its information correctly and addressing any possible risks. Your ability to demonstrate compliance depends on good governance of your information. Information governance is so much more than putting in policies, procedures, technology and controls: It requires a holistic approach that addresses information issues first and foremost.

Metataxis has considerable experience in the area of managing risk related to an organisation’s information. We can help you to govern your information effectively using:

  • Information risk management: delivering the trust required to ensure that any risk to your information assets are identified and a risk mitigation action plan implemented.
  • Information governance audits: auditing how your organisation is using information and the key risk areas that may exist.
  • Information maturity models: providing a maturity framework to assess the current effectiveness of your organisation’s information management governance, and providing a roadmap to identify what information management capabilities need to be developed to improve performance.
  • Compliance: developing internal audit frameworks (such as Data Privacy Impact Assessments) to check staff are managing your information effectively and according to your information assurance guidelines (and in compliance with legal and statutory requirements).

Metataxis consultants have an excellent understanding of the statutory landscape in the UK, EU and elsewhere.  We can advise on your legal requirements, constraints, and best practice.

We can also help with advice on specific requirements, such as:

  • Information inventories: finding out what information your organisation holds is an important step in understanding and managing it.
  • Protective marking: an important component of information security is having a protective marking scheme that your staff can easily understand and implement.
  • Vital information: identifying your organisation’s vital information and associated processes and ensuring they are protected appropriately.
  • Personally Identifiable Information (PII); what constitutes PII and how it needs to be managed.

For help with compliance and to find out how we can assist you with your information governance contact