5.6 Data, information and digital knowledge management
As well as the security of our systems, we also need to think about the security of the information we have, how we protect it and how we share it.
It is important to understand that data and information is not restricted to just documents, but it is content that is used in any system, asset or communication that exists digitally or physically.
Information is normally grouped into the following classifications: unclassified, internal, confidential. You should understand your responsibilities for how you handle information and data within these areas, which are part of the Information Classification Software for ISO 27001 [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] .
| Unclassified | Internal only | Confidential |
|---|---|---|
| The information is not particularly valuable, nor is the organisation required to protect it. It can be accessed by anyone for any purpose, including release to the public or clients. It may include press releases, job vacancies, and so on. | The information has value internally and may have some value to competitors. It may be distributed freely to anyone within the organisation. It may include internal memos, employment data, contract information, and so on. | The information has significant value and there may be legal requirements for its protection. Access is limited to designated roles or tiers within the organisation. It may include intellectual property, customer payment details, long-term strategic planning, and so on. |
Source: IT Governance (n.d)
Information therefore has value: it is essential, then, that you understand digital knowledge management. Digital knowledge management is the process for identifying, capturing, organising, storing, and sharing digital information effectively so that it is easily accessible for all those who require access. The right metadata (data about the data) is also needed to enable computer-automated tools to access – or search – the assets.
In the video Nicola Askham, The Data Governance Coach, explains what is meant by data management, and the consideration for managing data.
Download this video clip.Video player: hyb_5_2022_sept111_managing_data_compressed.mp4
Transcript
NICOLA ASKHAM
Data management is an interesting topic. Because everybody likes to think it's just one thing that we do to manage our data and make it better. Managing data is vitally important for all organisations. Because when you think about it, data is the lifeblood of every organisation, whether it's understanding how many students you've got over your university to how many parts you're making if you're a manufacturer, but also understanding what you need to support whatever it is your organisation does.
And if you don't manage your data well, there's every chance that you could make decisions based on that data that could be to the detriment of your organisation. I've worked with many clients over the years that have made quite catastrophic decisions. And they didn't make them because they were bad people or stupid people. They just made it because they believed that the report they'd been given contained the correct data, and they made what they felt was the best decision in the circumstances. But with the benefit of hindsight turned out to be not the right decision.
The impact of COVID on data management has been really interesting. I'd say the first few months, a lot of organisations almost like stop thinking about their data because they went into panic mode, and how are we going to survive with everybody working at home? And then I think it became really obvious to them that they were having to make decisions that were perhaps going to impact the survival of their organisation during the pandemic.
And at that point, we were expecting a recession. So, they were having to make decisions that are really going to count for the survival of their organisation. And a lot of organisations have really upped the game on data management. So, I think it was quite interesting that this hybrid working and people working in different ways has really changed things.
And I think it's really help people understand the need to document your understanding of your data. Because, before you could be sitting next to somebody and you could turn to them and say, what's this data? Or am I allowed to use it? Or what does this mean? Does this look right? Now, everybody's isolated and working at home.
And what you may have turned to your neighbour and asked, you're not necessarily going to jump on a Teams call and ask them. So, I think it's made people understand the value of data management. And I think it's really put a focus on it, and actually, in a good way. And it's increased the level of data management that I'm seeing across many sectors.
I think that remote working hasn't really changed how you do data governance. But what I think it has done is actually made it harder to progress in your organisation. Because an awful lot of data governance is based on a culture change and a mindset change. People understanding that their data is an asset and managing it as such. And that is so much easier to influence if you're in person. Building a data culture when you're working remotely is even harder when you're on site and with people in front of you. And I always say, even before the pandemic, that what you really have to do is have a formal communications and training plan. We can't leave this to chance.
And this means that we have to make sure that everybody in our organisation is getting the message that data is an asset. Now, this isn't one message. Because the message you're going to deliver to your senior stakeholders, like your directors, they're going to be interested in, how is data governance and managing data as an asset going to help them support your organisation's objectives. But the person who's very junior in your organisation, who's likely to be entering some of the data in the first place, doesn't care about you meeting your strategic objectives.
So, we've got to explain to them how it affects them, and what it means to them, and why it's important to get it right. And that's why I think that doing the communication side is absolutely vital to successful data literacy and data governance. Data has such an impact on a customer's experience, whether they're a student and learning online or whether they're a customer that you want to buy off of you.
And this is why it is so important to get the data right. Because if you were, say, a university, and you're timetabling data is not very well captured, you might find that students are turning up for lessons that are not being taught at that point. That's not a good experience for the student. And it's the same thing in the corporate world.
You could be trying to sell more things to your customers. But to do that, you've got to have good data about them. Or even a lot of organisations are embarking on digital transformation programmes because they're trying to save money. Let's be honest. A lot of what comes behind such programmes is efficiency and cost saving.
A lot of organisations just dive into what can we digitise, what could we make quicker and easier without thinking about the data. But digital transformations are normally trying to automate processes, speed things up, make things better. And I'm biased, but I think that data underpins all of those things. So digital transformations always require data.
And they always require data to be managed well. Unfortunately, I've seen a lot of organisations dive into digital transformation, because they want the efficiencies, they want the cost savings, and they want to perhaps deliver a better experience for their customers. And they don't think about the data.
In an ideal world, you would have started doing data governance and managing your data more proactively before you even started doing a digital transformation programme. Sadly, most people don't. And I think if you don't have a really good programme in place for that already, you should be doing that as part of a digital transformation because it just won't be successful without it.
Interactive feature not available in single page view (see it in standard view).