Workiva advert Ideagen advert TeamMate

Data protection and information governance

Information governance is to do with the rules that should be followed when we process information. It allows organisations and individuals to ensure information is processed legally, securely, efficiently and effectively. Information governance applies to all the types of information which organisations may process, but the rules may differ according to the type of information concerned.

Information governance is the set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information at an enterprise level, supporting an organisation's immediate and future regulatory, legal, risk, environmental and operational requirements.

It should determine the balance point between two potentially divergent organisational goals: extracting value from information and reducing the potential risk of information. Information governance reduces organisational risk in the fields of compliance, operational transparency, and reducing expenditures associated with e-discovery and litigation response.

An organisation can establish a consistent and logical framework for employees to handle data through their information governance policies and procedures. These policies guide proper behaviour regarding how organisations and their employees handle electronically stored information.


Data breach incidents and response plans

An incident response plan should be incorporated into the audit universe. We look at the features that should be included in the plan.

Read about planning for data breaches


Data protection

A new EU directive on data protection is imminent. Internal auditors need to understand how it will affect their organisation.

Here's what you need to know


Data security in third party agreements

Asking a third party to provide a service or product can deliver important benefits – it also increases exposure to loss, theft and misuse of data. 

Read how to avoid these issues


Content reviewed: 17 January 2017

Technical question?

Name: Email: