Data Protection Officer |
7
home,page-template,page-template-full_width,page-template-full_width-php,page,page-id-7,ajax_fade,page_not_loaded,,qode-title-hidden,qode_grid_1300,footer_responsive_adv,qode-theme-ver-12.0.1,qode-theme-bridge,wpb-js-composer js-comp-ver-5.4.2,vc_responsive

We specialize in implementing Information Governance management protocol for organizations. With over 15 years experience in managing information governance protocol.

We describe the protocol as the holistic and end to end approach to managing information assets and achieve our objectives by creating tools, implementing processes, defining roles and responsibilities to transform your organization’s information management regime.
This protocol becomes a living and breathing entity that your organization maintains on an ongoing basis. The purpose of the Information Governance protocol is to formally establish your organization’s strategy toward compliance and Information Governance. This protocol supports, Information Security (ISO27k), GDPR and PCI DSS.

Gap analysis – Scope Definition and management statement

Roles and Responsibilities

 Information Governance Steering Committee – to meet every quarter
 Information Governance business key stakeholders – every business unit would have one
 Information Risk Management – project and change management process
 Information Asset Management – asset management
 Records Manager – asset database
 Supplier management – 3rd parties
 Employees

teamleader
a

Information governance Policies

 Information security policy
 Payment compliance policy
 Risk review policy
 Risk and change management/privacy impact assessment
 Records management policy
 Retention and disposal schedules
 Archiving policy
 Data privacy policy
 ICT policy
 Third party policies
 Information sharing policy
 Remote working policy
 Incident management policy

Information Procedures

 Legal and regulatory compliance review at project and change stages
 Creating and receiving information – customer and 3 rd party engagement
 Acceptable content types – asset type and
 Managing the volume of information – volumetric
 Managing personal information –
 Storing and archiving information
 Collaboration and sharing information
 Disposing of information
 Project funding and review gates for review and approval

storage2

3rd parties

 Creating your 3rd party service catalogue
 Define the policies for sharing information with third parties
 Create a database of 3rd parties and the information assets
 Define how the organisation can manage how third parties handle personal and confidential information
 Define how Information Governance fits within supplier relationships and contractual obligations
 Define measurement and metrics for third party meeting the organisation’s Information Governance goals

Disaster Recovery, Contingency and Business Continuity

 Reporting information losses
 Reporting information security breaches
 Incident management and escalation
 Back up and disaster recovery
 Business continuity management

Auditing, reporting and Review

 Monitoring information access and use
 Monitoring effectiveness of regulatory compliance
 Monitoring the effectiveness of information security policy and procedure
 Monitoring of ICT and storage infrastructure performance
 Risk assessment and auditing
 Information Governance review

Information Governance protocol API

APIs are needed to interface the protocol into your organisation as it currently exist. The APIs will allow us to be able to automate the protocol into a dashboard, making it easier to manage
your information governance protocol.

The aim of this protocol is to enable your organisation to better manage your information asset and to enable the assimilation of the protocol into your day to day business as usual operation.

For more information,

Email ben.oguntala@dataprotectionofficer.com

Telephone 07812039867