2. WHAT IS DATA?
• TO UNDERSTAND THE RISKS OF SOMETHING, YOU MUST UNDERSTAND THE
SUBJECT IN QUESTION, AND ITS PURPOSE
• DATA IS ANY FACT THAT IS USED TO INFORM, CALCULATE, REASON, OR PLAN.
FACTS CAN BE GATHERED, STORED, OR EXPRESSED IN THE FORM OF LETTERS,
NUMBERS, OR SYMBOLS
J. White 2017
3. THE PURPOSE OF DATA
• DATA IS USED TO DIAGNOSE THE HEALTH OF THE ORGANIZATION
• DATA IS USED TO DESCRIBE THE ORGANIZATION
• DATA IS USED TO DISCOVER TRENDS AND DIRECTION OF THE ORGANIZATION
J. White 2017
4. TYPES OF DATA
• STRUCTURED: PROPOSALS, STATEMENTS, AND SPREADSHEETS
• UNSTRUCTURED: NOTEPADS, STICKY NOTES
• PHYSICAL DATA: BOOKS, PAPER, PICTURES
• DIGITAL DATA: JPG, .DOC, .TXT, SQL
J. White 2017
5. DATA QUALITY AND TRANSPARENCY
• QUALITY: ACCURACY AND COMPLETENESS
• TRANSPARENCY: EASILY UNDERSTOOD
J. White 2017
6. DATA SOURCING
• RISKS CAN BE LOWERED WHEN THE ORGANIZATION HAS LESS SOURCES OF
DATA.
• LESS SOURCES, CREATE BETTER CONTROLS
• CONTROLLING YOUR SOURCES, ALLOWS FOR THE RIGHT DATA TO BE SHARED,
WITH THE RIGHT AMOUNT, FOR THE RIGHT PURPOSE
J. White 2017
7. RISK STRATIFICATIONS FOR DATA
• STRATEGIC
• CREDIT
• MARKET
• LIQUIDITY
• OPERATIONAL
• COMPLIANCE
• REPUTATIONAL
J. White 2017
8. DATA SECURITY RISK LEVELS
• THERE ARE 3 SECURITY LEVELS OF DATA
• CONFIDENTIAL
• PROPRIETARY
• PUBLIC
J. White 2017
9. CONFIDENTIAL DATA
• DATA THAT IS INTENDED FOR LIMITED DISCLOSURE ON A NEED TO KNOW BASIS
AND WHEN UNAUTHORIZED DISCLOSURE, LOSS OR CORRUPTION OF THE DATA
ELEMENTS WOULD CAUSE SERIOUS OR A HIGH DEGREE OF DAMAGE
• EXAMPLE: GOVERNMENT REGULATIONS, LEGAL AGREEMENTS, COMPLETIVE
ADVANTAGE
• HRCI-HUMAN RESOURCE INFO
• NPCI-CORPORATE INFO
• NPTI-TECHNICAL INFO
• NPPI-PERSONAL INFOJ. White 2017
10. PROPRIETARY DATA
• DATA THAT IS SHARED ON A NEED TO KNOW BASIS. THIS DATA PRESENTS
LIMITED RISK TO THE ORGANIZATION. DATA MAY BE SHARED OUTSIDE THE
COMPANY, ONLY FOR A BUSINESS NEED
J. White 2017
11. PUBLIC DATA
• DATA THAT IS OPEN TO THE PUBLIC. THIS IS NON PRIVATE IN NATURE.
J. White 2017
12. DATA LIFE CYCLE MANAGEMENT
• HOW IS THE DATA CREATED?
• WHY IS THE DATA CREATED?
• WHAT IS THE DATA PURPOSE?
• HOW IS THE DATA PROVISIONED?
• WHAT IS THE DATA PROCESS PATH?
• WHO TOUCHES THE DATA?
• HOW IS THE DATA ALTERED?
• WHAT MEASURES ARE USED TO CONTROL THE DATA
J. White 2017
13. DATA LIFECYCLE CONTINUED
• WHAT MEASURES ARE USED TO DESCRIBE THE DATA?
• WHERE IS THE DATA STORED?
• HOW LONG IS THE DATA ACTIVE?
• WHEN DOES THE DATA TURN INACTIVE?
• HOW IS THE DATA RECORDED?
• WHAT IS THE LIFE EXPECTANCY OF THE DATA
• HOW IS THE DATA PURGED?
• HOW IS THIS PURGE VALIDATED?
• HOW MUCH COST IS ASSOCIATED TO 1GB OF DATA?
J. White 2017
14. DATA VALUE TO ORGANIZATION
• HOW MUCH COST IS ASSOCIATED TO 1GB OF DATA?
• HOW MUCH VALUE IS ATTRIBUTED TO 1GB OF DATA?
• WHAT IS THE PAST 3 YEAR TREND OF THE COST/BENEFIT RATIO?
• WHAT IS THE FUTURE 3 YEAR TREND OF THE COST/BENEFIT RATIO?
• HOW DO THE DATA RISKS CORRELATE WITH THE DATA LIFE CYCLE?
• WHAT OPPORTUNITIES HAVE NOT BE REALIZED FROM THE DATA?
• WHAT ADDITIONAL OPTIONS DO YOU HAVE FOR STORAGE AND PURGING?
J. White 2017