- What information are we collecting?
- Where and how are we collecting it?
- Who owns it?
- Who has access to it?
- What are we doing with it?
- What would be the impact to the organization if it got into the wrong hands?
- What controls are in place?
- Are efforts to safeguard the information commensurate with its worth?
- Are we gathering unnecessary information that represents potential risk without opportunity for reward?
- Are we maximizing the value of what we collect?
- Could information have more value if we loosened restrictions on it?
Source: Lock It Up or Set It Free? by Ted DeZabala | Deloitte Review, Issue 6
Subjects: IT Questions, Risk Management Questions
There Are No Comments
Click to Add the First »
Click to Add the First »