AST Digital Magazine June 2017 Digital-June | Page 53

Volume 13
This means scouring both structured and un-
structured data for potentially sensitive informa-
tion, and assigning repositories for individual in-
formation assets.
After all, if agencies do not know where HVAs
are being kept, how can they adequately protect
them, let alone optimize their compliance, risk
management and redundancy reduction pro-
cesses?
Information maps can help agencies to address
this concern. An information map is a database
that captures an inventory of what systems, ap-
plications and repositories agencies have, where
they are, and who is responsible for managing
them.
June 2017 Edition
As agencies continue to collect more and more
information, the risk of improperly managed
HVAs will only continue to increase.
Every agency needs to take OMB’s advice to
govern their information in an enterprise fashion,
rather than in an ad-hoc fashion.
By continuously updating their information stores
in the context of a larger information framework,
agencies will be addressing several layers of risk,
ranging from improper internal use all the way up
to targeted external cybersecurity threats.
With this tool, agencies will be able to keep tabs
on their information systems and records, identify
sensitive information like PII, PHI or CUI, monitor
the use of assets, gain analytical insight and con-
sistently update information stores.
At the end of this process, agencies should have
a firm idea of their ideal asset management sce-
nario.
Finally, agencies will be ready to put their policy
into action and manage asset-specific concerns
in a timely and continuous manner.
After addressing these steps, agencies will have
laid the necessary groundwork for responsible
governance of HVAs.
They will continue to face challenges associ-
ated with keeping their framework and reten-
tion schedules continuously up-to-date. This will
provide agencies with the quantifiable statistics
needed for compliance trails.
After accomplishing all of this, agencies will have
completed a large majority of the behind-the-
scenes work needed to secure the HVAs under
their control.
From there, they will have the foundation that
they need to further secure their information as-
sets, whether that be additional cybersecurity,
physical controls, or anything in between.
(Keeping up-to-date with compliance with privacy and secu-
rity laws is important for your organization. Find out about
records and information managers’ role in this process.Cour-
tesy of Iron Mountain and YouTube)
About the Author
Tyler Morris is a strategy and product executive
with experience supporting private and public sec-
tor organizations to solve critical business issues,
grow market share, and perform large-scale trans-
formation.
Morris’ expertise includes leading business plan-
ning efforts for complex products, programs and
initiatives including growth strategies, market en-
try, industry evaluation, and IT transformation,
with a demonstrated record of performance work-
ing closely with corporate leadership and project
teams to develop and implement strategic change.
Morris specializes in strategic planning, prod-
uct management, government, market research,
growth strategy, process re-engineering, manage-
ment consulting, organizational design, business
development, customer relationship management,
and coaching.
53