Saturday, December 7, 2019

Information Governance Practices and Related Trends

Question: Discuss about the Information Governance for Practices and Related Trends. Answer: Introduction This assessment will critically analyze the Information Governance practices and related trends by using two journal article sources. According to an article given by Wilkin and Chenhall (2010), the Information Governance is a cross-disciplinary approach that an organization uses to maximize the value of their information system by reducing the costs and risks through a sequence of activities and technologies. Another article byKooper, Maes, and Lindagreen (2011) states that the Information Governance comprises of the rules, legislations, regulations, information standards, metrics and policies that the organizations are required to comply while creating, sharing and using information. Critical Evaluation of Information Governance The information Governance includes an accountability framework to create a desirable behavior in the valuation, creation, usage, storage, archival and deletion of information. The first Article shows that the Information Governance is important to avoid the organizations from the fraud due to security controls and inadequate privacy, and poor quality of data. It holds controls, responsibility, accountability, authority of information system. The Information Governance is aimed at obtaining the information fairly and lawfully, holding the security and confidential of data, recording the information accurately and reliably, using the data ethically and efficiently, and finally, sharing the information appropriately and legally. Another article evaluates that the objectives of Information Governanceare associated with accountability, transparency, credibility of information system through high operational excellence and better information governance. It is aimed at producing an ongoing record of organizations information management systems and processes. The information Governance is focused on gaining consistence in the information compliance by following th e regulatory framework and legislations of the Australian Government(American Accounting Association, 2010). It protects the interests of the stakeholders by informing them through continuous information infrastructure system. The First article evaluates that the Information Governance provides an appropriate structure to the organization that links the IT processes, IT resources and information to the organizational goals and structures. It introduces the new ways of planning, acquiring, organizing, directing, controlling, delivering, supporting and monitoring IT performance.It empowers the employees by enabling them to respond to the growing environmental challenges. The second article evaluates that in some Australian organizations, the information governance fails because of the insufficient organizational commitment, lack of clear purpose, organizational change management and political instability, and inability to coordinate and design information governance. Along with this, it is not person specific or organization because the scope of information governance extends beyond the organizationalboundaries as it comprises of global laws as well as local Australian laws and regulations(Wilkin and Chenhal l, 2010). As per evaluations from the first article, it is identified that the Audit plan is referred as a process of designing an internal control system, information compliance through designed control system, and evaluation of efficiency of information control system.The Information governance audits can be classified into different categories including information audits, quality audits, operational audits, application audits, physical access units and logical access units. The information audit verifies the information produced/analyzed/processed/exchanged by the information system. The operational audits verify the effectiveness and adequacy of the information and ensure its availability for the business operations. The quality audit containsquality of data by including various dimensions of information design usage and control. The General controls audit includes the supervision and control of the management on information processing and hold it either operational or information complia nce based. The application audit analyzes the audits for the application system to be used in the information management. The physical access unit considers the physical audits to access to the corporate objectives for the organization(Khatri and Brown, 2010). The logical access audits includes access to better information management control for connecting the different organizational activities, processes and people by using the interconnectivity of computer system, intranet, extranet, and internet sources. Another article states that the audit planning process analyzes whether the task or project is implemented against the set information standards. The auditing process presents report on adequacy and applicability of operational standards. The auditing process provides an extent of compliance with corporate standards. It provides adequacy and application of system development standards and effectiveness of application systems. The Audit planning process contains the sequence of tasks to be performed, allocation of tasks to the auditors, and commencement of task. The audit planning process ensures the availability of the information through using computer sources(Kooper, Maes and Lindgreen, 2011). An efficient audit plan seeks the approval of the stakeholders, establishing the key performance objectives, identifying key performance indicators, assessing risks and threats for the optimum performance results, selecting the cross-disciplinary team, coordinating audit with other works, rev iewing all documents, develop audit measurement and conduct audit tests. The first article evaluates that the auditing plan requires developing the audit programs and prepares audit report for making improvements or modifications in the information management and controls. The performance of auditing plan also depends on the final auditing report as it should be clear, concise, informational, specific, and timely for attaining better results. The skills, experiences, and knowledge of the auditing team are also imperative for creating value to the organization.From the reviews of another article, it is identified that the auditing process is a typical organizational process which requires the computer assisted auditing tools, accounting knowledge, information management and data analysis skills, interpersonal skills, data reporting, Information security controls, system analysis skills, computer programming and auditing knowledge, information system and auditing software, and business analytical skills for the better auditing results and accountability of information systems. The Information System Quality assurance emphasizes the role of audit team and IS departmental members in assessing whether the IS audit is technically competent to provide the technical information to the organizational members and stakeholders by covering all areas of information system management and auditing. From the reviews of another article, it is evaluated that the auditing process should be subjective, learner-oriented, technical feasible, analytical, and practical that requires pre-planning for audit, data analysis and report, effective auditing tools and procedures, and follow up process for attaining better performance results. There are different types of risks associated with the organizational information system management and auditing process including technical risk, control risks, auditing risk, internal risk, and informational risks that should be managed by the IT/IS team to provide better accountability of information and effective management of business operati ons. The risks for the information sources and auditing process include security and privacy of data, excessive informational costs, fraudulent or hacking, robust management decisions, technical or server errors, disclosure of the information to others, and failure of the organizational information system to comply with the informational legislations and standards (Robinson, 2007). The risk assessment provides a framework for the effectiveness of risk management process by reducing the cost and threats involved in the information system management and auditing process. The risk management holds control on quality information by assessing the risk factors and external environmental threats. The Information Governance provides a legal framework for the management of the information sources. It is associated with meeting the informational and technological needs of an organization as well as its stakeholders in a legally and controlled environment. IS/IT control assists to create a technological infrastructure plan to provide the technological direction to support the business operations and activities. The IT project management is the application of skills, knowledge, tools, capabilities, and methods for implementing the project activities in order to meet the informational needs of different organizational stakeholders. The corporate code of conduct includes a directive control on the informational sources and ensures the accountability, honesty, integrity, security, morality, accountability, equality, and loyalty of the organizational information system (Haes, Wim and Grembergen,2009). The copyrights, patents, and trademarks are the organizational intellectual property rights that provide the security for the firms from the copyright violation, patent usage, stolen, or hackings, and insecurity of firms trademarks. The information privacy legislations provide the security of data and important information from being misused by others by ensuring the security of data. Conclusion The above evaluations from the both of articles conclude that an effective information governance structure in Australia is required for the organizations for linking the organizational information system and auditing process to comply with the local rules, legislations and regulation policies of the Australian government as well as global legalities. References American Accounting Association (2010).Value Relevance of FAS No. 157 Fair Value Hierarchy Information and the Impact of Corporate Governance Mechanisms,Journal of Information Corporate Governance, Vol. 85, Issue 4. Haes, D., Wim, S. and Grembergen,V. (2009) Moving From IT Governance to Enterprise Governance of IT,ISACA Journal, Vol. 3. Khatri, V. and Brown, V. C.(2010). Designing Data Governance,Communications of the ACM, Vol. 53, Issue 1. Kooper, M. N. R., Maes, E. E. O. and Lindgreen, R (2011). On the Governance of Information: Introducing a New Concept of Governance to Support the Management of Information,International Journal of Information Management, Vol. 31, no. 3. Robinson, N. (2007). The Many Faces of IT Governance: Crafting an IT Governance Structure, Information Systems Control Journal, Vol. 1. Wilkin, L. C. and Chenhall, H. R. (2010).A Review of IT Governance: A Taxonomy to Inform Accounting Information Systems,Journal of Information Systems, Vol. 24, No. 2, pp. 107-146.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.