You are here

Information Governance

Printable versionSend by emailPDF version

All data created is not of equal value, yet we share and store it as if it were. As the unit cost of storing data decreases, organizations’ approach to information governance has become overwhelmed, storing more and more data regardless of its usefulness or relevance. In fact, up to 70 percent of data stored may consist of redundant, obsolete or trivial information and have no business value. This of course results in not only an overall increase in cost, but also risk.

The rulebook is now fundamentally changing with the General Data Protection Regulation (GDPR) shining a spotlight on the unmanaged dark data silos that challenge all entities. Personal data stored outside of regulated or controlled repositories can be seen as a ticking time bomb and potentially lead to a fine of up to €20 million or 4 percent of global turnover.

At Alvarez & Marsal (A&M), we assist clients in assessing their data landscape to determine where value truly resides, and identify the personally identifiable information (PII) that regulators will be targeting. We analyse the disparate dark silos of unstructured, structured, web and social information to give clients full insight into their data repository.

The A&M approach is to assist in developing a strategy in line with business needs to enable compliance with the complex regulatory landscape while minimizing the costs and risks of excessive data storage. Whether its assessments for GDPR, data maps for the regulatory landscape or data remediation to reduce the risk and cost of dark data silos, A&M’s global team can help design and deliver customized programs in the context of your overall information governance strategy.

Perspectives and Guidance

Preparing for GDPR: Overview of the E.U.'s General Data Protection Regulation [INFOGRAPHIC]
GDPR – The New Driver for Good Information Governance

Specific components of data governance planning that A&M can assist with include:

Risk and cost reduction in the corporate data landscape:
  • Content assessment, remediation and data management
  • Data assessments
  • Legacy data clean-up
  • Highly Confidential Information (HCI)
  • Data migrations
  • Mergers & Acquisitions
  • Divestitures
  • Risk reduction
  • High value data
  • Storage moves/ decommissioning
  • Early case assessment
  • Archiving
  • Data leakage
Information Governance Implementation: General Data Protection Regulation (GDPR):
  • Detailed data state assessment
  • Gap and risk analysis
  • Governance plan
  • Operational implementation
  • Review & Reporting
  • Detailed data state assessment
  • Data mapping
  • Identify PII and sensitive data
  • Gap and risk analysis
  • Privacy Impact Assessment (PIA) & Data Protection Impact Assessment (DPIA)
  • Governance plan
  • Operational implementation
  • Review & reporting
  • GDPR oversight role