{"id":1423,"date":"2016-03-20T14:22:49","date_gmt":"2016-03-20T13:22:49","guid":{"rendered":"http:\/\/informationgovernance.ch\/en\/?p=1423"},"modified":"2023-08-15T11:15:39","modified_gmt":"2023-08-15T09:15:39","slug":"information-governance-an-information-security-discipline","status":"publish","type":"post","link":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/","title":{"rendered":"Information Governance \u2013 an Information Security discipline?"},"content":{"rendered":"<p><strong>There is no clear hierarchy between Information Security and Information Governance.\u00a0<\/strong> Here are the five main reasons, why Information Governance needs to lead the practice of the modern digital enterprise:<\/p>\n<ol>\n<li>Security is important, however with Information Security, nobody will ever gain competitive advantage. <strong>Security<\/strong> plays an important role in the <strong>defensive part of the strategic quadrants<\/strong> (<a href=\"https:\/\/krm.swiss\/en\/publications\/new-guide-to-information-governance-2nd-edition-2021\/\" target=\"_blank\" rel=\"noopener\">1<\/a>), it will never be able to generate a bottom line result for the organization. In our understanding, Information Governance covers several disciplines such as information management, information risk management (information security) and IT governance.<\/li>\n<li>All risk management methods are based on the assumption that <strong>organizations protect all (vital) data within their\u00a0ownership. <\/strong>In reality, 90% of all organizations have no idea what they actually own (we talk about information = data). So number one priority must be to identify information based on conformance and performance criteria. Therefore Information Governance is a key discipline to deliver input to risk management.<\/li>\n<li>Security professionals are focused on security issues. <strong>They neglect the importance of information in the business context.<\/strong> Example: The traditional classification schemes are still based on the CIA approach (Confidentiality, Integrity, Availability) of data. But the true value of information has an additional set of intrinsic and extrinsic factors, the most important being: Value of information, trustworthiness, obligational (legal)\u00a0 value and timeliness. A modern classification scheme must include these criteria.<\/li>\n<li>Security is still <strong>too much focused on prevention and correction<\/strong>. Although detection has become more important, mainly because of the advanced persistence threats, ransomware and other more recent risk scenarios, classic technology driven IT security methods still dominate the industry (Firewalls, disaster recovery, authentication, encryption). The value of information becomes an important factor and will be one of the key disciplines to address important risk. Security must follow a risk based approach and to that successfully, the only way is by identifying important data and protect it accordingly.<\/li>\n<li>As defined in 1., information security is a typical part of risk management. Thus information security might be part of the strategic layer of management. In most cases, however, it will be part of the operational layer. <strong>Information governance is an umbrella discipline,<\/strong> which should be positioned on board (normative) level, if the organization&#8217;s core business is the management of information. If we take the example of the \u201cChief Digitization Officer\u201d, his\/her role would include all aspects of Information Governance, including information security as a sub-discipline combined with data privacy.<\/li>\n<\/ol>\n<p>(1) see\u00a0<a href=\"https:\/\/krm.swiss\/en\/publications\/new-guide-to-information-governance-2nd-edition-2021\/\" target=\"_blank\" rel=\"noopener\">http:\/\/informationgovernance.ch\/en\/offers\/practitioners-guide-information-governance\/<\/a>\u00a0(page 38ff german version)<\/p>\n<p><a href=\"\/wp\/wp-content\/uploads\/2016\/02\/Conformance-Performance-Strateg-Positioning-E_CKRM.png\" rel=\"attachment wp-att-936\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-936\" src=\"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/02\/Conformance-Performance-Strateg-Positioning-E_CKRM-800x532.png\" alt=\"Conformance Performance Strateg Positioning E_(C)KRM\" width=\"800\" height=\"532\" srcset=\"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/02\/Conformance-Performance-Strateg-Positioning-E_CKRM-800x532.png 800w, https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/02\/Conformance-Performance-Strateg-Positioning-E_CKRM-768x511.png 768w, https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/02\/Conformance-Performance-Strateg-Positioning-E_CKRM-1600x1064.png 1600w, https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/02\/Conformance-Performance-Strateg-Positioning-E_CKRM-220x146.png 220w, https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/02\/Conformance-Performance-Strateg-Positioning-E_CKRM-50x33.png 50w, https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/02\/Conformance-Performance-Strateg-Positioning-E_CKRM-576x383.png 576w, https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/02\/Conformance-Performance-Strateg-Positioning-E_CKRM-113x75.png 113w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>There is no clear hierarchy between Information Security and Information Governance.\u00a0 Here are the five main reasons, why Information Governance needs to lead the practice of the modern digital enterprise: Security is important, however with Information Security, nobody will ever gain competitive advantage. Security plays an important role in the defensive part of the strategic [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1428,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[20],"tags":[],"dipi_cpt_category":[],"class_list":["post-1423","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-datenstrategie"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Information Governance \u2013 an Information Security discipline? - krm Information Governance<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Information Governance \u2013 an Information Security discipline? - krm Information Governance\" \/>\n<meta property=\"og:description\" content=\"There is no clear hierarchy between Information Security and Information Governance.\u00a0 Here are the five main reasons, why Information Governance needs to lead the practice of the modern digital enterprise: Security is important, however with Information Security, nobody will ever gain competitive advantage. Security plays an important role in the defensive part of the strategic [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/\" \/>\n<meta property=\"og:site_name\" content=\"krm Information Governance\" \/>\n<meta property=\"article:published_time\" content=\"2016-03-20T13:22:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-15T09:15:39+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/03\/iStock_000003163659Small.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"849\" \/>\n\t<meta property=\"og:image:height\" content=\"565\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Bruno Wildhaber\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Bruno Wildhaber\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/\"},\"author\":{\"name\":\"Bruno Wildhaber\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#\\\/schema\\\/person\\\/6af1b03b3936809e3ff9bd196f609cce\"},\"headline\":\"Information Governance \u2013 an Information Security discipline?\",\"datePublished\":\"2016-03-20T13:22:49+00:00\",\"dateModified\":\"2023-08-15T09:15:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/\"},\"wordCount\":419,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/krm.swiss\\\/wp\\\/wp-content\\\/uploads\\\/2016\\\/03\\\/iStock_000003163659Small.jpg\",\"articleSection\":[\"Datenstrategie &amp; Information Governance\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/\",\"url\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/\",\"name\":\"Information Governance \u2013 an Information Security discipline? - krm Information Governance\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/krm.swiss\\\/wp\\\/wp-content\\\/uploads\\\/2016\\\/03\\\/iStock_000003163659Small.jpg\",\"datePublished\":\"2016-03-20T13:22:49+00:00\",\"dateModified\":\"2023-08-15T09:15:39+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#\\\/schema\\\/person\\\/6af1b03b3936809e3ff9bd196f609cce\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/#primaryimage\",\"url\":\"https:\\\/\\\/krm.swiss\\\/wp\\\/wp-content\\\/uploads\\\/2016\\\/03\\\/iStock_000003163659Small.jpg\",\"contentUrl\":\"https:\\\/\\\/krm.swiss\\\/wp\\\/wp-content\\\/uploads\\\/2016\\\/03\\\/iStock_000003163659Small.jpg\",\"width\":849,\"height\":565},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/information-governance-an-information-security-discipline\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/krm.swiss\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Information Governance \u2013 an Information Security discipline?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/krm.swiss\\\/en\\\/\",\"name\":\"krm Information Governance\",\"description\":\"Wir verbessern Ihre Kompetenz im Datenmanagement\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/krm.swiss\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/krm.swiss\\\/en\\\/#\\\/schema\\\/person\\\/6af1b03b3936809e3ff9bd196f609cce\",\"name\":\"Bruno Wildhaber\",\"url\":\"https:\\\/\\\/krm.swiss\\\/en\\\/author\\\/brwildhaber\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Information Governance \u2013 an Information Security discipline? - krm Information Governance","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/","og_locale":"en_US","og_type":"article","og_title":"Information Governance \u2013 an Information Security discipline? - krm Information Governance","og_description":"There is no clear hierarchy between Information Security and Information Governance.\u00a0 Here are the five main reasons, why Information Governance needs to lead the practice of the modern digital enterprise: Security is important, however with Information Security, nobody will ever gain competitive advantage. Security plays an important role in the defensive part of the strategic [&hellip;]","og_url":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/","og_site_name":"krm Information Governance","article_published_time":"2016-03-20T13:22:49+00:00","article_modified_time":"2023-08-15T09:15:39+00:00","og_image":[{"width":849,"height":565,"url":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/03\/iStock_000003163659Small.jpg","type":"image\/jpeg"}],"author":"Bruno Wildhaber","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Bruno Wildhaber","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/#article","isPartOf":{"@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/"},"author":{"name":"Bruno Wildhaber","@id":"https:\/\/krm.swiss\/en\/#\/schema\/person\/6af1b03b3936809e3ff9bd196f609cce"},"headline":"Information Governance \u2013 an Information Security discipline?","datePublished":"2016-03-20T13:22:49+00:00","dateModified":"2023-08-15T09:15:39+00:00","mainEntityOfPage":{"@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/"},"wordCount":419,"commentCount":0,"image":{"@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/#primaryimage"},"thumbnailUrl":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/03\/iStock_000003163659Small.jpg","articleSection":["Datenstrategie &amp; Information Governance"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/","url":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/","name":"Information Governance \u2013 an Information Security discipline? - krm Information Governance","isPartOf":{"@id":"https:\/\/krm.swiss\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/#primaryimage"},"image":{"@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/#primaryimage"},"thumbnailUrl":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/03\/iStock_000003163659Small.jpg","datePublished":"2016-03-20T13:22:49+00:00","dateModified":"2023-08-15T09:15:39+00:00","author":{"@id":"https:\/\/krm.swiss\/en\/#\/schema\/person\/6af1b03b3936809e3ff9bd196f609cce"},"breadcrumb":{"@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/#primaryimage","url":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/03\/iStock_000003163659Small.jpg","contentUrl":"https:\/\/krm.swiss\/wp\/wp-content\/uploads\/2016\/03\/iStock_000003163659Small.jpg","width":849,"height":565},{"@type":"BreadcrumbList","@id":"https:\/\/krm.swiss\/en\/information-governance-an-information-security-discipline\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/krm.swiss\/en\/"},{"@type":"ListItem","position":2,"name":"Information Governance \u2013 an Information Security discipline?"}]},{"@type":"WebSite","@id":"https:\/\/krm.swiss\/en\/#website","url":"https:\/\/krm.swiss\/en\/","name":"krm Information Governance","description":"Wir verbessern Ihre Kompetenz im Datenmanagement","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/krm.swiss\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/krm.swiss\/en\/#\/schema\/person\/6af1b03b3936809e3ff9bd196f609cce","name":"Bruno Wildhaber","url":"https:\/\/krm.swiss\/en\/author\/brwildhaber\/"}]}},"_links":{"self":[{"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/posts\/1423","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/comments?post=1423"}],"version-history":[{"count":10,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/posts\/1423\/revisions"}],"predecessor-version":[{"id":74870,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/posts\/1423\/revisions\/74870"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/media\/1428"}],"wp:attachment":[{"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/media?parent=1423"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/categories?post=1423"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/tags?post=1423"},{"taxonomy":"dipi_cpt_category","embeddable":true,"href":"https:\/\/krm.swiss\/en\/wp-json\/wp\/v2\/dipi_cpt_category?post=1423"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}