Building an Information Governance Program
125 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is a key benefit of Information Governance?

  • Maximizing the value of information while minimizing associated risks and costs (correct)
  • Minimizing the value of information
  • Ignoring the importance of information in achieving organizational goals
  • Maximizing the risks associated with information
  • What is the primary focus of Information Governance?

  • Focusing on data governance alone
  • Managing and governing all information across the organization (correct)
  • Only archiving and retrieving information
  • Managing only digital information
  • Why are records professionals well-positioned to contribute to Information Governance initiatives?

  • They only manage physical records
  • They have a deep understanding of the flow of information across the enterprise (correct)
  • They are not involved in information management
  • They have no understanding of information flow across the enterprise
  • What is the outcome of embracing Information Governance in an organization?

    <p>Improved decision-making and reduced risks</p> Signup and view all the answers

    What is a key characteristic of Information Governance?

    <p>It is an integrated, strategic approach to managing information</p> Signup and view all the answers

    What is the role of representatives from various departments in developing an Information Governance strategy?

    <p>Representatives from legal, HR, IT, and business units participate in developing the strategy</p> Signup and view all the answers

    What is the primary goal of Information Governance in relation to business operations?

    <p>To ensure business continuity and provide access to necessary information</p> Signup and view all the answers

    What is the definition of Information Governance according to Gartner?

    <p>The specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving, and deletion of information</p> Signup and view all the answers

    What is a crucial aspect of an organization's legal and regulatory environment when designing an IG framework?

    <p>Compliance with governing laws and regulations</p> Signup and view all the answers

    What are the three core elements of an IG governance framework?

    <p>Policies, processes, and compliance</p> Signup and view all the answers

    What is the primary goal of an Information Governance program?

    <p>To minimize information risks and costs, while maximizing its value</p> Signup and view all the answers

    What is necessary to understand for legal and compliance purposes in an IG program?

    <p>The difference between records and information</p> Signup and view all the answers

    What should an IG framework address?

    <p>All information, whether meeting the definition of a record or not</p> Signup and view all the answers

    What is a record, as defined in the context of IG?

    <p>Information created, received, and maintained as evidence and as an asset</p> Signup and view all the answers

    What should a comprehensive RIM policy address?

    <p>Roles and responsibilities, communications and training, and metrics and monitoring</p> Signup and view all the answers

    Why is it necessary to have a media-neutral records retention schedule?

    <p>To comply with applicable laws, regulations, and standards</p> Signup and view all the answers

    What should be included in a policy team for an IG framework?

    <p>Representatives from the appropriate functional areas, including records management, information technology, business units, and others</p> Signup and view all the answers

    What should be harmonized in an IG framework?

    <p>Policies governing communications, security, privacy, and compliance</p> Signup and view all the answers

    What is the primary obligation of records management?

    <p>Accountability</p> Signup and view all the answers

    Which of the following is NOT an objective of RIM programs?

    <p>Disposing of records without business needs</p> Signup and view all the answers

    What is the term used to describe the field of management responsible for the efficient and systematic control of records?

    <p>Records Management (RM)</p> Signup and view all the answers

    Which of the following risks is associated with not having a comprehensive records management program in place?

    <p>All of the above</p> Signup and view all the answers

    What is an essential characteristic of information?

    <p>Its value</p> Signup and view all the answers

    Why is it important to consider the value of information contained in records at each stage of the RIM lifecycle?

    <p>Because its value may increase or decrease over time</p> Signup and view all the answers

    What is the term used to describe the services provided by the RM profession?

    <p>Records and Information Management (RIM)</p> Signup and view all the answers

    What is the purpose of RIM programs in mitigating risks?

    <p>To reduce risks to the organization</p> Signup and view all the answers

    What is the primary focus of some records management guidelines?

    <p>Technology that can automate records management functions</p> Signup and view all the answers

    What is the benefit of having a RIM program in place?

    <p>A well-managed and secure records management system</p> Signup and view all the answers

    What is the primary difference between a document and a record in an electronic environment?

    <p>A document is a work in progress, while a record is evidence of an action.</p> Signup and view all the answers

    What is the main purpose of an Information Management System (IMS)?

    <p>To collect, store, organize, and distribute information.</p> Signup and view all the answers

    What is the key characteristic of unstructured data?

    <p>It is difficult to classify and maintain.</p> Signup and view all the answers

    What is the function of indexing, search, and disposal capabilities in document management systems?

    <p>To store and retrieve records within an electronic library.</p> Signup and view all the answers

    What is the primary focus of the records and information lifecycle model?

    <p>Managing documents from creation to destruction or archiving.</p> Signup and view all the answers

    What is the purpose of Information Lifecycle Management (ILM)?

    <p>To manage the flow of an information system's data and associated metadata.</p> Signup and view all the answers

    What is a key difference between the records and information lifecycle model and the information lifecycle model?

    <p>The information lifecycle model does not mention creation.</p> Signup and view all the answers

    What is the purpose of OCR (Optical Character Recognition) in document management systems?

    <p>To convert scanned images into editable text.</p> Signup and view all the answers

    What is the primary characteristic of structured data?

    <p>It is organized in a way that makes it easily searchable.</p> Signup and view all the answers

    What is the purpose of eSignatures in document management systems?

    <p>To enable secure and legally binding electronic signatures.</p> Signup and view all the answers

    What is the primary focus of the records continuum model?

    <p>The integration of recordkeeping into business and societal processes</p> Signup and view all the answers

    Which of the following is a principle of the records continuum concept?

    <p>The concept of record is inclusive of records of continuing value</p> Signup and view all the answers

    What is the main difference between the records lifecycle model and the records continuum model?

    <p>The records lifecycle model emphasizes time-bound stages, while the records continuum model combines recordkeeping and archiving processes</p> Signup and view all the answers

    What is Enterprise Content Management (ECM) according to AIIM?

    <p>A business goal or strategy for managing content</p> Signup and view all the answers

    What replaced Enterprise Content Management (ECM) according to Gartner Analyst Michael Woodbridge?

    <p>Content Services and Intelligent Information Management</p> Signup and view all the answers

    What is the primary focus of Content Services?

    <p>Utilizing information regardless of where it resides</p> Signup and view all the answers

    What is a key characteristic of the records continuum model?

    <p>It combines the recordkeeping and archiving processes into integrated time-space dimensions</p> Signup and view all the answers

    What is the role of the recordkeeping profession in the records continuum model?

    <p>To integrate recordkeeping into business and societal processes</p> Signup and view all the answers

    What is the main goal of the records continuum model?

    <p>To fulfill both managerial and cultural responsibilities</p> Signup and view all the answers

    Which of the following is an essential functional component of Enterprise Content Management (ECM)?

    <p>Document management</p> Signup and view all the answers

    What is the main difference between data-centric technologies and traditional technologies?

    <p>Data-centric technologies treat data as the permanent source of value</p> Signup and view all the answers

    What is a key aspect of Intelligent Document Processing (IDP)?

    <p>Extracting data from structured and unstructured content</p> Signup and view all the answers

    According to AIIM, what is the primary goal of Intelligent Information Management (IIM)?

    <p>To integrate people, processes, information, and technology to achieve digital transformation</p> Signup and view all the answers

    What is the purpose of a records inventory in a records management program?

    <p>To identify and analyze records and information</p> Signup and view all the answers

    What is a key responsibility of the records management team at the World Bank Group?

    <p>Maintaining the WBG Management of Records Policy</p> Signup and view all the answers

    What is a common characteristic of vendors that reengineered their on-premises products for the cloud?

    <p>They are traditional ECM vendors</p> Signup and view all the answers

    What is the main focus of Content Services?

    <p>Managing structured and unstructured content</p> Signup and view all the answers

    What is a key benefit of using Intelligent Document Processing (IDP)?

    <p>Reducing manual data entry</p> Signup and view all the answers

    What is a key element of a comprehensive records management program?

    <p>Policy and procedure development</p> Signup and view all the answers

    What is the main challenge of implementing Intelligent Information Management (IIM)?

    <p>Developing a comprehensive information management strategy</p> Signup and view all the answers

    Which standard provides model, high-level functional requirements and guidance for software applications intended to manage digital records?

    <p>ISO 16175-1:2020</p> Signup and view all the answers

    What is the primary purpose of the ISO 18128:2024 standard?

    <p>To assist organizations in assessing records risks</p> Signup and view all the answers

    Which standard provides principles and guidelines for risk management?

    <p>ISO 31000:2018</p> Signup and view all the answers

    What is the purpose of the ISO/TR 23081-3: 2011 standard?

    <p>To provide guidance on conducting a self-assessment on records metadata</p> Signup and view all the answers

    Which family of standards deals with information security management systems?

    <p>ISO/IEC 27000</p> Signup and view all the answers

    What is the purpose of the ISO 30300:2020 standard?

    <p>To provide terms and definitions relevant to the core concepts of the records management domain</p> Signup and view all the answers

    Which standard addresses the development and implementation of a records policy and objectives?

    <p>ISO 30301:2019/Adm 1:2024</p> Signup and view all the answers

    Which standard provides a practical application of the concept of appraisal introduced in ISO 15489-1:2016?

    <p>ISO/TR 21946:2018</p> Signup and view all the answers

    Which standard establishes a framework for defining metadata elements consistent with the principles and implementation considerations?

    <p>ISO 23081-2:2021</p> Signup and view all the answers

    What is the primary purpose of developing Records Retention and Disposition Schedules?

    <p>To document business needs for information and archival value decisions.</p> Signup and view all the answers

    What is the primary focus of the ISO 16175-2:2020 standard?

    <p>To provide guidance for decision making and processes associated with the selection, design, implementation and maintenance of software for managing records</p> Signup and view all the answers

    What is the term used to describe standards that are developed informally, used often and widely, and accepted as standard practice?

    <p>De facto standards</p> Signup and view all the answers

    Which standard provides implementation guidance for the creation, capture, and management of records?

    <p>ISO 15489-1:2016</p> Signup and view all the answers

    What is the primary focus of records management programs?

    <p>To safeguard physical and electronic records</p> Signup and view all the answers

    What is the benefit of considering prevailing trends in case law when evaluating risk?

    <p>It provides insight into governing laws, regulations, and standards</p> Signup and view all the answers

    What is the purpose of technical reports in standards development?

    <p>To provide implementation guidance</p> Signup and view all the answers

    What is the primary goal of regulatory compliance in records management?

    <p>To safeguard physical and electronic records</p> Signup and view all the answers

    What is the purpose of the WBG Records Center and Archives?

    <p>To preserve analog and digital records of enduring value</p> Signup and view all the answers

    What is the role of standards in records management?

    <p>To create a professional environment of best-practice procedures</p> Signup and view all the answers

    What is the purpose of ARMA’s Generally Accepted Recordkeeping Principles?

    <p>To provide codification of practice for records management</p> Signup and view all the answers

    What is the estimated percentage change in data creation and replication worldwide from 2010 to 2027?

    <p>14450%</p> Signup and view all the answers

    What is the primary purpose of a national standards development body in relation to formal standards?

    <p>To develop and maintain formal standards</p> Signup and view all the answers

    What is the term used to describe a rule or order issued by an executive authority or regulatory agency of a government?

    <p>Regulation</p> Signup and view all the answers

    What is the name of the act that established the National Archives to centralize federal recordkeeping in the United States?

    <p>National Archives Act of 1934</p> Signup and view all the answers

    What is the primary purpose of the Freedom of Information Act (FOIA) of 1966?

    <p>To ensure public access to U.S. government records</p> Signup and view all the answers

    What is the estimated percentage of global data that will be unstructured by 2025, according to IDC?

    <p>80%</p> Signup and view all the answers

    What is the primary goal of managing records in a prudent and defensible manner?

    <p>To minimize risk and establish proof of compliance</p> Signup and view all the answers

    What is the name of the act that amended the Federal Records Act of 1950 to clearly include electronic records and grant the Archivist final determination as to what constitutes a federal record?

    <p>Presidential and Federal Records Act Amendments of 2014</p> Signup and view all the answers

    What is the primary purpose of laws and regulations in relation to records management?

    <p>To provide guidance on the retention and disposition of records</p> Signup and view all the answers

    What is the primary function of the Office of the Federal Register?

    <p>To provide access to the official text of federal laws and presidential documents</p> Signup and view all the answers

    What is the basis of records management in the federal government?

    <p>The Federal Records Act of 1950</p> Signup and view all the answers

    What is the purpose of Title 36 of the United States Code?

    <p>To provide policies for federal agencies' records management programs</p> Signup and view all the answers

    What is a system of records, as defined by the Privacy Act of 1974?

    <p>A group of records under the control of any agency from which information is retrieved by the name of the individual</p> Signup and view all the answers

    What is the purpose of 36 CFR 1220, subchapter B?

    <p>To specify policies for federal agencies' records management programs</p> Signup and view all the answers

    What is the purpose of the Code of Federal Regulations (CFR)?

    <p>To codify the general and permanent rules published in the Federal Register</p> Signup and view all the answers

    What is the purpose of the Federal Records Act of 1950?

    <p>To ensure that federal agencies make and preserve records containing adequate and proper documentation</p> Signup and view all the answers

    What is the purpose of Title 44 of the United States Code?

    <p>To address records management in the federal government</p> Signup and view all the answers

    What is the purpose of the National Archives and Records Administration (NARA)?

    <p>To provide policies for federal agencies' records management programs</p> Signup and view all the answers

    What is the purpose of 44 USC Chapters 21, 22, 29, 31, and 33?

    <p>To provide policies for federal agencies' records management programs relating to RIM</p> Signup and view all the answers

    Which of the following technologies has been adopted by professionals in various industries to speed up business transactions without increasing risk?

    <p>Electronic Signatures</p> Signup and view all the answers

    What is the primary focus of Rule 26 and other amendments of the Federal Rules of Civil Procedure?

    <p>The production of evidence in federal court cases</p> Signup and view all the answers

    According to Rule 37e, what is the consequence of failing to preserve Electronically Stored Information?

    <p>All of the above</p> Signup and view all the answers

    What is the concept introduced by Rule 26(b)(1) of the Federal Rules of Civil Procedure?

    <p>Proportionality</p> Signup and view all the answers

    What is the requirement for credit unions to maintain electronic records according to the E-Sign Act?

    <p>All of the above</p> Signup and view all the answers

    What is the primary focus of the Sarbanes-Oxley Act of 2002?

    <p>Protecting shareholders and the public from accounting errors and fraudulent practices</p> Signup and view all the answers

    What is the purpose of the National Credit Union Administration's checklist of questions?

    <p>To ensure compliance with the E-Sign Act</p> Signup and view all the answers

    Which of the following is a requirement for businesses under the Electronic Signatures in Global and National Commerce Act (E-SIGN)?

    <p>Obtaining consumers' electronic consent to receive information electronically</p> Signup and view all the answers

    What is the primary goal of the Financial Industry Regulatory Authority (FINRA) in relation to recordkeeping?

    <p>To ensure fair and honest operations in the broker-dealer industry</p> Signup and view all the answers

    What is the consequence of not taking reasonable steps to preserve Electronically Stored Information?

    <p>Adverse inference instruction</p> Signup and view all the answers

    What is the purpose of HIPAA regulations in the healthcare industry?

    <p>To protect individually identifiable health information</p> Signup and view all the answers

    What is the focus of the amendments to the Federal Rules of Civil Procedure?

    <p>E-discovery procedures</p> Signup and view all the answers

    What is the consequence of noncompliance with the Sarbanes-Oxley Act of 2002?

    <p>Fines, imprisonment, or both</p> Signup and view all the answers

    What is the main purpose of the Electronic Freedom of Information Act Amendments of 1996?

    <p>To require agencies to release records in electronic form on request</p> Signup and view all the answers

    What is the role of the Administrator of General Services in records management?

    <p>To establish records management guidelines for federal agencies</p> Signup and view all the answers

    What is the purpose of Rule 30 of the U.S. SEC Regulation S-P?

    <p>To require written policies and procedures to safeguard customer records and information</p> Signup and view all the answers

    What is the primary goal of the Privacy Act of 1974?

    <p>To establish safeguards for the protection of records that the federal government collects and maintains on U.S. citizens</p> Signup and view all the answers

    What is the primary focus of Chapter 33 of the Code of Federal Regulations?

    <p>Disposal of records, including definitions and guidelines</p> Signup and view all the answers

    What is the main difference between the Presidential Records Act of 1978 and the Presidential and Federal Records Act Amendments of 2014?

    <p>The Presidential Records Act of 1978 governs the official records of Presidents and Vice Presidents, while the Presidential and Federal Records Act Amendments of 2014 modernized the PRA of 1978</p> Signup and view all the answers

    What is the primary focus of the Paperwork Reduction Act of 1995?

    <p>To require agencies to obtain the approval of Office of Management and Budget (OMB) before requesting most types of information from the public</p> Signup and view all the answers

    What is the purpose of Regulatory Notice 22-29 published by FINRA?

    <p>To alert firms to increased ransomware risks and provide strategies to defend against threats</p> Signup and view all the answers

    What is the primary focus of Chapter 31 of the Code of Federal Regulations?

    <p>Records management by federal agencies</p> Signup and view all the answers

    What is the main purpose of the U.S. Electronic Signatures in Global and National Commerce (ESIGN) Act of 2000?

    <p>To grant electronic signatures the same legal status as handwritten signatures throughout the United States</p> Signup and view all the answers

    What is the primary goal of the FOIA Improvement Act of 2016?

    <p>To establish a minimum of ninety days for requesters to appeal an adverse determination</p> Signup and view all the answers

    What is the main difference between a digital signature and an electronic signature?

    <p>A digital signature uses a digital certificate from a trust service provider (TSP), while an electronic signature uses any electronic process to indicate acceptance of an agreement or record</p> Signup and view all the answers

    What is the primary responsibility of the Archivist of the United States?

    <p>To control, preserve, and provide access to presidential records of past presidents</p> Signup and view all the answers

    What is the main purpose of the E-Government Act of 2002?

    <p>To promote the use of the internet and other information technologies to improve government services</p> Signup and view all the answers

    What is the primary focus of the Presidential Records Act of 1978?

    <p>To govern the official records of Presidents and Vice Presidents created or received by all Presidents who come into office after January 20, 1981</p> Signup and view all the answers

    Study Notes

    Information Governance (IG)

    • IG is an integrated, strategic approach to managing, processing, controlling, archiving, and retrieving information as evidence of all transactions of an organization. • IG provides a framework for the "conservative side of information management." • It includes processes, roles, and policies, standards, and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.

    Records Management (RM) and Information Management (IM)

    • RM is the field of management responsible for the efficient and systematic control of the creation, receipt, maintenance, use, and disposition of records. • IM is a holistic approach that manages both records and information. • The term Records and Information Management (RIM) is often used to describe the services provided by the RM profession.

    Records and Information Management Objectives

    • Develop and/or identify standards or procedures for the effective, efficient, and secure management of records and information. • Provide effective control, appropriate security, and management over the creation, maintenance, use, and disposition of all records within the organization. • Ensure that records accurately reflect the business practices, policies, and transactions of the organization. • Simplify the activities, systems, and processes of records creation, maintenance, and use. • Preserve and dispose of records in accordance with business needs, statutes, and regulations. • Protect essential records; facilitate business continuity in the event of a disaster. • Protect records of historical importance; provide evidence of business, personal, and cultural activity. • Maintain corporate, personal, and collective memory.

    Risks Associated with RIM

    • Damage to the organization's reputation • High costs for information management and storage • Lost files and risk of spoliation • Legal discovery penalties or sanctions • Audit and compliance violations • Cybersecurity risks

    Records and Information Management Lifecycle

    • Capture/Creation • Organization and Storage • Use and Maintenance • Disposition • Destruction or Archiving

    Information Management Lifecycle Model

    • Capture • Organization and Storage • Retrieval and Use • Maintenance • Disposition • Destruction or Archiving

    Records Continuum

    • An alternative to the records lifecycle model • Emphasizes the overlapping characteristics of recordkeeping—evidence, transaction, and identity of the creator • Deemphasizes the time-bound stages of the lifecycle model • Combines recordkeeping and archiving processes into integrated time-space dimensions

    Enterprise Content Management (ECM)

    • Defined by AIIM in 2000 as business goals, strategies, and processes that help guide effective content and data capture, management, storage, preservation, and delivery • Not a tool or technology, but a comprehensive approach to content and data management • Includes document management, records management, image-processing applications, social content/collaboration, content workflow, packaged apps and integration, analytics, and extended components such as digital asset management and enterprise search

    Content Services and Intelligent Information Management

    • Content Services: a new way of thinking about utilizing information regardless of where it resides • Includes Content Services Applications, Platforms, and Components • Provides a more rapid and cost-effective way to deliver content services while maintaining an appropriate level of governance and compliance • Intelligent Information Management (IIM): integrates people, processes, information, and technology to achieve digital transformation

    Intelligent Document Processing (IDP)

    • Uses natural language technologies and computer vision to extract data from structured and unstructured content, especially from documents, to support automation and augmentation • Includes the ability to transform paper to images### Records Management Program Elements

    • A comprehensive records management program includes policy and procedure development, records inventory, appraisal, retention, and disposition, active files management, inactive files management, preservation and access, essential records protection, disaster recovery, and business continuity planning, and training and outreach programs.

    Records Management Activities

    • The World Bank's records management team is responsible for the strategic management of records and information, including:
      • Maintaining the WBG Management of Records Policy
      • Appraising the business, legal, and research value of records
      • Developing Records Retention and Disposition Schedules
      • Providing guidance and training on records management
      • Supporting the transfer of valuable records to the WBG Archives
      • Preserving analog and digital records of enduring value
    • Regulatory compliance is necessary to safeguard physical and electronic records, shield organizations from risk, and control costs.
    • Standards, technical reports, and guidelines provide a professional environment for best-practice procedures, enabling organizations to develop compliant records/information systems, policies, and procedures.
    • Types of standards include:
      • De facto standards (developed informally, widely accepted, and used often, e.g., QWERTY keyboard and GIF images)
      • De jure standards (adopted by an official standards-setting body, e.g., ISO)
    • Examples of ISO standards and technical reports relevant to RIM/IG:
      • ISO 15489-1:2016, Records Management, Concept and Principles
      • ISO/TR 15801:2017, Document management—Electronically stored information—Recommendations for trustworthiness and reliability
      • ISO 16175-1:2020, Information and documentation—Processes and functional requirements for software for managing records—Part 1: Functional requirements
      • ISO 16175-2:2020, Information and documentation — Processes and functional requirements for software for managing records — Part 2: Guidance for selecting, designing, implementing and maintaining software for managing records
      • ISO 18128:2024, Information and documentation—Records Risk: Risk Assessment for records management
      • ISO/TR 21946:2018, Appraisal for Managing Records
      • ISO 23081-1:2017, Information and documentation—Records management processes—Metadata for Records—Part 1: Principles
      • ISO 23081-2:2021, Information and documentation—Metadata for managing records—Part 2: Conceptual and implementation issues
      • ISO/TR 23081-3:2011, Information and documentation—Metadata for managing records—Part 3: Self-assessment method
      • ISO/IEC 27000 family, Information security management systems
      • ISO 30300:2020, Records management—Core concepts and vocabulary
      • ISO 30301:2019/Adm 1:2024, Information and documentation—Management systems for records—Requirements, Amendment 1: Climate action changes
      • ISO 31000:2018, Risk Management Guidelines

    Laws and Regulations

    • In 2010, 2 zettabytes (ZB) of data were created and replicated worldwide, projected to grow to 291 ZB in 2027.
    • IDc predicts that 80% of global data will be unstructured by 2025 and stored everywhere.
    • Records retention and disposition decisions will still be made about many high-value business records due to official actions.
    • Examples of key U.S. federal statutes related to records management:
      • National Archives Act of 1934
      • Federal Records Act of 1950
      • Freedom of Information Act (FOIA) of 1966
      • Privacy Act of 1974
      • Presidential Records Act (PRA) of 1978
      • Paperwork Reduction Act of 1995
      • U.S. Electronic Signatures in Global and National Commerce (ESIGN) Act of 2000
      • E-Government Act of 2002### Federal Records Management
    • The Code of Federal Regulations (CFR) is the codification of general and permanent rules published in the Federal Register by executive offices and agencies of the Federal Government.
    • Title 36 of the CFR is most relevant to Records and Information Management (RIM), covering topics such as creation and maintenance of federal records, records disposition programs, and electronic records management.

    United States Code (USC)

    • The USC is the consolidation and codification of the general and permanent laws of the United States.
    • Title 44 of the USC is especially relevant to RIM on the federal level, covering topics such as the National Archives and Records Administration (NARA), Presidential Records, and Records Management by Federal Agencies.

    Sarbanes-Oxley Act (SOX)

    • Enacted by the U.S. Congress in 2002 in response to the Enron and WorldCom financial scandals.
    • _administered by the Securities and Exchange Commission (SEC).
    • Applies to all public companies in the U.S., international companies that have registered equity or debt securities with the SEC, and the accounting firms that provide auditing services to them.
    • Contains three rules that affect the management of business records:
      • Destruction, alteration, or falsification of records.
      • Retention period for records storage of at least five years.
      • Types of business records that need to be stored, including electronic communications.

    Financial Industry Regulatory Authority (FINRA)

    • Requires brokerage firms and their registered representatives to operate fairly and honestly.
    • Governed by Rule 30 of the U.S. SEC Regulation S-P, firms must have written policies and procedures to safeguard customer records and information.
    • Provides guidance to firms through regulatory notices, including alerts on ransomware risks and strategies to defend against threats.

    Health Insurance Portability and Accountability Act (HIPAA)

    • Federal statute to standardize the electronic exchange of information between trading partners.
    • Establishes privacy and security standards to protect individually identifiable health information.
    • Healthcare-related organizations and employers outside of the health sector who store records regarding employee health must comply with HIPAA rules and regulations.

    Electronic Signatures in Global and National Commerce Act (E-SIGN)

    • Enacted by Congress in 2000 to facilitate the use of electronic records and signatures.
    • Ensures the validity and legal effect of contracts entered into electronically.
    • Requires businesses to obtain consumers' electronic consent or confirmation to receive information electronically that a law requires to be in writing.
    • Recommends maintaining a record of the transaction in the form of an audit trail.

    Federal Rules of Civil Procedure (FRCP)

    • Governs the conduct of civil actions brought into federal district courts.
    • Rules 26 and 27 govern the production of evidence in most federal court cases.
    • Amended in 2015 to impact e-discovery procedures, introducing the concept of proportionality and focusing on "failure to preserve Electronically Stored Information".

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers the importance of information governance in organizations, its evolution, and its significance in the current business landscape.

    More Like This

    Understanding Information Governance
    10 questions
    Data Management Principles Quiz
    37 questions
    Records Management: Information Governance
    13 questions
    Use Quizgecko on...
    Browser
    Browser