kosemlask 9.1

Information Security

With a background from IT Security iFACTS has developed a process and software for information security. The initial initiative was taken in close cooperation with customers like Helsingborg and E.ON. Today this part of the application is also used by Getinge, Ringhals/Vattenfall, Malmö Stad, Göteborgs Energi and Länsförsäkringar. Ulf Åkesson, CISM certified consultant with iFACTS leads the work.

Most would agree that information is absolutely vital to the organization. But it is also very challenging to define and control.

One should ask: What information is most important? In this context, information handled by IT solutions.

The iFACTS method describes the importance of having information belong to the business process. Information is often so intimately connected to the process that it is preferable to handle it as a natural part of the process. Hence, typical information needs to correspond to the needs of business processes, such as:

  • Compliance
  • Implementation in IT solution
  • Security and Risk management

Controlling information often becomes an Information Security or IT Governance issue. Information confidentiality, integrity, and availability must be safeguarded. Recognizing the dependencies between information, IT systems, and IT resources is important in order to fully understand the value chain.

But more is needed. Information, often managed by the CIO (Chief Information Officer), must be described in the context of process activities and information attributes. Information should be coordinated within the organization to avoid duplication. The iFACTS method includes a cohesive approach to information handling supported by the iFACTS software platform.

Web technology aids information responsibles with registration, structure and documentation. Common work steps include documenting information attributes, defining ownership, and creating the dependency line to relevant databases (master data).