Friday, March 13, 2009

Information Management Compliance: Highlights of chapter 4 of the second edition of Information Nation

Information Management Compliance is, as the term implies, the fusion of the Compliance discipline with Information Management activities. It involves developing Information Management criteria in accordance with legal, regulatory and business needs, and implementing controls designed to ensure compliance with those criteria. An effective Information Management program uses both best practices and risk management strategies.

There are two broad categories of compliance criteria in Information Management: External sources, such as laws (Sarbanes-Oxley, for example), regulations or industry standards; and internally developed criteria, which can be based on guidance from industry associations or operating procedures developed by virtue of the organization’s experience.

The second edition of Information Nation shows you how to establish your own compliance criteria, and explains the pitfalls of failing to do so. The new book examines how information management compliance failures affected Morgan Stanley, and provides lessons learned for your organization.

The new book is available from John W. Wiley & Sons. For more information, see

Comments? Contact the author at

No comments: