New Zealand


  • Service: Advisory, IT Advisory, Performance & Technology
  • Industry: Government
  • Type: White paper
  • Date: 22/05/2014


Grant Riley

Director, IT Advisory

+64 4 816 4878

Are we locking the door on our information gold mines? 

On 5th August 2011, a manager from the Accident Compensation Corporation (ACC) sent an email to one of its clients. Not an unusual activity, except for that fact that they had inadvertently attached a file containing the private details of 6,748 clients. The breach was made public on 13 March 2012, and the resulting investigation sent ripples throughout the public sector and beyond. The topic of privacy quickly gained the serious attention of boards and executives throughout the country – in many cases for the first time.


What followed was a myriad of other publicised breaches, but none more so than the security breach of the Ministry of Social Development’s Work and Income’s public kiosks. This event subdued any remaining voices that believed the ACC event was just an anomaly.


Indeed, the report commissioned by the Head of State Services found fundamental issues with risk and security management across a wide range of agencies. Our view is that the private sector would have fared no differently under similar scrutiny.


locking the door on our info gold mines
Download Now
PDF files require Adobe Reader to view

The last few years have been dominated by (largely) tactical responses to the security and risk management issues outlined in the report. This has been entirely appropriate and necessary to protect the information holdings of the private and public entities in which we trust our private information.


It goes without saying that there remains much to do. However we caution against viewing information¹ assets purely through the lenses of security, privacy and risk. To do so diminishes the opportunity to use our information assets to make New Zealand a better place in which we live and work. It is time to bring some balance back to how we view our information assets.


This article cover the following key points:

  • The need for the public sector to start consider the value side of information assets as well as the risk side
  • How information asset management helps manage both the risk and value of information assets
  • How IAM in the public sector leads to better public policy design and performance management
  • A conceptual architecture for the sector
  • How to start

 Share this Thought Leadership

IT Advisory Services

KPMG's IT Advisory (ITA) professionals can help you manage technology related risks to meet your strategic and financial goals.


We work closely with central and local governments to improve their quality of services, productivity and value for money.