The last few years have been dominated by (largely) tactical responses to the security and risk management issues outlined in the report. This has been entirely appropriate and necessary to protect the information holdings of the private and public entities in which we trust our private information.
It goes without saying that there remains much to do. However we caution against viewing information¹ assets purely through the lenses of security, privacy and risk. To do so diminishes the opportunity to use our information assets to make New Zealand a better place in which we live and work. It is time to bring some balance back to how we view our information assets.
This article cover the following key points:
- The need for the public sector to start consider the value side of information assets as well as the risk side
- How information asset management helps manage both the risk and value of information assets
- How IAM in the public sector leads to better public policy design and performance management
- A conceptual architecture for the sector
- How to start