Login
SignUp
Contoural - Information Governance Management & Monitoring Services

Ongoing Information Governance Management and Monitoring Services

STRATEGIC FOUNDATIONAL EXECUTION MANAGEMENT
Maturity
Assessment &
Strategic
Roadmap 		Records/Data Retention
Policy & Schedule Data Security
Classification Policy 		AI
Governance Privacy
Program 		Discovery
Response &
Legal
Hold Privacy
Program 		Governance
Processes
and
Procedures 		Data
Placement &
Automation 		Behavior
Change
Management
& Training 		Legacy
Document &
Data Disposition 		Ongoing
Management &
Monitoring
Information Governance Organizational Development
Records Management and Privacy Policy Refresh
Annual or periodic updates of Information Governance records management schedules/data retention polices, and privacy policies and notices. These refreshes identify new or updated legal and regulatory recordkeeping requirements, updated or emerging privacy rules, new record types being created or received, new personal information being created or received and identify older records or personal information no longer being received. This service can be performed on a predetermined yearly, 18-month or other term.
Information Governance Program Audit
Designs and execution of Information Governance program audit, focusing on records management, privacy, legal hold and other processes. Reviews individual components of Information Governance program, as well as integration and coordination across different functions. Identifies any weaknesses, develops and executes remediation strategies, and reassess updated program elements for compliance.
Fractional and Transitional Records Manager
Part-time extended period or full-time transitional staffing position who supports and drives day-to-day records program. Provides training and development for department records coordinators. Fields records management policies, and document retention processes and procedures. Participates and drives Information Governance and records management Steering Committee meetings. Develops and updates program communications. Manages cleanup weeks.  Develops communications, manages cleanup weeks, and coordinates information mapping and data migration activities.  Support implementation of Information Governance and records management technology. This position is flexible and can be staffed full-time, part-time with a specific number of days per week, or for a specific transitional period.
Fractional and Transitional Privacy Manager
Part-time extended period or full-time temporary privacy managers to assist organizations on the day-to-day management of their privacy programs. Serving as the principal advisor to senior management concerning privacy policies and practices, tasks include day to day support of privacy programs, executing privacy training, managing subject access requests and deletion, and managing and driving a privacy implementation roadmap.  The Privacy manager participates in privacy and governance Steering Committee meetings and supports the development of departmental and division privacy coordinators.  A key function will be coordinating privacy activities with other functions, including records management, eDiscovery data governance and information security. This position is flexible and can be staffed full-time, part-time with a specific number of days per week, or for a specific transitional period.
Fractional Microsoft 365 Manager

Part-time extended period or full-time transitional Microsoft 365 manager who supports and assists Microsoft 365 administration and deployment. This may include providing as needed subject matter expertise, fielding questions, departmental or workgroup file mapping, Microsoft 365 configuration, training or help desk support. Additional this staff can manage and drive Information Governance implementation roadmaps, coordinate and run steering committee meetings and assess and audit configurations. This position is flexible and can be staffed full-time, part-time with a specific number of days per week, or for a specific transitional period.

Top Three Information Governance Management And Monitoring Resources

Click Here For More Resources
More Resources

Essential Ongoing Management And Monitoring Questions

  • How do we update our records retention policies and schedules? How do ensure compliance with new or changed recordkeeping requirements? Are we operating in any new countries does our schedule reflect those new requirements?
  • How do we ensure our records schedule addresses records from newly added business units? Are we receiving or creating any new types of records? Does our schedule contain any old records that we are no longer creating and have expired?
  • Has our records retention schedule been updated to reflect the retention of personal information? Have we documented the legitimate business need for retaining this information?
  • Have we updated our privacy policies to reflect updated privacy requirements? Have any new privacy rules been enacted? Are we operating in any new countries with either existing or new privacy rules?
  • Is incident response program up to date to reflect privacy requirements? Are we up to date on all the reporting requirements in the event of a breach?
  • Do we have the in-house expertise to manage our records program? Do we have the in-house resources to manager our records program on a day-to-day basis?
  • Do we have the in-house expertise to manage our records program? Do we have the in-house resources to manager our records program on a day-to-day basis?
  • Do have the in-house expertise to manage our privacy program? Do we have the resources to respond to day-to-day privacy requests?
  • Have we identified a Chief Privacy Officer? Do we require a Chief Privacy Officer for all the countries that we operate?
  • Do we have the staffing to proactively support our Incident Response in the event of a privacy breach?

Contoural's Ongoing Information Governance Management and Monitoring Approach

Information Governance Audits
The regular examination of a user and system conformance and compliance to intended rules is important not only for ensuring that the approach is working but also for providing program defensibility in the event it is challenged. Results of ongoing audits drive regular re-examination and refresh of policies, processes, and procedures. Any weaknesses identified during an audit should be remediated. Likewise, audits should be an ongoing process to ensure continued compliance.
Updated Records Retention Schedules
A records retention schedule/data retention must be periodically reviewed and updated. As new record types are created, old record types become obsolete; and legal citations change and new recordkeeping regulations come into play.  Updates should include reviewing and updating legal citations and retention periods, identifying new records types, and evaluating records retained for business value on a regular basis. Updated schedules should be reviewed and validated by business units.
Risks of Auto-updating Schedules
Legal and regulatory recordkeeping requirements change periodically. Technology now permits schedules to be managed and automatically updated online as laws and regulations change. Having automatically updated retention periods may seem more compliant, but they present a new type of risk. Regulators are looking for companies to demonstrate they are following their policies. If a schedule gets updated every month, a company in turn would need to update their record processes and training also every month. As soon as a company’s policy changes, there is an expectation that the record processes will be updated concurrently. This amount of process change is challenging for most organizations. This increases the likelihood there will be a gap between policy and implementation.
Contoural

Contoural is the largest independent provider of strategic Information Governance, Privacy, and AI Governance consulting services, including records and information management, litigation readiness and control of privacy and sensitive information.

Quick Links
Help and Support
Legal
Social

Copyright 2024. All Rights Reserved