Information is the life blood of modern commerce, and is as exposed to risk as any other corporate asset, but the extent and variety of the risks are still not fully appreciated by many organisations. While ‘hacking’ and data breaches receive the greatest public attention, they are only a small part of the problem. The totality of the risk includes not only hazards to the information itself, but the possible extent of consequential and collateral harm from, for example:And then there's the nature of risk itself. The European General Data Protection Regulation (GDPR) has drawn attention to the obligation to consider not only risk to your business but risk to others, and in some cases (notably the processing of personal data) risk to others must be the paramount concern. The GDPR also specifically requires risk assessment to be objective, which may severely challenge much established practice. But information risk management is much more than just compliance with personal data protection legislation. BiR Management Consulting can guide and support your efforts in minimising the risk to both yourselves and to third parties that results from processing information, whether it involves personal or corporate data.
relying on incomplete or inaccurate information
not having sufficient rights in the information
failures by third party data processors
non-compliance with statutory obligations
unreliable or inconsistent risk assessment