Book contents
- Frontamtter
- Contents
- List of Acronyms
- List of Figures and Tables
- List of Case Studies
- Introduction
- 1 Copyright and Related Rights
- 2 Data Protection
- 3 Freedom of Information
- 4 Governance, Audits and Risk Assessment
- 5 Policies
- 6 Procedures: Copyright and Related Rights
- 7 Procedures: Using and Negotiating Licences for Access to Information Resources
- 8 Procedures: Data Protection and Freedom of Information
- 9 Tools and Templates
- 10 Awareness and Engagement
- 11 Some Speculations About the Future
- Appendix 1 Carrying out an Information Asset Audit
- Appendix 2 Sample IP Policy
- Appendix 3 Sample Data Protection Policy
- Appendix 4 Possible Contractual Terms for Online Access to Database Service
- Appendix 5 Data Protection Privacy Notice Template
- Bibliography
- Index
Appendix 1 - Carrying out an Information Asset Audit
Published online by Cambridge University Press: 29 July 2020
- Frontamtter
- Contents
- List of Acronyms
- List of Figures and Tables
- List of Case Studies
- Introduction
- 1 Copyright and Related Rights
- 2 Data Protection
- 3 Freedom of Information
- 4 Governance, Audits and Risk Assessment
- 5 Policies
- 6 Procedures: Copyright and Related Rights
- 7 Procedures: Using and Negotiating Licences for Access to Information Resources
- 8 Procedures: Data Protection and Freedom of Information
- 9 Tools and Templates
- 10 Awareness and Engagement
- 11 Some Speculations About the Future
- Appendix 1 Carrying out an Information Asset Audit
- Appendix 2 Sample IP Policy
- Appendix 3 Sample Data Protection Policy
- Appendix 4 Possible Contractual Terms for Online Access to Database Service
- Appendix 5 Data Protection Privacy Notice Template
- Bibliography
- Index
Summary
Organisations hold ‘information assets’. An information or data asset is a body of information, defined and managed as a single unit so it can be understood, shared, protected and exploited effectively. Information assets have recognisable and manageable value, risk, content and lifecycles. The first step in GDPR compliance is an information asset audit. This will also help you map the data flows in your organisation and work out what data you are holding and how it supports your business.
An organisation needs to know:
1 which information assets it holds – this can be held in an Information Asset Register
2 which information assets contain personal data and sensitive personal data
3 detailed information about the basis of processing personal data within individual information assets.
- Type
- Chapter
- Information
- Information LawCompliance for Librarians, Information Professionals and Knowledge Managers, pp. 157 - 158Publisher: FacetPrint publication year: 2020