Information audit

by

Information Audit. Global diagnosis of the way information is used in an organization, in order to determine the information it needs to satisfy its objectives, and thus function properly.

Summary

[ hide ]

  • 1 Definition
  • 2 Characterization
  • 3 Objective
  • 4 Solutions
  • 5 Processes that define it
    • 1 Physical inventory
    • 2 Mapping information
    • 3 Analysis of information needs
    • 4 Control processes
  • 6 Methodologies for information auditing
  • 7 Elements of an information audit
  • 8 References
  • 9 Sources

Definition

Jesús Tramullas states that: “information auditing is the process (and the methods and techniques used) to discover, control and evaluate the information flows and resources of an organization, both internal and external. Its purpose is to develop the management of information in the organization ” [1]

Characterization

Specialized nature of the audit of Information Systems and the skills necessary to perform such audits require the development and adoption of general rules for the audit of Information Systems.

Information systems auditing is defined as any audit that encompasses the review and evaluation of all aspects (or any portion of them) of automatic information processing systems, including the non-automatic procedures related to them and the corresponding interfaces.

It allows to have a general understanding of the operation and characteristics of the system, before it is subjected to usability evaluations.

Evaluate elements such as: information resources, uses that can be made of the system, information flows, characteristics of the support and types of interaction that the system allows, among others.

objective

The objective is to ensure that the information that will circulate through the system is the most appropriate for the organization. Through the Information Audit, it is intended that the organization only receives information that is relevant to its interests, thus reducing silence (not obtaining relevant information) and noise (obtaining non-relevant information) and information requirements. of the organization (that is, of the information it needs to function properly).

According to Jesús Tramulla, the information audit should:

  • Identify information resources (IR).
  • Identify information requirements.
  • Identify flows and processes.
  • Identify costs and benefits of IR.
  • Identify opportunities for use of IR.
  • Integrate the IR with the objectives of the organization.
  • Evaluate compliance with existing regulations on information and its use. [two]

Solutions

The information audit will help to identify:

  • Duplicities: Within the same organization, sometimes the same information is created and stored independently.
  • Shortcomings: Not sharing information produces gaps that threaten the proper functioning of certain business units within the organization.
  • Inconsistencies: Keeping the same information independently can lead to conflicting information. [3]

Processes that define it

Physical inventory

Identification and categorization process of information resources . This allows a diagnosis to be made of the information resources offered by a certain technology or system .

Information mapping

It constitutes a graphic way of representing the information resources that exist in the organization and the interrelation between them. This allows understanding of flows, types of interactions, storage mechanisms and how they are updated.

Analysis of information needs

Its main purpose is to determine what information is required by users and the entity-institution- company to achieve their objectives.

Control processes

It consists of identifying the self-regulation, verification and control mechanisms that the studied information system has .

Information audit methodologies

Currently, there is no standard methodology for conducting an information audit, however, a series of activities and techniques can be developed that can help to carry them out:

  • Physical inventory: itis the process of identification and categorization of information resources in a systematic way. In this way, a photograph of what the organization has in terms of information resources at a given time is provided.
  • Information mapping (Infomap): itis a graphic way of representing the information resources that exist in the organization and the interrelationships between them. The resource map indicates how basic information resources are, how they are positioned (geographically, departmentally, from a technical point of view), how they interact, who uses them, who is responsible, etc.
  • Analysis of the information needs:its main purpose is to determine what information is required by the employees and the management of the organization to develop their roles and achieve the objectives.
  • Processcharts and workflows: Process charts together with workflows can be a good working tool in the field of information audits.
  • Control and verification processes:in an information audit, the control and verification processes must also be established.

The result of these processes can consist of a report or even a certificate confirming that everything is correct or that includes recommendations for improvement. It should be borne in mind that the information resources map , or documentary map, may constitute one of the main results of the information audit process.

In the case of the documentary map, it details which documents are within the organization, to what type of functions are they linked and respond, who has responsibility and access to those documents, in what medium are they available, where and how they are accessible and what relationship or level of integration they have with the rest of the organization’s information systems . The location of all documents within the standards and procedures of the organization is also established, as well as their value for corporate knowledge.

Elements of an information audit

The information audit should relate what is found to the objectives of the organization, as well as relate them to the organizational culture , in addition to helping to decide how the organization should develop an information policy.

With the audit, the aim is to make a diagnosis of the shortcomings of the current situation, whether it is duplication of information such as lack thereof, underutilization of resources, incompatibility and / or obsolescence of systems, training deficiencies within the group of members of the organization, extraordinary resource needs and insufficient personnel.
The elements that must constitute an information audit are:

  • Identification of resources and information flows.
  • Assessment of the effective use made of available information technologies.
  • Controland rationalization of costs.
  • Marketingof the unit and its informative products.
  • Design of the tasks of the people who work with informationwithin the unit.

 

Related Posts:

by Abdullah Sam
I’m a teacher, researcher and writer. I write about study subjects to improve the learning of college and university students. I write top Quality study notes Mostly, Tech, Games, Education, And Solutions/Tips and Tricks. I am a person who helps students to acquire knowledge, competence or virtue.

Leave a Comment