Information Life Cycle

“Innovation is Not Using Blue Print Solutions and Not Re-inventing the Wheel”

According to the Wikipedia, “Information, in its most restricted technical sense, is a sequence of symbols that can be interpreted as a message.”

For many organizations in the financial, insurance, industrial, healthcare, government and other sectors, Information is defined as an Asset value that requires to be managed and handled according to it's value for the respective organization.

From creation to deletion, archiving and/or permanent removal, the Information Life Cycle provides the necessary governance framework for the proper handling of Information, in context of any external legal and/or regulatory requirements as well as the defined value of the Information to the organization.

Information Security utilizes technology and processes to enable the desired handling of Information within it's life cycle management. This may be achieved by using encryption for maintaining the confidentiality of the Information in Transfer and Storage, or implementing an Identity Management System for ensuring the desired level of authentication and authorization, or by establishing an organizational process for assigning Information Owners or handling defective hardware.

SIRA defines and develops new methodologies to support local and globally active organizations to Identify, Assess and Mitigate any gaps and none compliance across the complete suite of technologies and processes used for maintaining the organization's Information Life Cycle.

SIRA's assessments identify risks and propose mitigating measures and controls according to Confidentiality, Integrity, Availability and Accountability requirements of organizations.

Question: Would you agree to the following definition?

1. Data = A series of 1's and 0's.
2. Information = Data that is received and the content/message of which is understood.
3. Knowledge = Applying the Information that is received.

Let us know what your thoughts are? sira@swiss-risk.ch