Effective Information Management: Selection, Security & More
1.3 Information Selection
Information selection is the process of assessing, discriminating, and filtering information based on a company’s objectives or needs. Companies select information according to certain criteria, such as:
- Costs of profitability
- Information use and interest: Some information may not be relevant if it is duplicate, outdated, or lacks interest for the target audience.
- Reliability: Information must be verified, checked, and reliable.
- Available time: More time allows for more accurate information gathering.
- Nature of the information: The medium in which the information is collected.
- Source of information: Prioritize reliable data sources.
- Objectivity
An internal auditor performs quality controls to verify that procedures are correctly executed and that information meets the company’s objectives.
1.4 Interpretation and Presentation of Information
Selected and collected information is analyzed and presented to facilitate business decisions. Common formats include:
- Reports
- Summaries or syntheses
- Schemes or diagrams
- Reviews (summaries including personal judgment)
- Tables
- Graphs (bar, sector, line charts for quick visualization)
1.5 Information Security
Information security encompasses measures to protect sensitive company information.
In Spain, the Spanish Agency for Data Protection enforces data protection legislation and imposes fines for violations of the Data Protection Act.
Security ensures that information retains its key qualities:
- Confidentiality: Only authorized personnel have access.
- Integrity: Information remains free of unauthorized changes or omissions.
- Availability: Authorized users can access information when needed.
Mechanisms to Provide Information Security
These can be divided into two groups:
1. Communications Security
1.1 Digital or electronic signature: A set of protocols to prove the authenticity of a digital message or document. Used in electronic business contracts, electronic invoices, and trusted timestamping, which proves the existence of electronic data. Applications include electronic invoices and contracts, electronic visas, and authorship protection.
2. Storage Security
Physical measures are taken for paper files.
- Firewall: A security system to prevent unauthorized network access.
- Antivirus: A computer program that prevents virus activation.
- Administration of user accounts: Manages access privileges.
- Data recovery: Backups or duplicates of relevant information.
Hackers: Individuals with advanced computer skills, especially in security.
Crackers: Individuals who use computer skills for personal gain.
Script kiddies: Amateur computer enthusiasts.