ROLLING MEADOWS, Ill.--(BUSINESS WIRE)--Big data—dubbed “the new oil” by the World Economic Forum—can improve decision making, reduce time to market and increase profits. But it can also raise significant risk, ranging from disastrous data breaches to privacy and compliance concerns. To help enterprises retain control of their massive and fast-changing information, ISACA has issued new guidance available freely at www.isaca.org/privacy-and-big-data. Privacy and Big Data: An ISACA White Paper outlines critical governance and assurance considerations as well as key questions that must be answered.
“CIOs are often under pressure from the board and senior leadership to implement big data before proper risk management and controls are in place, in order to compete in the marketplace,” said Richard Chew, CISA, CISM, CGEIT, a developer of the ISACA paper and senior information security analyst at Emerald Management Group. “Big data provides an important opportunity to deliver value from information, but an enterprise will be more successful in the long run if policies and frameworks such as COBIT are put into place first.”
According to Privacy and Big Data, enterprises must ask and answer 16 important questions, including these key five, which—if ignored—expose the enterprise to greater risk and damage:
1. Can we trust our sources of big data?
2. What information are we collecting without exposing the enterprise to legal and regulatory battles?
3. How will we protect our sources, our processes and our decisions from theft and corruption?
4. What policies are in place to ensure that employees keep stakeholder information confidential during and after employment?
5. What actions are we taking that create trends that can be exploited by our rivals?
As big data grows, enterprises need a robust data privacy solution to help prevent breaches and enforce security in a complex IT environment.
“To streamline the governance, risk management and effective delivery of big data implementation projects, many enterprises are implementing COBIT, a customizable framework developed by global subject matter experts,” said Yves LeRoux, CISM, CISSP, chair of ISACA’s Data Privacy Task Force and technology strategist at CA Technologies. “By using COBIT, enterprises can more easily identify sensitive data, ensure that the data are secured, demonstrate compliance with applicable laws and regulations, proactively monitor the data, and react and respond faster to data or privacy breaches.”
The COBIT 5 framework can be downloaded free of charge at www.isaca.org/cobit. Privacy and Big Data is available freely at www.isaca.org/privacy-and-big-data . Additional privacy and big data discussions, links and resources can be found in ISACA’s Knowledge Center in the Privacy/Data Protection and Big Data communities.
With more than 110,000 constituents in 180 countries, ISACA® (www.isaca.org) helps business and IT leaders maximize value and manage risk related to information and technology. Founded in 1969, the nonprofit, independent ISACA is an advocate for professionals involved in information security, assurance, risk management and governance. These professionals rely on ISACA as the trusted source for information and technology knowledge, community, standards and certification. The association, which has 200 chapters worldwide, advances and validates business-critical skills and knowledge through the globally respected Certified Information Systems Auditor® (CISA®), Certified Information Security Manager® (CISM®), Certified in the Governance of Enterprise IT® (CGEIT®) and Certified in Risk and Information Systems Control™ (CRISC™) credentials. ISACA also developed and continually updates COBIT®, a business framework that helps enterprises in all industries and geographies govern and manage their information and technology.
Follow ISACA on Twitter: https://twitter.com/ISACANews