Information Governance and Technology Risks in NHS 2013

Post on 25-Jun-2015

139 views 0 download

Preview:

Click to see full reader

Tags:

Report this document
SHARE

description

A presentation on Information Governance and Technology risks in the new NHS and making use of your internal audit resources to gain adequate assurance.

Transcript of Information Governance and Technology Risks in NHS 2013

Information Governance and Technology Risks and Technology Risks

NHS 2013

A Brave New World …

Peter SheppardSouth Coast Audit

Purpose of Session

Food for thought – Recognising Information and

Technology risks

Constructive challenge – Posing the right questions

to management

Internal Audit - Making effective use of your Internal Internal Audit - Making effective use of your Internal

Audit resources to obtain assurance.

The brave new world….

Governing Information Risk –Context and Expectations

Information risk to be managed in a robust manner

Assurance to be provided in a consistent manner

Structured approach is necessary

– Identify Information Assets– Assign ownership– Assign ownership– Formalise and standardise information risk management

Builds on upon existing NHS Information Governance

Information Risk Management Roles

Managing Informatics Risks

Risk Mitigation

TrainingTraining

PoliciesPolicies

IntegrityIntegrity

ConfidentialityConfidentiality

ObsolescenceInvestment

Strategy

Testing

ProcessesProcesses

TrainingTraining

AvailabilityAvailability

IntegrityIntegrity

Innovation

Patient

Safety

Technical controls

Project Management

Source: ISACA

Consumerization of technology

Bring Your Own Device (BYOD)Improving efficiency and effectiveness?

Empowering staff

Mobile working (getting care closer to patient)

Flexibility

Saving office costs

Enabling future organisational development

Does BYOD fit organisational needs?

BUSINESS CASE

Bring Your Own Device (BYOD)Risks… the flip side

Sensitive Data Leakage

Unauthorised connection & Interception

Malware & data retrieval

Usability

Support costs

Theft

How do we mitigate the risks?

BYOD: Ideas to mitigate risks…

Policy & Standards

Risk mitigation

Device Management

Remote wipe and tracking

User Support and Training

Virtual Desktop

Infrastructure

and tracking

Encryption Access Controls

and Training

Assurance through Management and Internal Audit … Talk to us!

Informatics supports modern business processes. Informatics supports modern business processes.

Expect your management team to provide assurance

Use internal audit to gain independent assurance on

the control environment

We can help by integrating Informatics Assurance

within Internal Audit plans, Governance and Risk

Management, as well as providing independent Management, as well as providing independent

support and advice.

Peter Sheppard BSc (Hons) CISA CITP MBCS MRSC

Associate Director of IM&T Audit Services

01424 77 67 50 peter.sheppard@nhs.net

Top related

Embedding Equality, Diversity & Inclusion into NHS … 2 Integr8 NHS – Board Development Toolkit Embedding Equality, Diversity & Inclusion into NHS Governance 1. Overview of Integr8
 Documents
The Governance of Environmental Risks in Offshore ...
 Documents
Board Governance and Emerging Risks in the C21
 Business
OECD Recommendation on the Governance of Critical Risks
 Government & Nonprofit
Cybersecurity: Risks, Responsibilities, Corporate Governance
 Documents
Governance of Operational/EHS Risks · 11/29/2017 · Governance of Operational/EHS Risks ... Sense of ownership of the EHS risks. ... PowerPoint Presentation Author: peter barlow
 Documents
Information Governance Peter McKenzie Information Governance Manager NHS Tayside informationgovernance.tayside@nhs.net.
 Documents
ADB’s Project Cycle: Managing Procurement Risks and Governance.
 Documents
Embedding Equality, Diversity & Inclusion into NHS Governance
 Documents
IT Leadership, Governance, Strategic Risks Management, and Ethics
 Documents
CODE OF CORPORATE GOVERNANCE 2017 - NHS Borders · SECTION B Members’ code of conduct ... Borders Integrated Joint Board will impact on the governance and functions of NHS Borders.
 Documents
CODE OF CORPORATE GOVERNANCE 2015 - NHS Borders
 Documents
The Healthy NHS Board Principles for Good Governance · We are delighted to introduce The Healthy NHS Board: principles for good governance, ... immediate policy imperatives ... The
 Documents
New Forms of Governance for the NHS?
 Documents
NORTH MIDDLESEX UNIVERSITY HOSPITAL NHS TRUST · 6 NORTH MIDDLESEX UNIVERSITY HOSPITAL NHS TRUST | ANNUAL AUDIT LETTER FINANCIAL STATEMENTS Governance statement The governance statement
 Documents
NHS Information Governance
 Documents
DEALING WITH GOVERNANCE AND CORRUPTION RISKS IN …
 Documents
NHS GRAMPIAN ANNUAL REVIEW TUESDAY 1ST NOVEMBER … · NHS Grampian’s clinical governance and risk management governance systems were assessed as a level 4, ‘evaluation’, by
 Documents
Records Management and the NHS Code of Practice (Foundation) Information Governance Policy Team NHS Connecting for Health.
 Documents
Glossary for NHS finance and governance (Wales)
 Documents

Copyright © 2022 FDOCUMENTS