ITS833 Information Governance Case Study
INSTRUCTIONS: While it should go without stating, information related to each of STP’s customers and the products that you are transporting for them is highly sensitive, and in some cases top secret. You want to make sure that any IG Program that STP ultimately implements will allow STP to retain all of the information about its customers, the product transported, and the particular haul that it is required to keep pursuant to federal and state law. You want to insure STP that the proper information will be retained that it might need for purposes of litigation and e-discovery. At the same time, you don’t want STP to keep unnecessary information for extended periods of time, thereby increasing the cost and time involved with processing and retention.
Respond to the following questions:
- First, select and list 10 individuals to serve on your IG project team. Explain why you selected the team members that you did.
- Conduct the necessary research for each of STP’s state of home office (Kentucky), and for the state of each of its primary hubs (Texas and California), that will allow you to (a) educate yourself and your team members on the mandatory information retention requirements and privacy consideration for each of the three states, and (b) be able to intelligently discuss the legal and regulatory requirements with in-house counsel. You will want to conduct internet research on this and may also want to review Appendix B in your text book. Do not ignore this area of the project.
- Ultimately, your team will be required to create a “risk profile” and risk analysis, that will describe the set of risks facing STP in achieving its business objectives while protecting its information and that of its customers, LJPs and ISAs, and which will allow STP to assess the likelihood these risks hold and their potential impact, if materialized, and in addition will permit STP to identify risk mitigating factors to be implemented. You need to brainstorm in order to present the information to your team members that will facilitate the creation of a risk profile and analysis. To that end, create a top-10 list of the greatest risks to information that STP will face, ranking your list in order from highest or greatest risk to lowest, for each risk identified, state whether you believe the risk could be assumed, transferred or mitigated in full or in part. Also, for each risk identified identify the individual, title or business unit that the team member will want to contact in order to obtain additional information about the fundamental activity that will assist your team in fully completing the risk profile and analysis. This phase (phase I) of your project is due no later than May 27, 2018. It should be completed in a WORD format. Use 1 inch margins on each page. Include a cover page that will contain the Course name and number, semester term, your full name, student id, and the title “STP IG PROGRAM IMPLEMENTATION – PHASE 1”.
You should submit this assignment using iLearn. Go to the content section where you will see a folder labeled “SEMESTER PROJECT-STP”. Select that folder. You will then see selections for submitting Phases I, II, and III. Please select Phase I, and upload the WORD document that you created.