National City Financial Services Corporation: Governance Policy
VerifiedAdded on  2023/06/03
|10
|1972
|77
Report
AI Summary
This document presents an information governance policy tailored for National City Financial Services Corporation, a comprehensive financial institution offering diverse services from commercial banking to investment brokerage. The policy addresses critical aspects such as data confidentiality, integrity, and quality, along with regulatory compliance and staff training. Key procedures detailed include records management, content management, IT and data governance, information security, data privacy, risk management, litigation readiness, and long-term digital preservation. The policy also defines roles and responsibilities within the governance framework, emphasizing the importance of a business continuity plan and disaster recovery procedures to ensure operational resilience. The goal is to establish a standardized method for handling information, ensuring it is accessed, controlled, managed, shared, stored, preserved, and audited effectively, with the commitment of resources and compliance from all stakeholders.
Running head: Information Governance Policy
Information Governance Policy
National City Financial Services Corporation
Date
1
Information Governance Policy
National City Financial Services Corporation
Date
1
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Running head: Information Governance Policy
Contents
Introduction....................................................................................................................3
Purpose of the policy......................................................................................................3
National City’s approach to Information Governance...................................................3
Procedures in use in the organisation.............................................................................4
Records management.................................................................................................4
Content management..................................................................................................4
Information Technology and data governance...........................................................4
Information security...................................................................................................5
Data privacy...............................................................................................................5
Risk management.......................................................................................................5
Litigation readiness....................................................................................................5
Regulatory compliance...............................................................................................6
Long-term digital preservation...................................................................................6
Roles and Responsibilities.............................................................................................6
Business Continuity Plan...............................................................................................7
Disaster Recovery..........................................................................................................7
Conclusion......................................................................................................................7
Approval.....................................................................................................................8
References......................................................................................................................9
2
Contents
Introduction....................................................................................................................3
Purpose of the policy......................................................................................................3
National City’s approach to Information Governance...................................................3
Procedures in use in the organisation.............................................................................4
Records management.................................................................................................4
Content management..................................................................................................4
Information Technology and data governance...........................................................4
Information security...................................................................................................5
Data privacy...............................................................................................................5
Risk management.......................................................................................................5
Litigation readiness....................................................................................................5
Regulatory compliance...............................................................................................6
Long-term digital preservation...................................................................................6
Roles and Responsibilities.............................................................................................6
Business Continuity Plan...............................................................................................7
Disaster Recovery..........................................................................................................7
Conclusion......................................................................................................................7
Approval.....................................................................................................................8
References......................................................................................................................9
2
Running head: Information Governance Policy
Introduction
With information, one can do pretty much a lot of things in the digital world. With
information that is not governed and managed by policies and regulations, one can land
themselves in a mess, since information is a vital asset, both to people, property or
organizations. Information related to each of National City’s customers and their products is
highly sensitive, and for many of its association with governmental clients is top secret. (De
Haes & Van Grembergen, 2009).
For our case in the national banking organization, our services range from
commercial banking, mortgage, commercial and residential lending, investment/brokerage
services, administration of group retirement accounts for large corporate entities, online
banking/financial services and the organization also issues and services its own credit cards
in association with VISA.
So, information about National Citsy’s customers, the product/service offered, and
the particular customer account, credit cards, employees, organization’s assets e. t. c is of
great importance to the organization. (Vom Brocke & Rosemann, 2010). It is therefore of
more importance that data is efficiently controlled, and that the accurate policies, procedures,
management and accountability, and structures provide a strong governance system for
information control.
Purpose of the policy
This is a formal information management policy which gives an outlook of the
organisation’s strategy to information management. Its purpose is to provide a guideline on
the protocols used and details about the information governance management policies used to
govern the organisation. (Wu, Straub & Liang, 2015).
3
Introduction
With information, one can do pretty much a lot of things in the digital world. With
information that is not governed and managed by policies and regulations, one can land
themselves in a mess, since information is a vital asset, both to people, property or
organizations. Information related to each of National City’s customers and their products is
highly sensitive, and for many of its association with governmental clients is top secret. (De
Haes & Van Grembergen, 2009).
For our case in the national banking organization, our services range from
commercial banking, mortgage, commercial and residential lending, investment/brokerage
services, administration of group retirement accounts for large corporate entities, online
banking/financial services and the organization also issues and services its own credit cards
in association with VISA.
So, information about National Citsy’s customers, the product/service offered, and
the particular customer account, credit cards, employees, organization’s assets e. t. c is of
great importance to the organization. (Vom Brocke & Rosemann, 2010). It is therefore of
more importance that data is efficiently controlled, and that the accurate policies, procedures,
management and accountability, and structures provide a strong governance system for
information control.
Purpose of the policy
This is a formal information management policy which gives an outlook of the
organisation’s strategy to information management. Its purpose is to provide a guideline on
the protocols used and details about the information governance management policies used to
govern the organisation. (Wu, Straub & Liang, 2015).
3
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Running head: Information Governance Policy
National City’s approach to Information Governance
National City Financial Services Corporation seeks to implement its information
governance effectively and in a formal manner. (Smallwood, 2018)
1. Confidentiality assurance of information
2. Integrity of information maintained
3. High quality data support
4. Regulatory requirements met
5. Staff training on Information governance
6. Punishment of breaches of information policies
Procedures in use in the organisation
The policy of information governance is supported and fully justified by the
following procedures and key concepts:
Records management
This procedure considers the different types of records STP deals with through
the records inventory for a least one area of the organization. The organization must
have a records retention plan for purposes of litigation and e-discovery Identify the
types of records that may be periodically tagged for destruction, the ones that should
be archived, and those that are subject to long term digital preservation. (Tallon,
Ramirez & Short, 2013).
Content management
National City is focused on the security of their data and online transactions.
All the systems that are integrated with our content management systems must meet
rigid scrutiny of high standards and perform without failure. (Avril & Zumello, n.d.)
Information Technology and data governance
4
National City’s approach to Information Governance
National City Financial Services Corporation seeks to implement its information
governance effectively and in a formal manner. (Smallwood, 2018)
1. Confidentiality assurance of information
2. Integrity of information maintained
3. High quality data support
4. Regulatory requirements met
5. Staff training on Information governance
6. Punishment of breaches of information policies
Procedures in use in the organisation
The policy of information governance is supported and fully justified by the
following procedures and key concepts:
Records management
This procedure considers the different types of records STP deals with through
the records inventory for a least one area of the organization. The organization must
have a records retention plan for purposes of litigation and e-discovery Identify the
types of records that may be periodically tagged for destruction, the ones that should
be archived, and those that are subject to long term digital preservation. (Tallon,
Ramirez & Short, 2013).
Content management
National City is focused on the security of their data and online transactions.
All the systems that are integrated with our content management systems must meet
rigid scrutiny of high standards and perform without failure. (Avril & Zumello, n.d.)
Information Technology and data governance
4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Running head: Information Governance Policy
The implementation of Data Governance and Information Technology in
National City has impact to processes, organizational changes, and IT landscape
changes. For example, complex change of projects have limitations in IT and data
integration and how data governance will be successfully implemented.
Information security
Security of financial information, employee details, intellectual property, and
information generally from third parties should be managed confidentially and
successfully. Anyone breaching against the company’s IT security law must be
punished in accordance to the law stated in this policy (Vom Brocke, & Rosemann,
2010).
Data privacy
This ensures that a wide variety of document and image file types are securely
accessed, viewed and processed at the same time meeting or exceeding required data
privacy standards (Tallon, Ramirez & Short, 2013).
Risk management
This shows a procedural framework to build and implement risk control
measures and programs. Support and sustain risk management are high level
foundations and consist of risk management, objectives, policy, executive and
organizational order. (Luftman, Bulle, Liao, Nash, & Neumann, 2004) They must be
actionable and specific. They include, strategic plans, allocated budget,
responsibilities, and processes.
5
The implementation of Data Governance and Information Technology in
National City has impact to processes, organizational changes, and IT landscape
changes. For example, complex change of projects have limitations in IT and data
integration and how data governance will be successfully implemented.
Information security
Security of financial information, employee details, intellectual property, and
information generally from third parties should be managed confidentially and
successfully. Anyone breaching against the company’s IT security law must be
punished in accordance to the law stated in this policy (Vom Brocke, & Rosemann,
2010).
Data privacy
This ensures that a wide variety of document and image file types are securely
accessed, viewed and processed at the same time meeting or exceeding required data
privacy standards (Tallon, Ramirez & Short, 2013).
Risk management
This shows a procedural framework to build and implement risk control
measures and programs. Support and sustain risk management are high level
foundations and consist of risk management, objectives, policy, executive and
organizational order. (Luftman, Bulle, Liao, Nash, & Neumann, 2004) They must be
actionable and specific. They include, strategic plans, allocated budget,
responsibilities, and processes.
5
Running head: Information Governance Policy
Litigation readiness
There must be policies of litigation that have fully defined procedures in place
that are fully and properly enforced. There should be an updated records electronic
inventory records. (Luftman, Bulle, Liao, Nash, & Neumann, 2004).
Regulatory compliance
All the procedures and processes of the organization must comply with the
required regulations. Standards are built so that each company employee must adhere
to it and follow accordingly. (Soares, 2012).
Long-term digital preservation
For purposes of future reference and recovery of data, there must be ways to
preserve and store data in digital formats for long term purposes (Soares, 2012).
Business intelligence- Our organization must conduct market research on how
other banking institutions business intelligence solutions to reduce risks, improve
profitability and offer competitive advantage.
Roles and Responsibilities
Information Governance must also have a committee that performs certain
roles and responsibilities in order to ensure everything runs smoothly. (Vallabhaneni,
2008)They include:
ROLE RESPONSIBILITY
1. Executive Sponsor Handles all matters concerning funding of the
various projects.
2. Lead Project Manager Coordination of Information Governance
projects.
3. Information security team Enforcement of information security policies
and handling of security breach cases.
4. Business analyst Conducts research and provide information on
how to improve business operations.
5. Records analyst The collection, monitoring, and enforcement of
all records.
6. Training and user support Trains and educates users and staff on different
use of products.
6
Litigation readiness
There must be policies of litigation that have fully defined procedures in place
that are fully and properly enforced. There should be an updated records electronic
inventory records. (Luftman, Bulle, Liao, Nash, & Neumann, 2004).
Regulatory compliance
All the procedures and processes of the organization must comply with the
required regulations. Standards are built so that each company employee must adhere
to it and follow accordingly. (Soares, 2012).
Long-term digital preservation
For purposes of future reference and recovery of data, there must be ways to
preserve and store data in digital formats for long term purposes (Soares, 2012).
Business intelligence- Our organization must conduct market research on how
other banking institutions business intelligence solutions to reduce risks, improve
profitability and offer competitive advantage.
Roles and Responsibilities
Information Governance must also have a committee that performs certain
roles and responsibilities in order to ensure everything runs smoothly. (Vallabhaneni,
2008)They include:
ROLE RESPONSIBILITY
1. Executive Sponsor Handles all matters concerning funding of the
various projects.
2. Lead Project Manager Coordination of Information Governance
projects.
3. Information security team Enforcement of information security policies
and handling of security breach cases.
4. Business analyst Conducts research and provide information on
how to improve business operations.
5. Records analyst The collection, monitoring, and enforcement of
all records.
6. Training and user support Trains and educates users and staff on different
use of products.
6
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Running head: Information Governance Policy
7. System administrator Runs and maintains all software operation
systems.
8. Employees/Staff Ensuring that tasks of the organization are
performed and all policies are followed.
Business Continuity Plan
In a financial organization like the one mentioned above, it must be reliable,
available, and able to recover its networks, IT systems, and infrastructure. This
improves operations and functionalities of the organization. A business continuity
plan must be developed according to the size and complex nature of the organizations
and should be together with the business strategy of the company. (Vallabhaneni,
2008)
Business continuity plan helps us to reduce and cut financial losses, perform
our mandate with minimal external or internal disruptions which may adversely affect
business operations. (Vallabhaneni, 2008) This will be achieved by providing
redundant hardware, software and network components in order to curb failure and
allow for fast recovery in case of failure.
Disaster Recovery
When there is a problem of hardware malfunction, system faults, operations
errors or security breaches, the next step is executing the recovery plan alongside
response procedures. This plans should be updated at least annually. (Wu, Straub &
Liang, 2015). Periodical backups and contingency tests must be carried out regularly
for recovery. A separate recovery site or secondary storage must also be considered to
help restore critical operations and systems.
7
7. System administrator Runs and maintains all software operation
systems.
8. Employees/Staff Ensuring that tasks of the organization are
performed and all policies are followed.
Business Continuity Plan
In a financial organization like the one mentioned above, it must be reliable,
available, and able to recover its networks, IT systems, and infrastructure. This
improves operations and functionalities of the organization. A business continuity
plan must be developed according to the size and complex nature of the organizations
and should be together with the business strategy of the company. (Vallabhaneni,
2008)
Business continuity plan helps us to reduce and cut financial losses, perform
our mandate with minimal external or internal disruptions which may adversely affect
business operations. (Vallabhaneni, 2008) This will be achieved by providing
redundant hardware, software and network components in order to curb failure and
allow for fast recovery in case of failure.
Disaster Recovery
When there is a problem of hardware malfunction, system faults, operations
errors or security breaches, the next step is executing the recovery plan alongside
response procedures. This plans should be updated at least annually. (Wu, Straub &
Liang, 2015). Periodical backups and contingency tests must be carried out regularly
for recovery. A separate recovery site or secondary storage must also be considered to
help restore critical operations and systems.
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Running head: Information Governance Policy
Conclusion
To do this, National City Financial Services Corporation recognizes that in
order to support the organizational objectives, its Information Governance goal must
be to design and implement a plan/program that provides for a standardized and
systematized method of handling information wherein it can efficiently examine and
enforced how information is accessed, controlled, managed, shared, stored, preserved
and audited.
All National City Financial Services Corporation partners and owners are supposed to
be ensuring sufficient resources are given and also the assistance in order for the organization
to realize effective implementation of information governance in terms of compliance with
the regulations in place. (Vallabhaneni, 2008)
All the employees and employers are also supposed to ensure compliance with the
requirements of the information governance policy, in addition, they should be aware of all
procedures, structures, and guidelines put in place in order to support it. (Wu, Straub &
Liang, 2015).
Approval
Undersigned has approved and passed this policy and it can be reviewed annually for
amendments.
Name :
Date approved:
Review date:
8
Conclusion
To do this, National City Financial Services Corporation recognizes that in
order to support the organizational objectives, its Information Governance goal must
be to design and implement a plan/program that provides for a standardized and
systematized method of handling information wherein it can efficiently examine and
enforced how information is accessed, controlled, managed, shared, stored, preserved
and audited.
All National City Financial Services Corporation partners and owners are supposed to
be ensuring sufficient resources are given and also the assistance in order for the organization
to realize effective implementation of information governance in terms of compliance with
the regulations in place. (Vallabhaneni, 2008)
All the employees and employers are also supposed to ensure compliance with the
requirements of the information governance policy, in addition, they should be aware of all
procedures, structures, and guidelines put in place in order to support it. (Wu, Straub &
Liang, 2015).
Approval
Undersigned has approved and passed this policy and it can be reviewed annually for
amendments.
Name :
Date approved:
Review date:
8
Running head: Information Governance Policy
References
Luftman, J. N., Bullen, C. V., Liao, D., Nash, E., & Neumann, C. (2004). Managing
the information technology resource: Leadership in the information age.
Upper Saddle River, NJ: Pearson Education.
Soares, S. (2012). Big data governance: an emerging imperative. Mc Press.
De Haes, S., & Van Grembergen, W. (2008, January). Analysing the relationship
between IT governance and business/IT alignment maturity. In Hawaii
International Conference on System Sciences, Proceedings of the 41st
Annual (pp. 428-428). IEEE.
Wu, S. P. J., Straub, D. W., & Liang, T. P. (2015). How information technology
governance mechanisms and strategic alignment influence organizational
performance: Insights from a matched survey of business and IT
managers. Mis Quarterly, 39(2), 497-518.
Vom Brocke, J., & Rosemann, M. (2010). Handbook on business process
management (p. 3). Heidelberg: Springer.
De Haes, S., & Van Grembergen, W. (2009). An exploratory study into IT
governance implementations and its impact on business/IT
alignment. Information Systems Management, 26(2), 123-137.
Tallon, P. P., Ramirez, R. V., & Short, J. E. (2013). The information artifact in IT
governance: toward a theory of information governance. Journal of
Management Information Systems, 30(3), 141-178.
Vallabhaneni, S. (2008). Corporate management, governance, and ethics best
practices. Hoboken, N.J.: Wiley.
Avril, E., & Zumello, C. n.d New technology, organizational change, and
governance.
9
References
Luftman, J. N., Bullen, C. V., Liao, D., Nash, E., & Neumann, C. (2004). Managing
the information technology resource: Leadership in the information age.
Upper Saddle River, NJ: Pearson Education.
Soares, S. (2012). Big data governance: an emerging imperative. Mc Press.
De Haes, S., & Van Grembergen, W. (2008, January). Analysing the relationship
between IT governance and business/IT alignment maturity. In Hawaii
International Conference on System Sciences, Proceedings of the 41st
Annual (pp. 428-428). IEEE.
Wu, S. P. J., Straub, D. W., & Liang, T. P. (2015). How information technology
governance mechanisms and strategic alignment influence organizational
performance: Insights from a matched survey of business and IT
managers. Mis Quarterly, 39(2), 497-518.
Vom Brocke, J., & Rosemann, M. (2010). Handbook on business process
management (p. 3). Heidelberg: Springer.
De Haes, S., & Van Grembergen, W. (2009). An exploratory study into IT
governance implementations and its impact on business/IT
alignment. Information Systems Management, 26(2), 123-137.
Tallon, P. P., Ramirez, R. V., & Short, J. E. (2013). The information artifact in IT
governance: toward a theory of information governance. Journal of
Management Information Systems, 30(3), 141-178.
Vallabhaneni, S. (2008). Corporate management, governance, and ethics best
practices. Hoboken, N.J.: Wiley.
Avril, E., & Zumello, C. n.d New technology, organizational change, and
governance.
9
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Running head: Information Governance Policy
Smallwood, R. (2018). Information Governance (Pp. 23-30). [S.L.]: John Wiley &
Sons.
10
Smallwood, R. (2018). Information Governance (Pp. 23-30). [S.L.]: John Wiley &
Sons.
10
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.