Content - DK

3 Steps to Protect Your Professional Services Firm Reputation with Information Security

Issue link:

Contents of this Issue


Page 4 of 7

PROTOCOL 3 Steps to Protect Your Accounting Firm's Reputation with Information Security According to a 2017 M-Files and AIIM survey, one in three workers feel that data protection at their organization is insufficient. Furthermore, roughly 30% of organizations do not have a formally documented policy about how company information is stored, managed and shared. This demonstrates an apparent gap in how organizations tackle information security with protocol and governance. Protocol is not just for compliance. Rather, protocol is a protection mechanism for your business. Without protocol, staff is unable to contribute to security efforts. Accounting firms must establish both their proactive and reactive strategies for information security. These strategies should be documented, distributed, and tested often. Once these items are defined, organizations can then build technical and management systems to ensure these strategies are implemented. Some of these strategies can include items like: PROTOCOL 1. Incident plans and testing protocols. Incidents will occur that compromise data. It's important to strategize and document the protocols to identify and contain breaches caused by attacks, system glitches or human error. This way, incident teams and staff know exactly what to do when information is compromised. It's equally important to create procedures around testing. 2. Prevention protocols. No preventative action can completely eliminate threats, but they can significantly mitigate risk. When considering preventative strategies, it's best to first list all the possible scenarios that need to be prevented, ranging from situations like staff sharing the wrong information externally to massive data breaches where thousands of records are compromised. For more comprehensive models on how to approach information governance and protocol, we suggest starting with The Information Governance Reference Model (IGRM). For accounting firms, protocol defines the big picture and gets everyone on the same page when it comes to operations about information security.

Articles in this issue

view archives of Content - DK - 3 Steps to Protect Your Professional Services Firm Reputation with Information Security