An Overview of Risk Assessment of Data Security Management Over Data Governance

Data governance (DG) comprises a combination of processes, procedures, standards, organizational bodies, decision-making, rules, policies, and accountabilities to handle the information assets. Data governance has various dimensions and elements such as data quality management, data management systems, data security, and data administration. Many organizations adopt the DG policies to meet the evolving business requirements and data quality standards. Some of the motives include escalation of business revenue, cost reduction, and compliance. In addition to this, DG plays a vital role in ensuring data security and the implementation of an effective data management system. Due to the rise in data threats and vulnerabilities, a proper risk management system is vital for controlling and securing the data. The first step in the risk management process comprises a thorough risk assessment. There are several approaches to risk assessment. ISO 27001 is one of the widely preferred approaches and it is suitable for identifying, analyzing, and evaluating risk in compliance with data security and protection standards. The ISO 27001 standards based approach was proposed to manage risks of data security management over data governance. The proposed approach brings the level of assurance in managing risks of data security management over data governance.