Information Governance and Assurance: Reducing Risk, Promoting Policy

Customers outside of North America (USA and Canada) should contact Facet Publishing for purchasing information.

ALA Member
Item Number
Facet Publishing, UK

Primary tabs

You don't need to be an ALA Member to purchase from the ALA Store, but you'll be asked to create an online account/profile during the checkout to proceed. This Web Account is for both Members and non-Members. 

If you are Tax-Exempt, please verify that your account is currently set up as exempt before placing your order, as our new fulfillment center will need current documentation. Learn how to verify here.

  • Description
  • Table of Contents
  • About the author
  • Reviews

This comprehensive textbook discusses the legal, organizational and ethical aspects of information governance and information security and their relevance to all aspects of information work.

From the researcher who is responsible for ethical practices in the gathering, analysis, and storage of data, to the reference librarian who must deliver unbiased information; from the records manager who must respond to information requests, to the administrator handling personnel files, this book will equip practitioners and students alike to implement good information governance practice in real-world situations.



1. Introduction

  • Rationale 
  • Data and information
  • Information as an asset
  • Where is our information?
  • Threats
  • Standards, frameworks and a framework for information governance and assurance
  • Policy
  • Assurance
  • How to use this book

2. The laws and regulations

  • Introduction 
  • A standard for records 
  • The Information Commissioner's Office
  • The Freedom of Information Act 2000
  • Data protection
  • Environmental Information Regulations (EIR)
  • Policy
  • The role of the information professional
  • Discussion points
  • Conclusion
  • References

3. Data quality management

  • Introduction
  • What is data quality?
  • Dimensions of data quality
  • A different perspective
  • Example
  • Data quality tools
  • Products versus processes
  • Data silos
  • Master data management (MDM)
  • Single customer view
  • Further library examples
  • Data quality policy/strategy 
  • The role of the information professional in data quality management
  • Discussion points
  • Conclusion
  • References

4. Dealing with threats

  • Introduction 
  • Internal threats 
  • External threats
  • The law
  • Policy
  • Exercise
  • Conclusion
  • References

5. Security, risk management and business continuity

  • Introduction
  • The security environment
  • Strategy and tactics
  • Standards – the ISO 27000 series
  • Practical measures
  • Risk management
  • Business continuity management (BCM)
  • Policy
  • Exercises
  • Conclusion
  • References

6. Frameworks, policies, ethics and how it all fits together

  • Introduction
  • Moving from standards to frameworks
  • The information governance and assurance framework in operation
  • Ethics
  • The role of the information professional in the information governance and assurance framework
  • Discussion points
  • Conclusion
  • References
  • Discussion points and exercises
  • Index


Dr. Alan MacLennan

Dr. Alan MacLennan is Course Leader for the MSc in Information Management at Robert Gordon University, UK and teaches modules in Databases, Networking and Records Management on the course. His teaching areas span both "traditional" librarianship - cataloguing to AACR2R2 and MARC, and some classification - and topics in the forefront of today's Information revolution, such as networking, the Internet, the World Wide Web and HTML authoring and page design. He completed a postgraduate diploma and linked Master's in Librarianship and Information Studies at Robert Gordon University and has been lecturing since 1993.

"This book could readily serve as a text to accompany a course devoted to the broader topic of information, its management, and security. Each chapter concludes with suggestions for further discussion as well as a limited bibliography. Beyond the classroom setting, MacLennan's book is a very worthwhile synthesis of the current state of information governance and assurance and would be an excellent acquisition for academic and public libraries alike."
— Technical Services Quarterly

"This is one of the few books that brings together the concepts of records and information management and information security and is a really solid introduction to the way in which the various information disciplines, whether concerned with security and protection or reuse and optimization, need to come together to ensure that information remains useful yet is appropriately secured to minimize risk."
— Records Management Journal

"This volume serves as a useful textbook for information management students. It is comprehensive in its coverage of topics and provides questions for later consideration."
— Australian Library Journal

"The book is written in a clear, concise and readable style. The text includes appropriate and interesting case study examples in places, and the exercises and discussion points would make it useful for a small group to work together."
— Charles Oppenheim, Elucidate