Reference and guide to SFIA version 7. Framework status: Development. Show revision-marked text

Name change: Information governance IRMG

(unchanged)

The overall governance of how all types of information, structured and unstructured, whether produced internally or externally, are used to support decision-making, business processes and digital services. Encompasses development and promotion of the strategy and policies covering the design of information structures and taxonomies, the setting of policies for the sourcing and maintenance of the data content, and the development of policies, procedures, working practices and training to promote compliance with legislation regulating all aspects of holding, use and disclosure of data.

Name change: Information governance: Level 7

(modified)

Specifies at a strategic level the business functions and data subjects needed to support future business, thereby enabling the development of an Information Architecture. Establishes and communicates the organisation's information management strategy, developing it as an integrated part of the business strategy. Directs information resources, to create value for the stakeholders by improving the performance of the organisation, whilst maintaining the principles of professional standards, accountability, openness, equality and diversity and clarity of purpose. Responsible for compliance with regulations, standards and codes of good practice relating to information and documentation, records management, information assurance and data protection.

Name change: Information governance: Level 6

(modified)

Develops organisational policies, standards, guidelines for information and records management ensuring that uniformly recognised and accepted data definitions are developed and applied throughout the organisation. Ensures that the business processes and information required to support the organisation are defined and devises appropriate standards, processes and data architectures. Identifies the impact of any relevant statutory, internal or external regulations on the organisation's use of information and develops strategies for compliance. Leads and plans activities to communicate and implement information management strategies. Coordinates information resources to meet specific business objectives whilst maintaining the principles of professional standards, accountability, openness, equality and diversity and clarity of purpose. Implements systems and controls to measure performance and manage risk.

Name change: Information governance: Level 5

(modified)

Understand the implications of information, both internal and external, that can be mined from business systems and elsewhere. Make decisions based on that information, including the need to make changes to the systems. Reviews new change proposals and provides specialist advice on information and records management, including advice on and promotion of collaborative working and assessment and management of information-related risk. Creates and maintains an inventory of information assets, which are subject to relevant legislation. Prepares and reviews the periodic notification of registration details and submits it to the relevant regulatory authorities. Ensures that formal information access requests and complaints are dealt with according to approved procedures. Contributes to development of policy, standards and procedures for compliance with relevant legislation.

Name change: Information governance: Level 4

(modified)

Ensure implementation of information and records management policies and standard practice. Enure effective controls are in place for internal delegation, audit and control relating to information and records management. Assesses and manages risks around the use of information. Provided reports on the consolidated status of information controls to inform effective decision making. Recommend remediation actions as required. Ensures that information is presented effectively.