INTANGIBLE CAPITAL VALUE

by Erwan COATNOAN DE KERDU

Your copilot in creating a successful company

The management of sensitive data  

  by Erwan Coatnoan de Kerdu

At the heart of corporate value creation is a flow of strategic, technical, commercial, financial and organizational data. Some of this data is considered “sensitive” because its value depends almost exclusively on the secret or confidential nature of the data.  

At the heart of corporate value creation is a flow of strategic, technical, commercial, financial and organizational data. Some of this data is considered “sensitive” because its value depends almost exclusively on the secret or confidential nature of the data.  

Effective management is needed for strategic data 

Companies (and organizations) have a value that can be linked to the protection of information. And especially when it is at the heart of particularly competitive innovations. Similarly, the competitiveness of companies may depend on a certain amount of information sharing between business and financial partners. The performance of organizations is thus activated around the notions of “saying too much” or “not saying enough” which constitute the strategies of companies.  

Moreover, the communication that takes place within companies and organizations must integrate and manage sensitive (or secret) information, while paying attention to the societal context that requires transparency for all stakeholders. It is therefore in the face of these different challenges that companies must base their information management and protect their secret data.  

This management allows companies to act on a legal level in the face of potential predators who have their eye on their strategic data.  

A five-step process  

Confidentiality management can be carried out by following five steps.  

Identifying sensitive information 

Before wanting to protect certain data, it is essential to identify them within the company’s business, the life cycles of products and services and the pursuit of various projects.  

Data classification  

Once identified, data must be classified according to the level of protection it requires: public information, internal information, internal and confidential information and internal and secret information.  

Risk analysis 

Risks must also be analyzed in order to arrive at a proper assessment of sensitive information. The analysis is based on several criteria, including the importance of the information (or its usefulness) and the degree of seriousness of a possible disclosure (what threat to the company?).  

Protection of secret data 

The protection allocated to them must take into account several elements:  

 The physical means and information that ensure the security of sensitive data; 

 The implementation of a management and management system for this data.  

But it is also important to:  

 Conducting audits of the means that already exist,  

 Get recommendations for operational strategies if needed; 

 Deploy the device to existing suppliers or seek out new ones.  

Fostering the development of a managerial culture 

In addition to all the devices that must be allocated to data protection and security, the management of sensitive information must be able to generate a strong internal culture. Its purpose is not to maintain a kind of cult of secrecy within the company, but to enable the communication of sensitive information to be brought up to standard.  

Mieux vous connaitre en 1 clic