1. Uncover critical risk and exposure: Successful content risk management starts with determining which high-risk content is also exposed.
2. Ask risk-based questions: To identify high-risk content, ask questions such as: Is it personally identifiable information? Credit card information? Personal health information? Is it HIPAA-related? Is it commonly retrieved for audits (FDA, SEC, FERC, OSHA)? Does the content qualify as intellectual property?
3. Build evaluation results into a quadrant heat map: A heat map can function as a dashboard to show your current state and allow you to monitor your progress. On one axis, your heat map shows level of risk, and the other it shows your level of exposure.
4. Prioritize areas of highest risk: Once this map is built, you have a clearer vision of high-risk areas. Use the assessment to develop a roadmap of high priority activities and define a mitigation plan for critical risk areas.
5. Align strategy with results: With your enterprise content risk assessment in place, you are well positioned to address the high risk areas and put in place a plan to manage critical areas.
With this, you have more clarity around information and processes across key business areas — and you are now truly in charge of your critical information assets.
