Skip to content
contact us | home | accessibility


Google Custom Search
good practice and innovation
about us infoKits Tools & Techniques Publications Events
You are here: Home » infoKits » Information Lifecycle infoKit » Active Use » Who Needs Access To The Information?
Information Lifecycle infoKit

Information Management


This infoKit is a strand within the Information Management resource. Use one of the following links to view more on a particular lifecycle phase.

Who Needs Access To The Information?

Knowing who needs access to information and on what basis is of course closely related to discussions regarding how to locate and access it; but here we are dealing with the who and the why rather than the how.

Information delivered at the right time, in the right format to the right people is likely to be of far more use and impact than content which needs to be tracked down and liberated every time it is needed. This requires an accurate knowledge of your business processes and a clear understanding of how your information system is integrated within it. All too often the act of creating information is divorced from the business activity(s) for which it is required. This quickly creates monolithic silos of information with no apparent relevance to the functioning of the organisation.

The alternative is also true. One of the most common complaints heard of modern office life is that people are struggling to cope with ever-increasing volumes of information. Simply exposing staff to yet more information of limited or no value to their role is likely to be a futile and wasteful endeavour. Moreover, information overload is one of the main contributors to a lack of appropriate information management. Email is a classic example of this where, due to the excessive volume of messages received, users struggle to deal appropriately with messages as and when they arrive. So instead of either acting on the email and deleting it or filing it within the appropriate corporate space, messages tend to accumulate unmanaged within the user's inbox.

Restricting Access

It is also necessary to control access to information for reasons other than the convenience of the user. It is also required to protect the intellectual assets of the organisation, the personal data of stakeholders and the interests of third parties. Access to commercially-sensitive information and that given in confidence must be carefully controlled, as must personal information which is covered by the seventh principle of the Data Protection Act which states:

'Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.'

In practice it can be difficult to determine exactly who does require access to information, especially as this need can often be only temporary to fulfil a specific task. Once again a clear understanding of the business processes for which the information is to be used will be instrumental in ensuring an appropriate level of access control is maintained.

The results of such analysis will be required when formulating the access controls of a file plan within a shared document storage facility. Careful consideration is required to ensure that an appropriate balance is struck between open access and security to ensure that only the right people have access to the right information.
Bookmark and Share
Link to the JISC Website

© 2012 Northumbria University, on behalf of JISC Advance
JISC infoNet is a JISC Advance service
This website is powered by Plone | Cookies Statement

Creative Commons

 JISC Advance logo
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)