Does your risk management strategy take into account loss of data?

What is the most important data in your organization? Does your risk management strategy take into account loss of data?

When we talk about risk management in the context of asset management, you immediately think of a risk management process linked to physical objects, facilities or even people. However, in today’s world, intellectual property and electronic records are one of the most important sources of information in an organization. They may contain secrets, data and records that are essential for the operation of the physical operational assets and facilities as a whole. Do you have a system that guarantees this information is backed up?

Data loss can occur in a number of ways, including:

  • Data theft, by employees or external persons;
  • Equipment malfunction or failure (for example, hard drive failure);
  • On site incidents, such as fire, flood, earthquake, power outage.

To protect your data, your risk management plan needs to identify and implement a management process to reduce and manage these risks. Here are some practical steps to implement one.

Risk management action plan for data protection

Step 1: Identify all sources of data collection and storage that contain information that should be part of the strategy:

  • General administration of computers, including e-mails, files, photos, plans etc.
  • Website (including databases)
  • Intranet
  • Shared Servers
  • Software applications (and associated databases)
  • Access Controls

Step 2: Determine where and how to do the backup

Should the data be stored internally or in an external environment? Is there a compliance requirement for data that requires external backup? (For example, the financial sector may decide on the external maintenance of customer and transaction records).

For greater security, a combination of an on-site backup process together with an external backup system is recommended. Both systems can be configured for routine continuous backups that eliminate the possibility of human error.

Step 3: Determine the frequency

This will depend largely on the type of facility and business obligations of management organization. For example, for Data Centers or Critical Environments, the obligations will be significantly greater than for a residential operation.

Thus, this combination of the type of facility and the data backup devices will determine the frequency of this process. A monthly backup of all systems would be the absolute minimum frequency to be considered in this process, regardless of the facility.

For dynamic operations, the most appropriate would be a daily backup. However, some kind of balance should be found between risk management and operational effectiveness.

In summary:

Data loss should be included in all risk management strategies within the functions of facility management.

The effort and additional costs involved in operating these processes may seem like an option, or even a luxury, if you have never lost data in the past. However, anyone who has experienced a system failure and loss of data, on any scale, can easily understand the real impacts of such a loss, which can be devastatingly damaging, both operationally and emotionally.

Asset management and risk management are processes that can be managed much more effectively and productively with the help of a software solution. Learn how SoftExpert can help you by clicking here.


Tobias Schroeder


Tobias Schroeder

MBA in Strategic Management from UFPR. Business and market analyst at SoftExpert, a software provider for enterprise-wide business processes automation, improvement, compliance management and corporate governance.

You might also like:

Get free content in your inbox!

Subscribe to our Newsletter and get content about corporate management's best practices produced by specialists.

By clicking the button below, you confirm that you have read and accept our Privacy Policy.

Please, fill out the form to download

Required field
Required field
Required field
Please enter a valid phone number
Required field

By clicking the button below, you confirm that you have read and accept our Privacy Policy