What Information Does An Employee Expect? – An Employee Communication Primer

OPENING BELL:

With the corporate laws becoming stricter in India and the ‘Right-To-Information’ Act being enforced in the ‘right’ spirit, coupled with the hyperactive media & proliferation of social networking websites, the word ‘Transparency’ has acquired a new meaning in the world of business. Till early 1990s, the word ‘transparency’ was just not in the business lexicon and today it is a stringent legal, a professional, business and a societal necessity.

Like a coin, the word ‘transparency’ has two sides. One side pertains to the information that the organization shares with the outer world (like government agencies, investors, business magazines, news channels, and voluntary organizations) for compelling reasons and the other side is about the stuff that the organization feeds or notifies to the employees for the intended reasons.

In the contemporary world, the employees are far more conscious and vocal about their rights. In fact, feeding them information is equal to “what the doctor ordered”; give them a little information and they ask for more. Why? Because they believe that the information (like knowledge) is power and more information is decidedly better than no or half information.

Employees born after 1992 (known as Gen x or Gen Alpha) are the blessed ones as they have escaped the era of ‘information starvation’. When they were growing up, India was getting progressively liberalized and information was becoming available more easily. Consequently, they became adult with the ‘mindset’ that they have a (legitimate) right to expect, get and receive information that affects them.

As of now, it seems that the HR profession in India has taken the partial cognizance of this ‘info savvy’ or ‘info hungry’ employees and their expectations for the ‘transparency’ in information sharing (within and from the organization). What information the ‘info hungry’ employees expect from the management or the company?

Let us explore in a telescopic way, i.e. from the personal level and to the organization level, and look at the instructive list of the information needs.

As an employee – Individual & direct information needs:

 

  • How is my compensation calculated and what is my take-home pay?
  • How do I plan for my income tax?
  • What are the HR policies applicable to me and what each policy means? Whom should I give feedback?
  • What are my entitlements and how & when do I receive or claim them?
  • What are the performance measurement criteria applicable to me?
  • How will I grow or get promoted and approximately within what time-frame?
  • Whom should I speak to in case of any difficulty, personal or professional?
  • What are the unwritten but important Dos and Don’ts, behavioral and otherwise, of the organization?
  • Who are the key members of my immediate senior management and what are their profiles?

 

As a team (cross-functional) member – Individual, collective & direct information needs:

 

  • Why I am chosen as a member? Why others are chosen as team members?
  • What are the goals of this team?
  • Why a particular employee has been appointed as the chief?
  • Whom the team will report to?
  • What is the timeline for presenting the outcomes?
  • What resources the team has at its disposal?
  • Will my job be at stake if the team does not deliver as expected?
  • What are the extra privileges available to a team member?
  • How the conflicts within the team will be resolved?
  • How will my performance as a team member be linked to my annual performance appraisal?
  • Who will help if I or the team requires training or other support?
  • What if my Functional Supervisor hinders my participation in the team’s work?

 

As a member of the Function/Department/Unit – Individual, collective & direct information needs:

 

  • How my function/department/unit has fared this year?
  • Why my boss has assessed my performance as inadequate when the function/department/unit has done so well? Does that imply that the ‘sword is likely to be on my neck’?
  • Why our function/department/unit is treated like an orphan by the management?
  • Why I am not being given challenging assignments?
  • What are the key developments in other functions/departments/units of the company?
  • Why employees of other functions/departments/units get better or more benefits?

 

As a member of the organization – Individual & indirect information needs:

 

  • What are the core values of my company?
  • How my company has performed during the specific period and what are the central reasons for the performance?
  • What are the significant developments (political issues, competition related, mergers, acquisitions, takeovers, government policies, etc.) that affect my company (and therefore, me)?
  • Whom should I talk to if I receive unsubstantiated information about my company from the external or internal sources?
  • How my company is planning to grow in coming 2-3 years?

 

CLOSING BELL:

Though the information needs become more specific, differentiated, and time sensitive as one moves up in the pecking order, it cannot be denied that the same information can be shared, of course, on a case-to-case basis, in different ways with different levels of the employees, at the same time or at different points of time. Reaching out to the employees at the right time is always a healthier option irrespective of whether the employees have voiced about their information needs. Information shared at a date later than the required, serves no purpose. All employees do not require all information, but some employees require some information. Correct?

Transparency in sharing of information implies ‘openness’, which is a key constituent of a healthy organizational culture. However, the degree of openness is a subjective criterion and it depends on the workforce’s collective perception, which is primarily influenced by the difference between the management’s advocated philosophy or business policy and the real practice of sharing the information. Transparency in sharing information is a key ingredient for trust-building between the employees & the management.

The real torch-bearer of the ‘transparency’ is the HR Head. She is not only accountable to make sure that every employee receives the ‘required’ information, but also should persuade or even insist when required, that the members of the senior management demonstrate openness and behavioral transparency, consistently.

‘Behavior speaks louder than words’ and here it means that no member of the senior management should be seen as ‘hiding’ or ‘suppressing’ or ‘tweaking’ the information. Practicing ‘transparency’ is an art as well as a science for HR the professionals. It is more an art when they have to be transparent themselves and it is more of a science when they have to make sure that the employees perceive the organization as transparent.

The Union’s Right to Information or How to File a Successful Request For Information

In this article we will answer the following questions and a whole lot more:

• What is a request for information?
• Under what conditions can I request information?
• What can I do if the company refuses to give me the information I requested?

The request for information comes from the obligation and duty to bargain and applies to contract negotiations as well as the grievance procedures that follow.

Congress enacted the National Labor Relations Act (“NLRA”) in 1935 to protect the rights of employees and employers, to encourage collective bargaining, and to curtail certain private sector labor and management practices, which can harm the general welfare of workers, businesses and the U.S. economy.

An employer who refuses to provide information or unreasonably delays the provision of information violates Section 8(a)(5) of the Act.

Information can be requested by a Union who is certified to represent company’s employees for the following reasons:

• To prepare for collective bargaining negotiations
• To monitor the Collective Bargaining Agreement (CBA)
• To investigate a grievance

In order for a request to be valid it must somehow relate to one of the above issues.

For example, a Union is preparing for negotiations and requests a copy of all workplace rules and regulations, a list of all positions to include their duties, responsibilities and where their position is located at.

Another example would be if a Union was investigating the discharge of a member. The Union could request a copy of all information used by the employer to decide to terminate the member, including but not limited to, all evidence, statements, emails, photographs, video recordings, audio recordings, photographs and any notes.

Even though a grievance is not necessary to request information it is recommended that the Union has some form of probable cause to justify a request. It does not hurt the Union’s case to be able to articulate the reasons behind their request.

What types of information can the Union request?

It would actually be easier to list all of the information the Union cannot require from the employer. Here are a few examples of information that is not allowed:

• Information covered by the Health Insurance Portability and Accountability Act (HIPPA)
• Trade secrets covered as propriety information
• Information which the employer has consistently enforced a policy barring disclosure so long as the employer provides an alternative or substitute form of disclosure

In order for your request to be effective it must contain the following items:

• It must clearly identify the information being requested.
• If the request is in connection to another matter such as a grievance it must be clearly referenced.

The following items are highly recommended:

• Clearly state where the information is to be delivered
• Clearly state how the information is to be delivered
• Clearly state when the information is expected to be delivered
• Clearly state that if any part of the request is denied the employer must state this fact in its response

Now let’s talk about delivery. In order for a request to be effective you must have proof of delivery. This can be accomplished in several ways. They are:

• Via certified mail, return receipt requested.
• By hand delivery, with a statement from the person performing the delivery.
• By fax or by email along with a confirmation copy, a reply or a phone call verifying that it was actually delivered.

What can you do if the company refuses or fails to provide the information requested?

The agency that enforces the National Labor Relations Act is the National Labor Relations Board (NLRB).

The NLRB is an independent agency of the United States government charged with investigating and remedying unfair labor practices. As previously mentioned, an employer who refuses to provide information or unreasonably delays the provision of information violates Section 8(a)(5) of the Act.

This next part will depend how your Union is set up. Many organizations require Locals to go through their parent organization in order to file NLRB charges. You should check with your National or International before moving forward.

For those Locals or Independent Unions who are left to fend for themselves you can file the charges in two ways. You can fill out the forms yourself and either walk them into the NLRB or fax them in, or you can call the NLRB and the Information Officer (who normally answers the phone) will take the necessary information from you.

After a few days an Agent will contact you and tell you what you will need to do. Be prepared to provide an affidavit under oath as well as provide all relevant information or witnesses to support your case.

Generally speaking, NLRB charges filed over refusals to provide information are not subject to the NLRB’s policy of deferral.

This means that the NLRB will fully investigate the issue and if the violation is found to be valid, the NLRB can order the employer to provide the information requested.

The Essence of Information Dissemination in Audit Service in Sierra Leone

Introduction

Information at the heart of everything we do as humans. We generate it, we consume it, we share it and we sell it. The careful managing of information is therefore the key to success in business. An introduction to information dissemination in a business provides a solid overview of the role of information dissemination. It gives guidelines on collecting the right information to the right people to support the firms. ‘ strategic objectives and “oil” the everyday operations of the business.

Definition

Dilman 1978, defined dissemination of information is the active and targeted distribution of information or intervention via determined channels using planned strategies to a specific public or audience.

Dissemination is a formal planned process with the intent of spreading knowledge and enhance the integration of the evidence, information, intervention or combinations of these into routine practice. Information dissemination has been characterized as a necessary and sufficient antecedent of adoption and implementation of organisational policies (Dilman, 1978).

Importance of Information Dissemination in Service Delivery

Before assessing the various approaches used to disseminate information, it is worth revisiting the reasons for disseminating information. There are usually good reasons why organisations decide to disseminate information. These reasons are not necessarily independent of one another but can nonetheless be categorized to emphasis the motivation of an organization when initiating dissemination. The reasons are usually to increase the value of one or more of the following attributes of the enterprise shareholders. The following among others are the reasons for information dissemination in organisations:

To Create Awareness: Information is often disseminated in order to educate, explain or promote a concept, process or principle. For example, technical specifications explaining system capabilities, instruction about alternatives to avoid congested transport routes and guidelines for the completion of work in order to ensure consistent appearance of project deliverables are all ways in which information is disseminated to generally encourage recipients to comply with a procedure in the belief of organizational or enterprise improvements.

To Enhance the Response of Customers: Sometimes information is disseminated solely in the hope it will cause some feedback that might require further information to be generated or be used to validate something. Examples include advertising, questionnaires, market surveys frequently asked question list and testimonials.

To allow Collaboration: Information is often disseminated in order for a group of individuals to share knowledge and routes of communication. Examples include workflow systems to support the flow of information between system entities in order to achieve a common purpose, mailing lists where like minded individuals can listen to and discuss common issues, libraries where people can access information, and control system where probes might detect and transmit warnings about certain event(Fink, 1983).

Background of Audit Service Sierra Leone (ASSL)

Audit Services Sierra Leone is the supreme audit institution of Sierra Leone section 119 of the 1991 constitution of Sierra Leone provides for the establishment of the offices and functions of the Auditor General. It started with establishment of the Audit Act of 1962. It was later called the Auditor General’s Department then the office was moved from the Audit General’s Department to Audit service Sierra Leone due to the Audit service Act 1998 which was implemented in 2004. The Act also created an Audit Service Board (ASB) an Advisory Board which has the power to appoint persons, other than the Auditor General to hold or act in offices as member of the Audit service and to exercise disciplinary control over such persons.

The Audit Service Sierra Leone is headed by the Auditor General who is assisted by four deputies. Its headquarters is at Lotto Building in Freetown with other offices in Freetown, Bo, Makeni and Kenema. Also, the Auditor Generals Mandate is specified in section 119 sub sections “2” of the 1991 constitution. It provides for the Auditor General to audit all government ministries, department, agencies, educational institutions and any other statutory body set up partly or wholly out of public funds. This mandate now includes the 39 aligned ministries and departments’ 19 council’s one hundred and forty-nine chiefdom authorities, 64 statutory bodies and donor funded projects.

Methods of Information Dissemination at the Audit Service Sierra Leone

This organisation uses both manual and electronic for Information dissemination:

Manual means of Information Delivery Dissemination.

The manual means of information dissemination in the Audit Service Sierra Leone are as follow:
• Printed copy of the Auditor General report and other document.
• Disseminate of copy of the Auditor General report and other report to various people.
• Disseminating of the Audit Services newsletter internally and externally to various takes holder.
• Organising meetings with civil society group.
• Awareness raising programs in various schools, groups and universities.

Electronic means of Information Delivery Dissemination.

The electronic means of information dissemination in the Audit Service Sierra Leone are as follow:
• Publishing the Auditor General (AG) report on the Audit Services web-site.
• Airing of the Audit Service juggle of various radio service.
• Disseminating of information through social media eg. Facebook, Whatsapp and Tango etc.
• Organising radio discussions or programs on various radio stations. During the radio programmes, listeners were given the opportunity to respond to issues discussed by making phone calls and sending text messages to numbers that were announced to them. The panelists responded adequately to the questions and comments during the radio programmes.
• Radio jingle-As part of the awareness raising programmes, the communication division produced a radio jingle in English and it was later translate in four local languages (Mende, Temne, Krio and Limba). The jingles are aired on various radio stations in the country.

Users of Information at the Audit Service Sierra Leone

A user of information is a person or an organization using the information created by another institution or organisation. In using the information the users are most often identifiable in advance. They use information on a daily basis because of certain work, assignment or work tasks. The following are the Information service of Audit Service Sierra Leone:

Administrative Personnel

Employees of an organization and staff of the HRM department to be specific can access records about their operational and organisation maintenance to make correct decision and solve administrative problems. Directors within the HRM will also obtain information from the record department for taking decisions pertaining promotion, recruitment, transfer and payment of retirement benefits.

Researcher / External user

Audit services are research oriented as a matter of fact, researchers use their information to gain knowledge of the department or the civil service researching on the activities and initiatives of the government. The outcome of these research activities is normally for academic purposes which will help the researcher to gain an in depth knowledge about the ways staff or civil servants, are recruited, promoted, and terminated.

Journalists

The other important users of the information generated at the Audit service office are journalist who may want to investigate claims pertaining poor recruitment and appointment of personnel in the various departments.

Types of Information Acquired at the Audit Service Sierra Leone

Operation Audit Information

A Future- oriented, systematic and independent evaluation of organization activities. Financial data may be used, but the primary sources of evidence are the operational policies and achievements related to organizational objectives. Internal controls and efficiencies may be evaluated during this types of information review.

Financial Information Audit

A historically oriented, independent evaluation performed for the purpose of attesting to the fairness, accuracy, and reliability of financial data. External auditors need this type of information.

Department Information Review
A current period analysis of administration functions to evaluate the adequacy of controls, safeguarding of assets, efficient use of resources, compliance with related laws, regulations and universal policy and integrity of financial information.

Investigative Information Audit

This types of information takes place as a result of a report of unusual or suspicious activity on the part of an individual or a department. It is usually focused on specific aspects of the work of a department or individual. All members of the community are invited to report suspicions of improper activity to the Director of Internal Auditing Services on a confidential basis.

Follow up Information Audit

These are information conducted approximately six months after an internal or external audit report has been issued. They are designed to evaluate corrective action that has been taken on the audit issues reported in the original report when these follow up audits information are done an external auditors reports, the results of the follow up may be reported to those external auditors.

Integrated Information Audit

This is a combination of an operational audit, department review, and its audit application controls review. This type of review allows for a functional operation within the institution (Silver, 2010).

Challenges faced in Information Dissemination at the Audit Service Sierra Leone

Some problems that Audit service encounters with audit information are highlighted as follows:

Finance Problem

One problem that is affecting the institution’s information delivery is finance, and for any organization to survive or sustain thorough development these should be some amount of finance. The organisation faces financial serious challenges in their information service delivery.

Poor Planning of Information Service

The information service is not well effective in the audit service because the people responsible for that are not professionally trained. Only few of them have the capability to do the work in the audit department because of the fact that the information is not received at the right time in line with the needs of the users. The committee does not meet regularly to discuss issues on that.

Lack of Adequate Staff

The challenge of inadequate and untrained staffing situation poses a serious problem for the smooth running of the organisation. The issue of inappropriate staffing can hamper the smooth handling and delivery of information.

In conclusion, information delivery of audit information plays a vital crucial role in the effective management of staff, in any organization. Information is at the heart of any organization or institution that performs the activities related to learning, teaching, research and generation of new knowledge. The goal of information delivery at audit service is to attract and retain a workforce that will enable the institution or organization to achieve its purpose and objectives. However, this work has considered some of the more common pitfalls that hamper effective in Information dissemination which auditors should avoid during the source of their work.

Personal Training and Information Literacy

Scholarship, Practice, and Leadership

Information literacy is extremely important in the health and wellness industry, more specifically in the personal training field. It takes a short amount of time and education to become a personal trainer, and the pay is relatively high for what a person needs accomplish to become certified. An abundance of personal trainers exists because of the high pay, the short amount of time it takes to become certified, and the growing need for society to improve their health. In order for a personal trainer to stand out and become sought-after for their repeated results and excellent workouts, the trainer must be an expert at researching information, comprehending new research, and applying both.

In the article How we Failed the Net Generation, Badke discusses the World Wide Web saying, “… few of us had any idea what it would become in less than 2 decades. Many of our students grew up with the web, so for them it is not a novelty. It’s mainstream. It’s embedded in their lives” (Badke, 2009, p. 47). Most personal trainers only have completed a certification, very limited in information about exercise science, and not a degree at a college or university. Because of their lack of education, the first place most trainers turn for their information is the World Wide Web and not scholarly, peer reviewed research studies. The Internet is not a credible source for information. Anyone can write a blog or post fitness workouts and nutrition information based solely on opinion, and not scientific studies. In order for a personal trainer to ensure they are providing safe and effective workouts to their clients, the trainer must be able not only to read and study research studies but also keep up with the changing information.

One topic not taught in a personal training certification is how to find and decipher sound fitness information. Pia Russell discusses how students are facing the same issues as personal trainers in their studies.

Students have difficulty evaluating the glut of information available, and to cope they frequently depend on quick but questionable sources, like Dictionary.com, which can result in a blind acceptance of advertising-based information, or sources that depend on a truth by consensus approach such as Wikipedia. (Russell, 2009, p. 92).

In order for a personal trainer to be an expert in their field, someone people will listen to, and follow, the trainer needs to stay up-to-date on current research. Personal trainers need to know how to search for information when they face questions they are unsure of. A personal trainer’s job is not only to provide an effective workout but also to educate their clients with researched based information.

Larissa Turusheva discusses the importance of information competence in lifelong learning and education. In Larissa’s study she states,

Information competence is a skill:

• to determine the size of the necessary information;

• to use the necessary information effectively;

• to evaluate the information and its sources critically;

• to develop own knowledge base with the information chosen;

• to effectively use the information for goal achievement;

• to use the information ethically (ACRL, 2000). (Turusheva, 2009, p. 2).

In the personal training field every skill involved in information competence is important. A personal trainer must determine which information is important and which information is not. The trainer needs to evaluate where the information is coming from and apply the necessary information to help the trainer’s clients reach his or her goals fast and effectively. The most important skill a trainer must apply in information competency is using the information ethically. It is unethical for a personal trainer who knows their client has a heart condition to instruct their client to do contraindicative exercises when the trainer knows those exercises put the client at risk. This situation could occur for many reasons. The trainer could be working with a group and does not want to give an alternate exercise or the trainer could want to push their client harder. Implementing ethical practices is part of information competence and extremely important in the personal training profession.

Leo Appleton conducted a study about the information competency skills of student midwives. In the study, the students were taught information research skills and the grading requirements became stricter to promote credible information sources. The results of Appleton’s study showed, “Students reported increased confidence in using library and information resources. Appropriate and timely information-skills training embedded into health-studies curricula can lead to students becoming independent and lifelong learners, as well as improving the standard of their academic work” (Appleton, 2005, p. 1). Not only were these students able to learn how to effectively search and decipher information during their schooling, but also, the training followed the students into their careers in the health field. Personal trainers who have information competency will be able to provide their clients with everything they need to be successful, long term.
Conclusion

Information literacy is vital in every profession and should be taught and enforced when students are in school. Students need to be taught the valuable skills needed to conduct quality research and decipher the material. Those skills will follow students into their careers, where they will be considered experts in their field and leaders. Even if the students are just trying to become certified in a certain field, those skills should be taught during the certification process. Most personal trainers receive only a certification and are never taught how to research accurate information. Because of this the trainers turn to the Internet for their answers. In turn, many personal trainers are making recommendations to their clients based on opinion and not research. This practice has serious implications for the health of their clients and the personal trainer’s credibility. Personal trainers must learn the skill of literacy competence.
To your health,

Jessica Summerall

References

Appleton, L. (2005). Examination of the impact of information-skills training on the academic work of health-studies students: a single case study. Health Information & Libraries Journal, 22(3), 164-172. doi:10.1111/j.1471-1842.2005.00576.x

Badke, W. (2009). How we failed the net generation. Online, 33(4), 47-49.

Russell, P. (2009). Why Universities Need Information Literacy Now More than Ever. Feliciter, 55(3), 92.

Turusheva, L. (2009). STUDENTS’ INFORMATION COMPETENCE AND ITS IMPORTANCE FOR LIFE-LONG EDUCATION. Problems Of Education In The 21St Century, 12126-132.

7 Top Tips for Managing Information Overload

What is Information Overload?

Contrary to popular belief information overload is a concept that has been around for centuries. As early as the 3rd or 4th century BC, people regarded information overload with disapproval. Around this time, in Ecclesiastes 12:12, the passage revealed the writer’s comment “of making books there is no end” and in 1st century AD, Seneca the Elder commented, that “the abundance of books is distraction.”

The term “Information overload” was popularized by Alvin Toffler in his bestselling 1970 book Future Shock. It refers to the difficulty a person can have understanding an issue and making decisions that can be caused by the presence of too much information.

However, it has been the advent of the Information Age and access to the internet that has popularised the phenomenon that is Information Overload. The internet has connected billions of people to a constant and growing source of information that is not only available but is relentlessly pushed at people.

Sources of Information Overload

So where does all this information come from? The 3 main culprits are:

Email – Without doubt the biggest source of information. People receive vast numbers of Emails of all descriptions on a daily basis. Most of these are spam and maybe caught by spam filters but many will end up in people’s inbox.

RSS Feeds – The ability to subscribe for all the latest information updates from websites that people are interested in.

Social Media – The rise in popularity of Facebook, Twitter, Google+ etc. and the advent of smart phones have provided a constant stream of information that is accessible from anywhere at anytime. Whilst a lot of this information is easy to digest it is often a gateway to more information and, if you’re not careful, you can lose hours digesting information and conversing with friends, colleagues and associates.

7 Tips to Avoid Information Overload

So how do you get this information under control? Here are my top 7 tips which will hopefully provide some help.

1. Reduce number of emails

No surprises here as it is the greatest source of information. More efficient use of email is a blog post in its own right. However, you must reduce the volume of emails that you receive by unsubscribing from as many lists as possible. You will not and cannot process all the information that is being sent to you so be ruthless. If you find that there is something you really miss then you can always re-subscribe… the sender will not mind!

2. Turn off notifications

If you are notified every time an email, text, Facebook post or tweet hits your inbox then your tendency will be to have a look to see who it is from and whether it is important. Chances are that it can wait and it is not worth the interruption of what you were doing.

3. Define your Goals

Ensure you have very clear goals and activities to achieve those goals. In this way you will only process the information that is important to that particular activity or task.

4. Keep Focused

Avoid all the temptations to read another email or article. Stay true to the task you are working on. The distraction may look really interesting, but is it a good use of your valuable time?

5. Allocate time for Information review

Set time aside to allow yourself to browse through the mountain of information. It is important that keep abreast of what is going on and get some fresh ideas and perspectives. Try allocating time when you are least productive so that you don’t waste that valuable ‘doing’ time. Perhaps you could sacrifice some of the time in front of the TV.

6. 80:20 rule

If you a researching a topic then often the 80:20 rule will apply, i.e. you will obtain 80% of the information you need from 20% of the material that is available. You could spend a lot more time processing more information but it will not add a great deal more value to your work. I would recommend the 4 Hour Work Week by Tim Ferriss for a great explanation of this concept.

7. Archive for Future use

If you believe the information may be useful at some stage in the future then set up some rules to archive the information. Ideally use automatic rules where possible so that you are not tempted to have a quick sneak only to find that you are still reading it 30 minutes later. Many email systems will allow you to set up rules that will send emails to specific folders based on the sender or subject details.

The volume of information that is available is only going to grow and grow so you need to take control of the way in which you access the information and manage your time. To put it in context consider this amazing statistic:

‘All of the information produced between the dawn of time and 2003 is now being produced every 48 hours!’

I will leave you with this question, how much of this information do you really need to know about?

Information Security Management System: Introduction to ISO 27001

Current Scenario: Present day organizations are highly dependent on Information systems to manage business and deliver products/services. They depend on IT for development, production and delivery in various internal applications. The application includes financial databases, employee time booking, providing helpdesk and other services, providing remote access to customers/ employees, remote access of client systems, interactions with the outside world through e-mail, internet, usage of third parties and outsourced suppliers.

Business Requirements:Information Security is required as part of contract between client and customer. Marketing wants a competitive edge and can give confidence building to the customer. Senior management wants to know the status of IT Infrastructure outages or information breaches or information incidents within organization. Legal requirements like Data Protection Act, copyright, designs and patents regulation and regulatory requirement of an organization should be met and well protected. Protection of Information and Information Systems to meet business and legal requirement by provision and demonstration of secure environment to clients, managing security between projects of competing clients, preventing leak of confidential information are the biggest challenges to Information System.

Information Definition: Information is an asset which like other important business assets is of value to an organization and consequently needs to be suitably protected. Whatever forms the information takes or means by which it is shared or stored should always be appropriately protected.

Forms of Information: Information can be stored electronically. It can be transmitted over network. It can be shown on videos and can be in verbal.

Information Threats:Cyber-criminals, Hackers, Malware, Trojans, Phishes, Spammers are major threats to our information system. The study found that the majority of people who committed the sabotage were IT workers who displayed characteristics including arguing with co-workers, being paranoid and disgruntled, coming to work late, and exhibiting poor overall work performance. Of the cybercriminals 86% were in technical positions and 90% had administrator or privileged access to company systems. Most committed the crimes after their employment was terminated but 41% sabotaged systems while they were still employees at the company.Natural Calamities like Storms, tornados, floods can cause extensive damage to our information system.

Information Security Incidents: Information security incidents can cause disruption to organizational routines and processes, decrease in shareholder value, loss of privacy, loss of competitive advantage, reputational damage causing brand devaluation, loss of confidence in IT, expenditure on information security assets for data damaged, stolen, corrupted or lost in incidents, reduced profitability, injury or loss of life if safety-critical systems fail.

Few Basic Questions:

• Do we have IT Security policy?

• Have we ever analyzed threats/risk to our IT activities and infrastructure?

• Are we ready for any natural calamities like flood, earthquake etc?

• Are all our assets secured?

• Are we confident that our IT-Infrastructure/Network is secure?

• Is our business data safe?

• Is IP telephone network secure?

• Do we configure or maintain application security features?

• Do we have segregated network environment for Application development, testing and production server?

• Are office coordinators trained for any physical security out-break?

• Do we have control over software /information distribution?

Introduction to ISO 27001:In business having the correct information to the authorized person at the right time can make the difference between profit and loss, success and failure.

There are three aspects of information security:

Confidentiality: Protecting information from unauthorized disclosure, perhaps to a competitor or to press.

Integrity: Protecting information from unauthorized modification, and ensuring that information, such as price list, is accurate and complete

Availability: Ensuring information is available when you need it. Ensuring the confidentiality, integrity and availability of information is essential to maintain competitive edge, cash flow, profitability, legal compliance and commercial image and branding.

Information Security Management System (ISMS): This is the part of overall management system based on a business risk approach to establish, implement, operate, monitor, review, maintain and improve information security. The management system includes organizational structure, policies, planning activities, responsibilities, practices, procedures, processes and resources.

About ISO 27001:- A leading international standard for information security management. More than 12,000 organizations worldwide certified against this standard. Its purpose is to protect the confidentiality, integrity and availability of information.Technical security controls such as antivirus and firewalls are not normally audited in ISO/IEC 27001 certification audits: the organization is essentially presumed to have adopted all necessary information security controls. It does not focus only on information technology but also on other important assets at the organization. It focuses on all business processes and business assets. Information may or may not be related to information technology & may or may not be in a digital form. It is first published as department of Trade and Industry (DTI) Code of Practice in UK known as BS 7799.ISO 27001 has 2 Parts ISO/IEC 27002 & ISO/IEC 27001

ISO / IEC 27002: 2005: It is a code of practice for Information Security Management. It provides best practice guidance. It can be used as required within your business. It is not for certification.

ISO/IEC 27001: 2005:It is used as a basis for certification. It is something Management Program + Risk Management. It has 11 Security Domains, 39 Security Objectives and 133 Controls.

ISO/IEC 27001: The standard contains the following main sections:

 

  • Risk Assessment
  • Security Policy
  • Asset Management
  • Human Resources Security
  • Physical and Environmental Security
  • Communications and Operations Management
  • Access Control
  • Information Systems Acquisition, development and maintenance
  • Information Security Incident Management
  • Business Continuity Management
  • Compliance

 

Benefits of Information Security Management Systems (ISMS):competitive Advantages: Business partners and customers respond favorably to trustworthy companies. Having ISMS will demonstrate maturity and trustworthiness. Some companies will only partner with those who have ISMS. Implementing ISMS can lead to efficiencies in operations, leading to reduced costs of doing business. Companies with ISMS may be able to compete on pricing also.

Reasons for ISO 27001: There are obvious reasons to implement an Information Security Management System (ISO 27001). ISO 27001 standard meets the statutory or regulatory compliance. Information assets are very important and valuable to any organization. Confidence of shareholders, business partner, customers should be developed in the Information Technology of the organization to take business advantages. ISO 27001 certification shows that Information assets are well managed keeping into consideration the security, confidentiality and availability aspects of the information assets.

Instituting ISMS:Information Security -Management Challenge or Technical Issue? Information security must be seen as a management and business challenge, not simply as a technical issue to be handed over to experts. To keep your business secure, you must understand both the problems and the solutions. To institute ISMS management play 80% role and 20% responsibility of technology system.

Beginning: – Before beginning to institute ISMS you need to get approval from Management/Stake Holders. You have to see whether you are attempting to do it for whole organization or just a part. You must assemble a team of stakeholders and skilled professionals. You may choose to supplement the team with consultants with implementation experience.

ISMS (ISO 27001) Certification: An independent verification by third party of the information security assurance of the organization based on ISO 27001:2005 standards.

Pre-Certification: Stage 1 – Documentation Audit

Stage 2 – Implementation Audit

Post- certification: Continuing Surveillance for 2 years 3rd-Year Re-assessment/Recertification

Conclusion: Prior to implementation of management system for Information Security controls, organization does have various securities control over information system.These security controls tend to somewhat disorganized and disjointed. Information, being a very critical asset to any organization needs to be well protected from being leaked or hacked out. ISO/IEC 27001 is a standard for Information security management system (ISMS) that ensures well managed processes are being adapted for information security. Implementation of ISMS lead to efficiencies in operations leading to reduced costs of doing business.

What Is Information Literacy?

Information literacy is the ability to find the information that we need and use that information. This need could be getting information about different courses that the universities offer or selecting the right tour operator for our next vacation. We make numerous trivial decisions everyday and some important ones now and then, like finding the right car or choosing the correct insurance policy. To make the right decision, or more importantly, to make the most beneficial decision, we need to gather all the relevant information before we can analyze the information and make a decision. Therefore, essentially, all the tasks that fall between identifying the information need and using the information that we find to make a decision fall under the scope of information literacy.

So how do we know if we are information literate? An information literate person can:

· Define the problem: That is we can recognize what the problem is and put that in words. Based on this problem, we can define the information that we need. For example, we wish to travel to Europe. We will want to know – the best time to travel, the average cost of travel, the places we want to visit, and so on. Defining all this is the first step in identifying the information need.

· How to get the information: After we define the information that we want to make the decision, we must then identify the sources of information. These sources could be people who have been to Europe, some tour operators, web sites, and so on. An information literate person at this point will create a strategy for finding the relevant information by identifying the most useful and relevant information sources.

· Where to get the information: Now, we know what information we need and how we can find this information. The third step is to find these information sources. We will know people who have travelled to Europe in our community. In current times, we can use the social networking web sites to find people who have been to Europe to hear their first-hand accounts and experiences. Other than these people, we can look up government tourism web sites to get most of the information.

· Is everything true? People are generally truthful about narrating their experiences, but these could be biased for any number of reasons; we all don’t have the same likes and dislikes. There is a lot of information online, but then not everything we read is true. My point? We can define the information need and get the information too; however, we also need the ability to evaluate critically the information we have. For example, the ability to separate a commercial sales pitch from genuine information.

· Using the information: Whew! This has been a long journey and we have all the ingredients ready. But, it is all in bits and pieces. We still need to assemble all of this information in a way that will help us make that decision about the tour. Define priorities perhaps? Decision based on the variables that we defined in the first step.

Information literacy is not new. It is just that we have a lot of information available and need to be aware of ways to look systematically for the information if we do not wish to drown in this ocean of information. Constantly evolving technology and ways of communication make the task more difficult. So, next time you are looking for information, keep these steps in mind before you dive in the World Wide Web.

Technical writers present information to their readers by identifying readers’ information need. Presenting only the relevant information forms the core of their job. Therefore, this is one skill that technical communicators must master reduce the effort readers have to put-in to use the information. Please visit my blog to know why information literacy is more important for technical writers and what do employers think about these skills when they are hiring a technical writer.

Creating Value Through Information

When you attempt to create value, you have to make a choice between alternatives and this requires reliance on information. Understanding how to create “quality” information is paramount to decision making. One way to improve the quality of information is to make sure there is a strong flow of external sources – looking at market trends, surveying the customers, pursuing new technologies, and of course, competitive intelligence. These external sources provide the “reality checks” we need to remove internal bias, common to so many organizations.

“For managers to produce information required for their work, they have to address two broad questions:

1. What information do I owe to the people with whom I work, and on whom I depend? In what form? And in what time frame?
2. What information do I need myself? From whom? In what form? And in what time frame?

– Competing with Information: A Manger’s Guide to Creating Business Value with Information Content, Edited by Donald A. Marchand

Another way to improve the quality of information is to look at your people. Information is how people communicate their knowledge so things get accomplished. Since information relies on people, it only stands to reason that the quality of information has a lot to do with the quality of people; i.e. the skills, expertise, training, experience as well as their communication skills. This can greatly impact the quality of information – improve your people if you want to improve your information.

The quality of information also follows certain characteristics. These characteristics can lend serious value to information. Here are a few examples:

• Up to Date – Information that is current usually has more value than old, outdated information.
• Accuracy – Some sources of information tend to have higher accuracy than others.
• Impact on Decision Making – Information that is useful to decision making will lend value to the organization.

One common problem in creating value through information is putting the information in front of the decision maker. This requires that people have access to information. Too often, organizations have fragmented silos of information, contributing to inconsistency in decision-making. Pulling all of these stovepipes of information together into one common repository can yield numerous benefits, such as: Faster response time by decision makers, better creditability with stakeholders (employees, customers, suppliers, etc.), improved accuracy through verification, and more value added through the application of analytical tools.

Obviously, technology plays a big role in making this happen – everything from better access to filtering of the information overload. Perhaps the single biggest technology behind the management of information is something called the Data Warehouse. The Data Warehouse pulls together all of the desperate databases, providing not only wider access, but also increased analytical capability through the understanding of relationships between all of this data. So if you are serious about creating value through information, you’ll probably have to consider some form of a data warehouse.

“Capitalizing on the information a company owns about its customers, suppliers, and partners is now the value proposition for sustainable long-term growth. Better information, then, transforms business. Better information also transforms the terms of collaboration between businesses.” – The Value Factor by Mark Hurd and Lars Nyberg

Finally, the roadmap to value through information is creating systems and processes for learning. Author Peter Senge popularized this concept in his book The Fifth Discipline – namely that we all need to become systems thinkers, having the ability to fit the pieces together. This entire process is commonly referred to as the Learning Organization. And this is a big factor behind creating value through information! And when coupled with the right people and the right technology (such as a data warehouse), information can add a lot of value for anyone touched by the information.

“The knowledge economy stands on three pillars. Knowledge has become what we buy, sell, and do. It is the most important factor of production. The second pillar is a mate, a corollary to the first: Knowledge assets – that is, intellectual capital – have become more important to companies than financial and physical assets. The third pillar is this: To prosper in this new economy and exploit these newly vital assets, we need new vocabularies, new management techniques, new technologies, and new strategies. On these three pillars rest all the new economy’s laws and its profits.” – The Wealth of Knowledge by Thomas A. Stewart

Right to Information – A Gateway to Fight Corruption

INTRODUCTION: September 28 is celebrated internationally as right to know Day. In spite of the fact that India has won its battle of independence in 1947 making democracy its weapon, unfortunately, the truth was something else. The power was handed over to the politicians and democrats, not to the common man then. In India, following a nationwide campaign led by grassroots and civil society organizations, the Government passed a landmark Right To Information Act in 2005. It is an Act ” to provide for setting out the practical regime of right to information for citizens “. RTI mandates timely response to citizens’ requests for Government information. It is a initiative taken by Department of Personnel and Training, Ministry of Personnel, Public Grievances and Pensions to provide a RTI portal Gateway to citizens for quick search of information.

The idea that Government withhold information for the public has become outdated. During the last decade, many countries have enacted legislations on freedom of information. In India, the Official Secrets Act 1923 was enacted to protect the official secrets. The new law intend to disclose information replacing the ‘ culture of secrecy ‘. It will promote public accountability which will trim the malpractices, mismanagement, abuse of discretion and bribery etc.

OBJECTIVES: The object of RTI is to empower the citizens, promote transparency and accountability in the working of the Government. The Act is a big step towards making the citizens informed about the activities of the Government. Social Activist Aruna Roy has described India’s RTI as ” the most fundamental law this country has seen.”

EFFECT OF RIGHT TO INFORMATION: While the debate on corruption in the country rages on, the RTI Act is fast growing as an effective anti- corruption tool.

Jan Lok Pal Bill gained tremendous public support with citizens coming out on the streets of Delhi, Bangalore and other cities to voice their anger over corruption. Where RTI has been used by journalists and the media, the law has a broad base of users. Earlier right to freedom of speech and expression is granted under Article 19(1) of Constitution, but it requires fair and efficient procedure to make the freedom of information work. In the first three years, 2 million RTI requests were filed. The first and well known movement was by Mazdoor Kissan Shakti Sangathan (MKSS) in Rajasthan for the access to village accounts. Case studies and media reports shows that RTI is being used to redress individual grievances, access entitlements such as Ration Cards and pension. The RTI has paved way for informed citizenry which would strengthen the democratic Government of India. With this Act, we can use our right to speech and expressions and control the Government activities effectively. The idea of open Government is becoming a reality with the implementation of RTI Act. The RTI can be called a success only if the bureaucracy accepts that they have constitutional to serve into.

PROVISIONS OF RTI: Section 3 says all citizens shall have right to information. The Act enforces a duty upon the public authorities to disclosed all information. In V.S.Lee V. State of Kerala.. the remedy provided by Parliament is that wherever there is substantial financial support, the People, have the right to know or information. Section 4(2) states that every public authority shall take constant steps to provide information suo moto to the public. Thus, the authorities have to give information voluntarily so that the public have minimum resort to use this Act. The public authorities also have to disseminate (making known or communicated the information to the public through notice boards, newspapers, public announcements, media broad casts, internet and inspection of offices of public authority) information widely in any form which is easily accessible to the public. Information can be obtained by request in writing or through electronic means in English or Hindi or in official language of the area U/S 6. Here, the person has to give fees, and if request can’t be made in writing, the Central PIO and State PIO shall render all assistance to make request in writing form. If the information has been provided correctly or within time, it may be made available by appeal or complaint to the Information Commission U/S (8(a) 1). In The Registrar General V. K.U. Rajasekar, it was held that Section 8 of RTI specially deals with the cases of exemption from disclosure or information when such information affects prejudicially the sovereignty and security of India etc. Section 5 says every public authority shall within 100 days of enactment of the Act, designate as many as officers as the Central Public Information Officers or State Public Information Officers.

Section 6 permits person to obtain information in English or Hindi or in the official language of the area from the designated officers. The person need not to give any reason for the request. Section 7 requires the request to be disposed of within 30 days provided where information sought for concerns the life or liberty of a person, the same shall be provided within 48 hours. Section 7(7) before taking any decision for furnishing the information, the designated officer shall take into consideration the representation made by the third party U/S 11. Section 7(9) exempts granting information where it would divert the

Resources of the public authority or would be detrimental to the safety and preservation of the record in record. U/S 8,it is important to note that the Act specifies that intelligence and security organisations are exempted from the application of the Act. However, it is provided that in case the demand for information pertains to allegation of corruption and human rights violations, the Act shall apply even to such institutions.

RIGHT TO INFORMATION AS A FUNDAMENTAL RIGHT: The RTI is a fundamental right as in Article 19(1)(a) of the Constitution is now a well settled proposition. It has been discussed by Supreme Court in Number of cases, it has been read into Article 14.(Right to equality), 19(1)(a) freedom of speech and expression and Article 21 (Right to life) through cases such as Bennet Coleman V. Union Of India, Tata Press Ltd. V. Maharashtra Telephone Nigam Ltd. Etc. The same Articles were also interpreted in Kharak Singh V. State of U.P., Govind V. State of M.P. ETC. to include within their scope a right to privacy.

A plain reading of Section 11 suggests that for the section to apply the following three conditions must be satisfied (I) if the PIO is considering disclosing the information (ii) the information relates to the third party (iii) the third party treated the information to be confidential, the third party to be consulted and a notice to be sent to that party. Section 19 provides two tier system of appeals- First appeal and Second appeal. Any person who is aggrieved by the decision of the Central PIO and State PIO within 30 days can prefer First appeal before the First Appellate Authority. This authority shall be an officer who is senior in rank to the Central PIO and State PIO. An appeal can also be made by third party. The Second appeal lies before the State or Central Information Commission against the decision of the First Appellate Authority. It has to be filed within 90 days. As per Section 19(7), decision of Central or State Information Commission is final. The Information Commissioners shall be persons of eminence in public life with wide knowledge and experience in law, science and technology, social service, management, journalism, mass media and governance. In Nirmal Singh Dhiman V. Financial Commissioner Revenue, Section 23 says that no court shall entertain any suit, application or other proceeding in respect of any order and no order shall be called in question, otherwise than by way of an appeal. In case, the complainant was aggrieved against the non-supply of information by the Public Information Officer.

CRITICISM: The Act has been criticized on several grounds. It provides for information on demand, but does not sufficiently stress information on matters related to food, water, environment and other survival needs. It does not emphasize active intervention in educating people about their rights to access information. Another thing is allowing for file notings except those related to social and development projects to be exempted. File notings are very important when it comes to the policy making of the Government.

CONCLUSION: By enacting the RTI, India has moved from opaque and arbitrary system of Government to the beginning of an era where there will be greater transparency and to a system where the citizen will be empowered. The real Swaraj will come not by the acquition of authority by a few but by the acquition of capacity by all to resist authority when abused.

“KNOWLEDGE IS POWER, INFORMATION IS POWER, THE SECRETING OF INFORMATION MAY BE AN ACT OF TYRANNY CAMOUFLAGED AS HUMILITY.”

Information Management in Construction From a Lean Perspective

Lean thinkers have referred to “ensuring that relevant customer requirements are available in all phases of production, and that they are not lost when progressively transformed into design solutions, production plans and products.” Customer requirements are however only part of the information flow in design.

Information Waste

In Lean there are 7 classic wastes:

 

  • Over-production Producing more than is needed right now
  • Transportation Movement of product that does not add value
  • Motion Movement of people that does not add value
  • Waiting Idle time created when material, information, people, or equipment is not ready
  • Processing Effort that creates no value from the customer’s viewpoint
  • Inventory More materials, parts, or products on hand than is needed right now
  • Defects Work that contains errors, rework, mistakes or lacks something necessary

 

Some Lean thinkers add additional wastes:-

Making Do – Drawings, documents and information required to complete the task are not available and the task is started despite these not being available, or the task is continued when supply ceases

Unused Creativity – Effort available to the team but not used to create value

From these wastes the following information related wastes can be identified

 

  • Waiting – unable to do work because information is not available or time is spent trying to identify information that needs to flow
  • Over Processing – excessive steps to produce the output caused by resources or activities necessary to overcome a lack of information
  • Making Do – continuing with production in the absence of required information
  • Defects – drawings and design requiring rework and resources and activities used to correct or verify information
  • Unused Creativity – team members making do due to lack of information when they could be employed creating value

Information Flow

In design the “flow” is information to each workstation so that the output in the form of information for the next step in line (which could be further design or construction) can be completed on time and to budget with minimum waste.

A scenario can occur in a design office where an absence or shortage of knowledge and information threatens to halt production (of deliverables). The pressure of deadlines (push planning) requires work to continue and assumptions are made to fill in for the missing knowledge or information. This builds in the necessity to make corrections of the assumption later, or contingencies are made that the assumption may be incorrect and the design is “over-dimensioned.” The result is unplanned work.

Making do has been described as an “art” in the construction industry and that the response to lack of input availability is making do on a “massive scale”.

The conclusion is that the reduction of making do in design requires control and optimisation of the flow of information and knowledge in the design team and between teams.

Information Sources

Typical types of information include emails, letters, meeting notes, call records, drawings, electronic data and photographs. A distinction may be drawn between “data” and “information”:-

Data – Individual facts, statistics, or items of information.

Information – Knowledge communicated or received concerning a particular fact or circumstance or Knowledge gained through study, communication, research, instruction, etc.

In the project environment typically a large mass of data will exist which continually grows in size. Information that adds value to an output is a subset of the total data.

Management activity should therefore focus on Information as it is this which forms the value stream in the design process. An 80/20 rule may apply whereby only 20% of the data collected is used in creating value.

Applying lean 5S to information management produces:-

 

  • Sift (shine) – Ensure information is accurate and up to date
  • Sort – Structure information so it can be easily navigated and found
  • Set in Order – Store information in a single location that is available to all working on the project
  • Sustain – Make sure teams use the system and continuously improve
  • Standardise – Set protocols for information management

 

With the volumes of information within organisations increasing exponentially increasing attention is being paid to the challenges it produces, and the risks it creates.

In the absence of information management there is lack of certainty as to where information is, who has relevant information, and limited certainty as to its availability and currency. One consequence is that time is spent in search of essential information with which to continue production.

Smoothing the Design Workflow

To smooth the design workflow there must be a means of delivering the required information to the workface at the time it is required. It is however difficult in design to fix with certainty the time when information is required and in consequence information is delivered by “push”.

The concept of “pull” should be applied so that designers acquire information when they are ready to use it without the overload caused by “push”. There is then a likelihood that the information to be used in design will be current, correct and the best available.

Users need to be confident that they will find the information they are looking for and that it is current and up to date. All team members must use the system consistently and for all information.

Key principles of a strategy for managing project information within a Lean production (design) environment become:-

 

  • Identify valuable information as distinct from data and manage it
  • Users will only use a system if it has direct value to them or they understand the indirect value for another team
  • Information should be available in real time as soon as it is acquired
  • Minimise duplication of information
  • Minimise out of date information
  • Minimise duplication of effort
  • Information should only be delivered as it is demanded by users (pull)

 

Information Management Strategy

To achieve 5S in an industry which is heavily dependent on the flow of information and knowledge requires a system that can provide:-

Single source of all Information to:

 

  • Minimise duplication
  • Minimise out of date or superseded information
  • Provide Information on demand as it is needed

 

Be accessible to all project users at any time and be user friendly to:

 

  • Provide direct value to users
  • Enable users to supply information to others working on the project
  • Provide real time access with notification of changes and additions

 

Conclusions

Reducing making do generated by lack of information can be attained by the adoption of relatively simple strategies.