Information security – a lesson from the web

Information security of customer information has always been a priority for organisations, particularly those organisations that are in the market of managing information of customers.

It was with interest that I read today about the possibility of a large number of customers social security numbers (an important number in the USA, akin to the TFN number in Australia) being inappropriately disclosed on the outside of an envelope to the customers.

The risks surrounding privacy of customer information have always ranked as one of the highest and most important risks for all organisations, and it is therefore amazing to read about such incidents.  What we always forget in managing this risk is that the real underlying risk is the human error potential surrounding the risk being realised.

So, in managing the risk surrounding privacy, we should not just focus on making sure our systems encrypt and secure the data but also look at the “simple” way we use data and ensure every time we extract data and use it, we think of the privacy elements of the data being used.

Sounds obvious and simple, but alas seems to always come back in some story or article around customer information being used incorrectly.


Scott North has extensive experience in enterprise risk management, internal audit, operational risk and compliance, risk strategy, scenario planning, technology risk, technology business analysis, systems design, financial accounting, and management accounting. Scott is a Fellow of the Australian Institute of Chartered Accountants with a Masters Degree from the University of Melbourne in Business and Information Technology. Scott is also a Fellow of the University of Melbourne.

Read More

Related Articles

How to Ensure Your Sustainability Strategy Stays Clean

As we embrace the shift towards a greener economy, sustainability products are on the rise. However, with this growth, we've also seen an increase...

The Future of Australia’s Financial Services Industry: Embracing the Financial Accountability Regime

APRA and ASIC Spearhead a Revolutionary Change in the Financial Sector Introduction Today marks a significant milestone for the Australian financial services industry as the Australian...

Effective Risk Committees

Every Risk Moment Matters