All You Need To Know About Information Management Policies

Contact Us

A key IT policy to protect your information assets

An information asset is any information that has value to your organisation, regardless of how or where it is stored and what form it takes. Within the suite of IT policies provided in Policy Management as a Service is a well written Information Management Policy that can be tailored to help protect your information assets.

What is an information management policy?

An information management policy gives clear direction regarding the creation, capture and management of information assets in order to satisfy business, legal and stakeholder requirements and is just one policy within the suite of IT policies.

Want to learn more? Contact our Experts today to book a live demo of the Policy Management as a Service.

What does an information management policy include?

  • The information management responsibilities of users, managers and technical staff
  • Management of information
  • Deletion of information
  • The collection and dissemination of information
  • Information access

Testimonial - Rother District Council

“Now we have the Essentials version of policies in place from PPS it provides an excellent incentive for everyone to strive to do things properly. The policies will form a key part of Council’s ongoing training on GDPR and cybersecurity awareness” - Graham McCallum, IT Manager

How to determine what should be classed as an information asset?

Examples of key questions to consider are:

What value does the asset have to the organisation?

Do we understand what the asset is, and what it is used for?

Could there be a legal, reputational or financial repercussion if the asset cannot be reproduced when required?

Would business operations be affected if the asset could not be easily accessed?

The IT security policy framework that Policy Management as a Service delivers includes a range of related IT policies that support the Information Management Policy - examples include an Access Control Policy, Cloud Computing Policy and Legal Compliance Policy.

Testimonial - Tower Hamlets Community Housing

“I assessed our requirements in the area of IT Policies and it was very evident that we had a lot of work to do if we were to draft content that was easy to read and understand, whilst being aligned with best practice. My estimate was that it would take 12-18 months to do this exercise in house and that was time we didn’t have, particularly as we were immersed in deploying new technology. I began researching options and identified Protocol Policy Systems (PPS) as a specialist provider in this area.“ - David Sheehan, Head of IT

The difference between Information Governance and Information Management

To develop an effective Information Management Policy to sit within your suite of IT Policies, you need to have a clear understand of what Information Management does and does not consist of;

Information governance (IG) is focussed on the organisational policies, processes, technologies and strategies that are employed to use information to meet its business needs, comply with legal and industry regulations whilst minimising risks. IG is focussed on the control of information, its creation, valuation, usage, storage, and deletion.

Information management is focussed on the lifecycle of information—the acquisition of information from different sources, custodianship of information, the distribution of information, and the deletion or archiving of information as documented in an organisation’s information governance policies.

Testimonial - Buckinghamshire Council

“The policies form part of our Document Library which we look to maintain to the requirements of ISO standards. The commitment in terms of reviewing them and ensuring that latest versions are published is now far less onerous, as is ensuring that they reflect latest changes to legislation and good practice” - Sarah Barnes, Head of Information Technology Operations


Contact Protocol Policy Systems to learn how we assist organisations to put the foundations in place for a secure computing environment.


Contact Us Today

Fill in the form or call us on (UK) +44 845 241 0099 or (NZ) +64 9 570 2233


We make it our business to understand your business and your pain points before we start. Understanding how your organisation operates and the current challenges it may be facing around policy management enables us to develop the right IT Security Policy Framework for your business. Our end goal is to and ensure that our recommendations are the right fit for your business.

Learn more >


Understanding the complex world of IT Polices can be daunting. Our experts work with you to develop and deliver policies that document how digital information is to be managed. The policies are automatically cross referenced to relevant industry standards and best practice including ISO, PCI, PSN and Cyber Essentials. 

Learn more >


We support you in implementing those policies, and continue to do so as they change over time. Updates to the content, standards, mappings, and supporting material are handled by us. Our subject matter experts can also help you adapt and create new policies as your business requirements change.

Learn more >

IT Policy Management Software

We provide a securely hosted, cloud based IT policy management software that’s easy to drive and navigate. For most users, no special training is needed. Admin functions for primary users are easily learned, and backed by supporting material and a dedicated PPS team. Full audit and compliance indexing is provided for IT and GRC personnel.

Learn more >


Contact Us Today

Fill in the form or call us on (UK) +44 845 241 0099 or (NZ) +64 9 570 2233