Data Protection: Governance, Risk Management, and Compliance

David G. Hill

August 10, 2009 by CRC Press
Reference - 330 Pages - 18 B/W Illustrations
ISBN 9781439806920 - CAT# K10353


Add to Wish List
FREE Standard Shipping!


  • Places data protection in a GRC framework, enabling readers to easily grasp the overall picture of data protection
  • Discusses existing and emerging data protection technologies and how they relate to each other
  • Explores the impact of novel trends, such as cloud computing, storage tiering, server virtualization, and green computing
  • Shows how to improve the data protection process through the high-level PRO-Tech model


Failure to appreciate the full dimensions of data protection can lead to poor data protection management, costly resource allocation issues, and exposure to unnecessary risks. Data Protection: Governance, Risk Management, and Compliance explains how to gain a handle on the vital aspects of data protection.

The author begins by building the foundation of data protection from a risk management perspective. He then introduces the two other pillars in the governance, risk management, and compliance (GRC) framework. After exploring data retention and data security in depth, the book focuses on data protection technologies primarily from a risk management viewpoint. It also discusses the special technology requirements for compliance, governance, and data security; the importance of eDiscovery for civil litigation; the impact of third-party services in conjunction with data protection; and data processing facets, such as the role of tiering and server and storage virtualization. The final chapter describes a model to help businesses get started in the planning process to improve their data protection.

By examining the relationships among the pieces of the data protection puzzle, this book offers a solid understanding of how data protection fits into various organizations. It allows readers to assess their overall strategy, identify security gaps, determine their unique requirements, and decide what technologies and tactics can best meet those requirements.