08456 80 40 47
08456 80 40 47


Information Governance (IG) is the execution of management leadership (direction) and control (assurance that direction is followed properly) in order to ensure that information is managed across the enterprise in compliance with the legal and regulatory framework within which an organisation is operating. The complexity of the requirements and the associate risks of non-compliance will vary according to the types of information being collected and the regulatory regime of the industry for example, financial sector, health sector.

IFC’s information governance service is made up of proven methods and tools that enable us to pragmatically review and implement solutions to comply with a wide range of legal and regulatory requirements in a wide range of countries (legal jurisdictions) including compliance with the:

  • UK Data Protection Act 1998 and incoming General Data Protection Regulation (GDPR)
  • International requirements including the EU Privacy Directive and Electronic Marketing Directive
  • Freedom of Information Act 2000 and codes of practice issued under Section 45 and 46 of the Act
  • Access to information under the Environmental Information Regulations
  • Application of International Security Standards ISO27001 and ISO27002 and compliance with HMG’s Information Security Policy
  • NHS Information Governance Toolkit
  • Application of Records Management Standard ISO15489

Core Services

Our offerings are modular in nature allowing organisations to focus on one or more areas that need to be reviewed.

Our compliance health checks are designed to address how organisations are using information and the key risk areas that may exist. They aim to provide assurance that key issues are not lost or omitted and provide management with a clear and concise understanding and visibility of the true priorities, which may prevent unnecessary expenditure of time and money on low-risk issues. The level and coverage can be adapted for those who have made progress with their compliance regimes but are concerned about areas they may have missed and for those who have completed assessments and need an independent view of their position. The review provides the organisation with a risk mitigation plan to assist in the management of ongoing compliance.

IFC's IG support service assists the management of the ongoing compliance with information related laws and regulations. This includes the development of policies, standards, procedures and improvements in compliance processes.

Following the identification of opportunities for improvement, our consultants provide expertise to support ongoing compliance. This can include design and production of retention schedules, reviewing governance structures for the introduction of SharePoint 2010/2013, production of information security risk assessments and risk treatment plans.