IIM-Africa Introduces GIMC-Certification for Employees


With the prevailing information breaches in government and private organisations in recent times, the Institute of Information Management (IIM-Africa) has introduced a unique General Information Management Competence Certification (GIMC-Certification) programme aimed at mitigating information risk and raising the awareness among stakeholders and employees in various organisations.
Speaking on the certification programme, President and Chairman Board of Directors/Governing Council at IIM – Africa, Dr. Oyedokun Oyewole, said that information, in whatever form, is a valuable asset to any organisation be it public or private, as it is the basis on which strategic decisions are made and daily tasks are performed. Management executives, employees, customers and other stakeholders all rely on that information being timely, reliable, accurate and complete.

According to Oyewole, “It’s no surprise to see insider threats as the biggest risk to information management and security as employees will always be the one thing that cannot be controlled. Employees and other information users within any organisation constitute one of the greatest threats to information security, as the individuals closest to the organizational data and information. They do not necessarily have to be malicious to put a company at risk due to the fact that they may not understand the possible risks and consequences associated with their actions”.
Good information, he said, could be undermined in many ways, as corrupted or compromised information can cause a wide range of problems, from those that are simply annoying to those that could have a major impact on an organisation’s future. “Information risk encompasses all the challenges that result from an organisation’s need to control and protect its information”.
Speaking on why employees and other stakeholders should be certified, Oyewole said the value of information as an asset goes beyond its volume. Usually the basis on which management, clients and investors make vital decisions, so it is essential for that information to be available, reliable, accurate and complete.
“IIM research has confirmed that effective staff training and certification can halve the number of insider breaches, by ensuring employees understand the importance of information management, security and their role in protecting businesses critical information,” he said, adding,
“The success of any organisation will depend largely on the trust and goodwill of employees, vendors/suppliers, customers, and the public at large, so it is essential that all its information is properly managed, controlled and protected.”
The GIMC-Certification can have a huge impact on all kinds of insider information security threats, being the most effective means to combat negligence that could results in data loss or exposure as: every organisation, regardless of its size or sector, handles information which must be appropriately controlled and protected against the threats, non-technical as well as technical, that can affect it, Oyewole said.
according to him, unauthorised exposure/disclosure, compromised information can cause enormous damage to an organisation’s operations and reputation. Information not appropriately protected can lead to serious compliance and legal failures.
He added that good Information Risk Management helps organisation get the best out of its information and allows it to move forward and develop, confident that its risks are under control.
He explained that IIM GIMC-Certification would promote the awareness of information management and security across board; assist employees understand the basics of what information management is, including individual roles and responsibilities in the process of information creation, storage, usage, sharing and disposition; educate employees and other users on how to better manage both personal and corporate information, aimed at assisting individuals and organisations understand and imbibe best practices on how to mitigate information risk and handling of sensitive information within their organisations.