Organisations will normally carry out a risk assessment as the first step in data security. This involves trying to find out the possible threats to the data.

Data files are vital to the running of an organisation. Any loss or corruption of data will have serious or fatal implications. Delays, loss of business and possible legal action may result. For these reasons many safeguards are used to protect files from:

• Hardware failures - all hardware dies eventually.
• Software failures - programming bugs can be hidden for a long time before a rare combination of events reveals the problem.
• Human Errors  - Accidental changing of data or deletion of files.
• Deliberate damage - may be caused by an angry employee, a virus or a hacker.

Risk assessment should be regularly carried out as threats to data change. Recovery plans should also be thought out in case data does get damaged or lost.