SlideShare a Scribd company logo

Web-based PIA Tool for Privacy Risk Management

Ben Omoakin Oguntala, developingafrica(dot)net
Ben Omoakin Oguntala, developingafrica(dot)net

This document describes a web-based tool for conducting privacy impact assessments. It allows project teams and compliance teams to identify and manage privacy risks associated with projects and changes. Key features include an initial survey to assess privacy risk, a full privacy impact assessment for higher risk projects, and a risk register to track mitigation of identified risks. The tool aims to provide an effective and collaborative solution for privacy risk management throughout a project's lifecycle.

TechnologyNews & Politics
1 of 10
Download to read offline
Privacy impact assessment A web based tool for Privacy/Legal/Compliance teams to engage projects and changes to their organisation www.dataprotectionofficer.com By Ben Oguntala Ben.oguntala@dataprotectionofficer.com www.dataprotectionofficer.com
Introduction Project manager or business units - Start cycle can create a project and manage the progress of their project through its milestones and can oversee how all its risks are identified and managed. Engage Approval project team Privacy/legal/compliance - can interface with the project team and have new projects, changes or business unit ideas assessed for risks and provide resolution. Privacy Risk Complete This solution is a web based, effective management survey and collaborative solution for privacy risk management. It allows for an effective business process that allows Privacy both the project management teams impact and compliance teams to address assessment project privacy issues as it progresses through its lifecycle. www.dataprotectionofficer.com
Privacy impact assessment cycle 3rd party Detail Privacy impact assessment Privacy Business unit Med & policies high risks Information Project asset 1 2 4 management Data PIA security 5 Log on to PIA initial PIA tool survey Change ISA request team 3 6 Contract Low risk register register Privacy Project Risk 1 PIA tool will be located on your intranet , accessible by all business units and Project Managers 2 PIA initial survey will be completed by projects and risk assessed. You can customise your PIA initial survey 3 Projects that score Low on the PIA Initial survey will have low privacy impact and be stored in the register. 4 Projects that score Medium or High will require a full Privacy impact assessment by the compliance team 5 Projects will be rated after their detailed PIA, those with mitigations = Low and those without Med/High 5 Privacy risk register will contains all the projects with risks associated awaiting review and resolution. www.dataprotectionofficer.com
Process overview Capturing project/change privacy risk management lifecycle Risk assurance Privacy/compliance team Forum 3rd party Privacy Risk Risk Project policies Acceptance review PIA form (online) form Privacy Risk mitigation Engagement Information Change asset Suppliers Data security register Business Privacy Risk units ISA Contract register Project www.dataprotectionofficer.com
Privacy project engagement solution overview Project Privacy Risk Project Business management Compliance assurance manager analyst office or Legal forum Project register Project Project PIA initial Risk Manager PIA Risk registration documentation survey mitigation allocation acceptance Risk review form Risk register Project A simple web based tool that capture changes to your organisation’s framework providing a consolidated platform to manage potential risks to your estate. www.dataprotectionofficer.com
The key participants Privacy Programme Project Privacy Impact Risk Assurance compliance or management management Assessment forum legal Light touch Project Project Senior PIA survey option (Fast approval management management track) Privacy Change PIA project Project team impact Risk Register approval allocation assessment Supplier or Project Risk Project PIA business unit Milestone acceptance milestone stakeholders approval Gate approval form Project Risk funding Risk review identification control The web based tool ensures that the key participants are engaged and the business processes ensures a consistent approach to all projects/changes. www.dataprotectionofficer.com
The business process SPMB RAF Privacy Sys admin Programme Project office Risk consultant Risk Assurance manager office forum Assess Project project risk Accept Review System allocation to survey assigned project risk administration Project PM projects register initiation results SPMB Assess Risk (Programme Upload Privacy Project cost resource project and acceptance office) users code project allocation carry out form allocation details risk approval assessment Privacy Project Legal/Compliance Handover to Update project privacy Find risk project management resources mitigations RAF management Periodic (Risk Assurance Assign review of the Forum) projects to Raise project risk register Complete Users risk risk in the FRS survey consultant risk register The tool ensures that the business process engages the right units at the right time and ensures that there are no redundant or neglected elements within the operation. www.dataprotectionofficer.com
snapshots Initial PIA Survey with Score www.dataprotectionofficer.com
Project register Project Project PIA initial Risk Privacy Manager PIA Risk registration documentation survey mitigation allocation PIA www.dataprotectionofficer.com
The lifecycle Project register Project Project PIA initial Risk Privacy Manager PIA Risk registration documentation survey mitigation allocation For more information about implementing Privacy Impact Assessment for your projects please contact: Ben Oguntala Ben.oguntala@dataprotectionofficer.com 07812 039 867 www.dataprotectionofficer.com

Recommended

Improving Your Information Security Program
Improving Your Information Security ProgramImproving Your Information Security Program
Improving Your Information Security ProgramSeccuris Inc.
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011Satish Hemachandran
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise CloudIndu Kodukula
 
Visa Security Logging Factsheet June 2012
Visa Security Logging Factsheet June 2012Visa Security Logging Factsheet June 2012
Visa Security Logging Factsheet June 2012Neira Jones
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...DFLABS SRL
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...DFLABS SRL
 
Sunera Business & Technology Risk Consulting
Sunera Business & Technology Risk ConsultingSunera Business & Technology Risk Consulting
Sunera Business & Technology Risk ConsultingSunera
 

Recommended

Improving Your Information Security Program
Improving Your Information Security ProgramImproving Your Information Security Program
Improving Your Information Security ProgramSeccuris Inc.
 
SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011SunGard Enterprise Cloud Services @ Cloud Connect 2011
SunGard Enterprise Cloud Services @ Cloud Connect 2011Satish Hemachandran
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise CloudIndu Kodukula
 
Visa Security Logging Factsheet June 2012
Visa Security Logging Factsheet June 2012Visa Security Logging Factsheet June 2012
Visa Security Logging Factsheet June 2012Neira Jones
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...DFLABS SRL
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...DFLABS SRL
 
Sunera Business & Technology Risk Consulting
Sunera Business & Technology Risk ConsultingSunera Business & Technology Risk Consulting
Sunera Business & Technology Risk ConsultingSunera
 
Agama Profile
Agama ProfileAgama Profile
Agama ProfileAgama Consulting
 
Agam Profile
Agam ProfileAgam Profile
Agam ProfileAgama Consulting
 
Business Objects Security
Business Objects SecurityBusiness Objects Security
Business Objects SecuritySebastien Goiffon
 
2007 issa journal-building a comprehensive security control framework
2007 issa journal-building a comprehensive security control framework2007 issa journal-building a comprehensive security control framework
2007 issa journal-building a comprehensive security control frameworkasundaram1
 
Integrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCIntegrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCDATAVERSITY
 
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance RequirementsIBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance RequirementsIBM Banking
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
Security models for security architecture
Security models for security architectureSecurity models for security architecture
Security models for security architectureVladimir Jirasek
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
Audit world slides
Audit world slidesAudit world slides
Audit world slideswdsnead
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe
 
Massbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed ProbaMassbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed ProbaJames McDonald
 
Building an Effective GRC Process with TrustedAgent GRC
Building an Effective GRC Process with TrustedAgent GRCBuilding an Effective GRC Process with TrustedAgent GRC
Building an Effective GRC Process with TrustedAgent GRCTuan Phan
 
From technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontierFrom technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontierRamsés Gallego
 
Jonathan Jesse Engineer Profile
Jonathan Jesse Engineer ProfileJonathan Jesse Engineer Profile
Jonathan Jesse Engineer ProfileITS Partners
 
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Andris Soroka
 
Dataplex Company Overview
Dataplex Company OverviewDataplex Company Overview
Dataplex Company Overviewdataplex systems limited
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT SecuritySeccuris Inc.
 
Real Time Risk Management
Real Time Risk ManagementReal Time Risk Management
Real Time Risk ManagementMike Popham MBA PhD CPEng FRSA
 
How to Fast Track Your Social Business Capabilities
How to Fast Track Your Social Business CapabilitiesHow to Fast Track Your Social Business Capabilities
How to Fast Track Your Social Business CapabilitiesPerficient, Inc.
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Ahmed Al Enizi
 
Ta Security
Ta SecurityTa Security
Ta Securityjothsna
 

More Related Content

What's hot

2007 issa journal-building a comprehensive security control framework
2007 issa journal-building a comprehensive security control framework2007 issa journal-building a comprehensive security control framework
2007 issa journal-building a comprehensive security control frameworkasundaram1
 
Integrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCIntegrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCDATAVERSITY
 
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance RequirementsIBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance RequirementsIBM Banking
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 sucesuminas
 
Security models for security architecture
Security models for security architectureSecurity models for security architecture
Security models for security architectureVladimir Jirasek
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationIBM Danmark
 
Audit world slides
Audit world slidesAudit world slides
Audit world slideswdsnead
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe
 
Massbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed ProbaMassbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed ProbaJames McDonald
 
Building an Effective GRC Process with TrustedAgent GRC
Building an Effective GRC Process with TrustedAgent GRCBuilding an Effective GRC Process with TrustedAgent GRC
Building an Effective GRC Process with TrustedAgent GRCTuan Phan
 
From technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontierFrom technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontierRamsés Gallego
 
Jonathan Jesse Engineer Profile
Jonathan Jesse Engineer ProfileJonathan Jesse Engineer Profile
Jonathan Jesse Engineer ProfileITS Partners
 
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Andris Soroka
 

What's hot (17)

Agama Profile
Agama ProfileAgama Profile
Agama Profile
 
Agam Profile
Agam ProfileAgam Profile
Agam Profile
 
Business Objects Security
Business Objects SecurityBusiness Objects Security
Business Objects Security
 
2007 issa journal-building a comprehensive security control framework
2007 issa journal-building a comprehensive security control framework2007 issa journal-building a comprehensive security control framework
2007 issa journal-building a comprehensive security control framework
 
Integrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLCIntegrating Information Protection Into Data Architecture & SDLC
Integrating Information Protection Into Data Architecture & SDLC
 
IBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance RequirementsIBM Banking: Automated Systems help meet new Compliance Requirements
IBM Banking: Automated Systems help meet new Compliance Requirements
 
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05 Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
 
Security models for security architecture
Security models for security architectureSecurity models for security architecture
Security models for security architecture
 
Sådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig informationSådan undgår du misbrug af kundedata og fortrolig information
Sådan undgår du misbrug af kundedata og fortrolig information
 
Audit world slides
Audit world slidesAudit world slides
Audit world slides
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0
 
Massbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed ProbaMassbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed Proba
 
Building an Effective GRC Process with TrustedAgent GRC
Building an Effective GRC Process with TrustedAgent GRCBuilding an Effective GRC Process with TrustedAgent GRC
Building an Effective GRC Process with TrustedAgent GRC
 
From technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontierFrom technology risk_to_enterprise_risk_the_new_frontier
From technology risk_to_enterprise_risk_the_new_frontier
 
Jonathan Jesse Engineer Profile
Jonathan Jesse Engineer ProfileJonathan Jesse Engineer Profile
Jonathan Jesse Engineer Profile
 
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
Lumension Security - State of Endpoint and Security DSS @Vilnius 2010
 
Dataplex Company Overview
Dataplex Company OverviewDataplex Company Overview
Dataplex Company Overview
 

Similar to Web-based PIA Tool for Privacy Risk Management

Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT SecuritySeccuris Inc.
 
How to Fast Track Your Social Business Capabilities
How to Fast Track Your Social Business CapabilitiesHow to Fast Track Your Social Business Capabilities
How to Fast Track Your Social Business CapabilitiesPerficient, Inc.
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Ahmed Al Enizi
 
Ta Security
Ta SecurityTa Security
Ta Securityjothsna
 
TA security
TA securityTA security
TA securitykesavars
 
What is an information professional?
What is an information professional?What is an information professional?
What is an information professional?John Mancini
 
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Chad Lawler
 
Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By DesignNalneesh Gaur
 
Security Patterns How To Make Security Arch Easy To Consume
Security Patterns How To Make Security Arch Easy To ConsumeSecurity Patterns How To Make Security Arch Easy To Consume
Security Patterns How To Make Security Arch Easy To ConsumeJeff Johnson
 
Pankaj's Resume Information Security Professional
Pankaj's Resume Information Security ProfessionalPankaj's Resume Information Security Professional
Pankaj's Resume Information Security ProfessionalPankaj Kumar
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprisehardik soni
 
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...UBM_Design_Central
 
Why Should Consultants and Systems Integrators Become Certified Information P...
Why Should Consultants and Systems Integrators Become Certified Information P...Why Should Consultants and Systems Integrators Become Certified Information P...
Why Should Consultants and Systems Integrators Become Certified Information P...John Mancini
 

Similar to Web-based PIA Tool for Privacy Risk Management (20)

Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT Security
 
Real Time Risk Management
Real Time Risk ManagementReal Time Risk Management
Real Time Risk Management
 
How to Fast Track Your Social Business Capabilities
How to Fast Track Your Social Business CapabilitiesHow to Fast Track Your Social Business Capabilities
How to Fast Track Your Social Business Capabilities
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
 
Ta Security
Ta SecurityTa Security
Ta Security
 
TA security
TA securityTA security
TA security
 
What is an information professional?
What is an information professional?What is an information professional?
What is an information professional?
 
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
Integrated Cloud Framework: Security, Governance, Compliance, Content Applica...
 
Managing Information Asset Register
Managing Information Asset RegisterManaging Information Asset Register
Managing Information Asset Register
 
Cloud Auditing
Cloud AuditingCloud Auditing
Cloud Auditing
 
Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By Design
 
Security Patterns How To Make Security Arch Easy To Consume
Security Patterns How To Make Security Arch Easy To ConsumeSecurity Patterns How To Make Security Arch Easy To Consume
Security Patterns How To Make Security Arch Easy To Consume
 
Pankaj's Resume Information Security Professional
Pankaj's Resume Information Security ProfessionalPankaj's Resume Information Security Professional
Pankaj's Resume Information Security Professional
 
Embedding Security in IT Projects
Embedding Security in IT ProjectsEmbedding Security in IT Projects
Embedding Security in IT Projects
 
Riskpro information risk management 2013
Riskpro information risk management 2013Riskpro information risk management 2013
Riskpro information risk management 2013
 
Riskpro information risk management 2013
Riskpro information risk management 2013Riskpro information risk management 2013
Riskpro information risk management 2013
 
Need of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless EnterpriseNeed of Adaptive Authentication in defending the borderless Enterprise
Need of Adaptive Authentication in defending the borderless Enterprise
 
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...Five Essential Enterprise Architecture Practices to Create the Security-Aware...
Five Essential Enterprise Architecture Practices to Create the Security-Aware...
 
TripleTree eDiscovery
TripleTree eDiscoveryTripleTree eDiscovery
TripleTree eDiscovery
 
Why Should Consultants and Systems Integrators Become Certified Information P...
Why Should Consultants and Systems Integrators Become Certified Information P...Why Should Consultants and Systems Integrators Become Certified Information P...
Why Should Consultants and Systems Integrators Become Certified Information P...
 

More from Ben Omoakin Oguntala, developingafrica(dot)net

More from Ben Omoakin Oguntala, developingafrica(dot)net (15)

Developing Africa Ode Remo brochure
Developing Africa Ode Remo brochureDeveloping Africa Ode Remo brochure
Developing Africa Ode Remo brochure
 
Developing Africa - Ode Remo
Developing Africa - Ode RemoDeveloping Africa - Ode Remo
Developing Africa - Ode Remo
 
Thisday story with Oguntala
Thisday story with OguntalaThisday story with Oguntala
Thisday story with Oguntala
 
Africa secretariat - The Home of African raw materials
Africa secretariat - The Home of African raw materials Africa secretariat - The Home of African raw materials
Africa secretariat - The Home of African raw materials
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
 
Risk Assessment And Risk Treatment
Risk Assessment And Risk TreatmentRisk Assessment And Risk Treatment
Risk Assessment And Risk Treatment
 
Data Protection Compliance In Economically Depressing Times
Data Protection Compliance In Economically Depressing TimesData Protection Compliance In Economically Depressing Times
Data Protection Compliance In Economically Depressing Times
 
Fraud Monitoring Solution
Fraud Monitoring SolutionFraud Monitoring Solution
Fraud Monitoring Solution
 
Conformidad De Seguridad De InformacióNv2
Conformidad De Seguridad De InformacióNv2Conformidad De Seguridad De InformacióNv2
Conformidad De Seguridad De InformacióNv2
 
Iso 27001 Audit Evidence Acquisitionv3
Iso 27001 Audit Evidence Acquisitionv3Iso 27001 Audit Evidence Acquisitionv3
Iso 27001 Audit Evidence Acquisitionv3
 
Iso 27001 Audit Evidence Acquisition
Iso 27001 Audit Evidence AcquisitionIso 27001 Audit Evidence Acquisition
Iso 27001 Audit Evidence Acquisition
 
Gprs/3G Troubleshooter
Gprs/3G TroubleshooterGprs/3G Troubleshooter
Gprs/3G Troubleshooter
 
Pci V2
Pci V2Pci V2
Pci V2
 
FoI
FoIFoI
FoI
 
Dpa V3
Dpa V3Dpa V3
Dpa V3
 

Recently uploaded

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 

Web-based PIA Tool for Privacy Risk Management

  • 1. Privacy impact assessment A web based tool for Privacy/Legal/Compliance teams to engage projects and changes to their organisation www.dataprotectionofficer.com By Ben Oguntala Ben.oguntala@dataprotectionofficer.com www.dataprotectionofficer.com
  • 2. Introduction Project manager or business units - Start cycle can create a project and manage the progress of their project through its milestones and can oversee how all its risks are identified and managed. Engage Approval project team Privacy/legal/compliance - can interface with the project team and have new projects, changes or business unit ideas assessed for risks and provide resolution. Privacy Risk Complete This solution is a web based, effective management survey and collaborative solution for privacy risk management. It allows for an effective business process that allows Privacy both the project management teams impact and compliance teams to address assessment project privacy issues as it progresses through its lifecycle. www.dataprotectionofficer.com
  • 3. Privacy impact assessment cycle 3rd party Detail Privacy impact assessment Privacy Business unit Med & policies high risks Information Project asset 1 2 4 management Data PIA security 5 Log on to PIA initial PIA tool survey Change ISA request team 3 6 Contract Low risk register register Privacy Project Risk 1 PIA tool will be located on your intranet , accessible by all business units and Project Managers 2 PIA initial survey will be completed by projects and risk assessed. You can customise your PIA initial survey 3 Projects that score Low on the PIA Initial survey will have low privacy impact and be stored in the register. 4 Projects that score Medium or High will require a full Privacy impact assessment by the compliance team 5 Projects will be rated after their detailed PIA, those with mitigations = Low and those without Med/High 5 Privacy risk register will contains all the projects with risks associated awaiting review and resolution. www.dataprotectionofficer.com
  • 4. Process overview Capturing project/change privacy risk management lifecycle Risk assurance Privacy/compliance team Forum 3rd party Privacy Risk Risk Project policies Acceptance review PIA form (online) form Privacy Risk mitigation Engagement Information Change asset Suppliers Data security register Business Privacy Risk units ISA Contract register Project www.dataprotectionofficer.com
  • 5. Privacy project engagement solution overview Project Privacy Risk Project Business management Compliance assurance manager analyst office or Legal forum Project register Project Project PIA initial Risk Manager PIA Risk registration documentation survey mitigation allocation acceptance Risk review form Risk register Project A simple web based tool that capture changes to your organisation’s framework providing a consolidated platform to manage potential risks to your estate. www.dataprotectionofficer.com
  • 6. The key participants Privacy Programme Project Privacy Impact Risk Assurance compliance or management management Assessment forum legal Light touch Project Project Senior PIA survey option (Fast approval management management track) Privacy Change PIA project Project team impact Risk Register approval allocation assessment Supplier or Project Risk Project PIA business unit Milestone acceptance milestone stakeholders approval Gate approval form Project Risk funding Risk review identification control The web based tool ensures that the key participants are engaged and the business processes ensures a consistent approach to all projects/changes. www.dataprotectionofficer.com
  • 7. The business process SPMB RAF Privacy Sys admin Programme Project office Risk consultant Risk Assurance manager office forum Assess Project project risk Accept Review System allocation to survey assigned project risk administration Project PM projects register initiation results SPMB Assess Risk (Programme Upload Privacy Project cost resource project and acceptance office) users code project allocation carry out form allocation details risk approval assessment Privacy Project Legal/Compliance Handover to Update project privacy Find risk project management resources mitigations RAF management Periodic (Risk Assurance Assign review of the Forum) projects to Raise project risk register Complete Users risk risk in the FRS survey consultant risk register The tool ensures that the business process engages the right units at the right time and ensures that there are no redundant or neglected elements within the operation. www.dataprotectionofficer.com
  • 8. snapshots Initial PIA Survey with Score www.dataprotectionofficer.com
  • 9. Project register Project Project PIA initial Risk Privacy Manager PIA Risk registration documentation survey mitigation allocation PIA www.dataprotectionofficer.com
  • 10. The lifecycle Project register Project Project PIA initial Risk Privacy Manager PIA Risk registration documentation survey mitigation allocation For more information about implementing Privacy Impact Assessment for your projects please contact: Ben Oguntala Ben.oguntala@dataprotectionofficer.com 07812 039 867 www.dataprotectionofficer.com