You are currently focusing on the certification. Go to program dashboard.
This Playbook is designed to help you define how data privacy is managed now in your organization -- so that you can identify and prioritize aspects in need of improvement.
Data privacy management is an organization-wide effort. Businesses most often find themselves with reputational damage when they treat data
privacy as purely an IT concern and breaches occur. Positive and supportive ‘tone at the top’ from the board on down is indispensable. Business unit heads must have data privacy management included in their job descriptions and in their Key Performance Indicators (KPIs), which they may cascade down to their senior managers.
With these foundational messages and responsibilities in place, the first step to improving data privacy management capability is to define the current state of that capability; the second step is to revise it where weaknesses are identified.
By developing and maintaining a data inventory and data flow map, an organization gains a clear view of its present state of data privacy
management – a necessary requirement to prepare for improvement. With this knowledge, it can better ensure that it is:
• addressing the factors that support consumer trust in the organization, and
• developing policies and standard operating procedures that support compliance with applicable data privacy laws.
This Playbook provides tools to help you complete this critical first step. Playsheets 1 and 2 support development of the data inventory; playsheets 3
and 4 support development of the data flow map.
Featured in: Data Privacy , Playbooks
Information & Billing:
+1 (602) 234-9278
Principled Performance, Driving Principled Performance, Putting Principles Into Practice, OCEG, GRC360°, ActiveLearning, EventDay and LeanGRC are registered trademarks of OCEG.
Protector Skillset, Protector Mindset, Protector Code, Lines of Accountability, GRC Professional, GRCP, GRC Fundamentals, GRC Auditor, GRCA, GRC Audit Fundamentals, Data Privacy Fundamentals, Integrated Data Privacy Professional, IDPP, Policy Management Fundamentals, Integrated Policy Management Professional, IPMP, Integrated Audit & Assurance Professional, IAAP, Integrated Governance & Oversight Professional, IGOP, Integrated Strategy & Performance Professional, ISPP, Integrated Risk Management Professional, IRMP, Integrated Decision Management Professional, IDMP, Integrated Compliance & Ethics Professional, ICEP, Integrated Business Continuity Professional, IBCP, Integrated Information Security Professional, IISP are trademarks of OCEG.