Privacy Program Assessment
We work with organizations to review existing privacy programs, considering business goals, financial constraints, and data lifecycle requirements. Guided by a privacy regulation-driven framework, we assess information governance, risk, and compliance functions across premises, public, and private cloud environments. This assessment focuses on consent management, individual rights management, and discovery through a review of existing governance, controls, and processes. Prioritized program enhancement recommendations are provided to security leaders post-results.
Data Privacy Discovery Assessment
Understand your sensitive data exposure. Cloud environments increase the locations where sensitive data can be exposed, generating risk. We help organizations identify and map sensitive data associated with privacy risk. A selection of automated tools identify data exposure across the organization, including on-premises, cloud Infrastructure-as-a-Service (IaaS), and Software-as-a-Service (SaaS) environments. Customers receive a prioritized recommendation roadmap outlining exposed data, risk reduction strategies, security control revisions, and further automation opportunities.
Privacy Impact Assessment
Data controllers are obligated to ensure sufficient safeguards are in place when handling or collecting protected data. Assessments help organizations understand and manage risk while fostering compliance when developing, updating, or procuring new programs, technologies, or systems that handle or collect PII. Our privacy impact assessment considers regulatory compliance across the entire data lifecycle. Areas assessed include access and security, monitoring and breach notifications, notice and consent management, and privacy by design.