Data Privacy
Services and Solutions
Privacy and Security Gap Assessments
Policies and procedures review
Data flow, inventory and locations mapping
Controls evaluation to standards
Risk assessment
Findings and recommendations report
Effective knowledge transfer
Privacy and Security Program Establishment
Design governance infrastructure and roles and responsibilities and assist in kicking off program
Define risk management and controls framework
Develop policies and procedures
Develop and deliver training
Design program monitoring
Obtain executive and board commitment
Third Party Due Diligence and Management
Pre-contract due diligence and contract requirements
Cloud services (use cases) policy and guidance
Managed security services – build vs. buy guidance
Provide third party management policy around due diligence, contracting, and ongoing monitoring
Privacy-by-Design
Privacy Impact Assessments during product design to inform privacy notice, requirements, and controls
Privacy engineering (SDLC) policy and training for project managers and developers
E.g. big data, mobile apps, IoT, websites, health care applications: where Personal Information is collected
Expert Privacy Consulting Services
Build and or maintain Privacy Notice
Privacy-by-Design guidance
Data flow, inventory and locations mapping
Comprehensive controls evaluation • Risk assessment
Develop policies and procedures
Deliver user, developer, and management training
Cross border transfer rules guidance
Support business development by helping respond to third party due diligence requests
Conduct due diligence on third parties
Audit preparation
Support Hiring and Development
Source and interview CPO / CISO candidates
Train and mentor internal candidates