Privacy Policy Development
We assist organizations by creating and refining privacy policies and procedures and related controls to fit with the regulatory, legal and business environment that impact operational activities. |
Risk Assessments & Privacy Impact Statements
A privacy impact assessment (PIA) is a process used to determine how a program or service could affect the privacy of an individual. A PIA is a way for an organization to state its commitment to protect the privacy of individuals. Our assessments are tailored to each organizations unique risks and business and cost requirements. |
Data Governance / DPR Data Protection Officer:
IaS can assist with defining the role of a DPO and provide support for this critical activity - “The controller and the processor shall ensure that the data protection officer is involved, properly and in a timely manner, in all issues which relate to the protection of personal data.” The DPO should only report directly to the highest level of management at the organization. |
Data Inventory & Classification
IaS works with organizations to prepare a complete inventory of data and where it is stored. We assist in rationalising data about customers, vendors and employees to improve business operations and regulatory compliance. The IaS team can review, refine an organization's data classification policies and procedures to more efficiently comply with regulations, and to derive more value from your data. |
Data Leakage
Data leakage is a key risk and if controls are inadequate, the financial and regulatory consequences to organizations can be devastating. IaS can assist in determining where critical data resides and what data is at risk of intentional or unintentional leaking. We can design a data leakage prevention strategy, programs, technologies and monitoring controls to mitigate the risks. |
Vendor Due Diligence
While many organizations outsource operations, responsibility for this risk cannot be outsourced. Assessing and monitoring vendor's privacy and data management controls is more complex than monitoring one's own. Our professionals have extensive experience advising clients with their vendor programs. |