SlideShare a Scribd company logo

Mapping Business Processes to Compliance Procedures

DATAVERSITY
DATAVERSITY

As companies define their business objectives, they also need to establish business processes for the regulatory guidelines they will be required to meet, such as PCI DSS, HIPAA, or SOX. Corporate legal teams need to validate the business’s compliance against the defined processes, so that they can understand how data flows and how the enterprise architecture helps with compliance to those regulations. Business and technical teams need a way to share the information on corporate objectives and reconcile it to the technical architecture. IDERA’s Kim Brushaber will discuss the challenges faced and how to use business processes for legal compliance.

Technology
1 of 44
Download to read offline
© 2018 IDERA, Inc. All rights reserved. BUSINESS PROCESSES TO COMPLIANCE PROCEDURES Presented by Kim Brushaber, Senior Product Manager, IDERA
“ © 2018 IDERA, Inc. All rights reserved. A jury consists of twelve persons chosen to decide who has the better lawyer. - Robert Frost
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. BUSINESS JARGON VS TECHNICAL JARGON 3
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. JARGON – BUSINESS VS TECHNICAL VS LEGAL BUSINESS JARGON TECHNICAL JARGON LEGAL JARGON
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. OBJECTIVES FOR EACH GROUP BUSINESS GROUP ▪ Reporting to Stakeholders ▪ Assessing ROI of releases ▪ Identifying PII Data ▪ Defining Business Processes TECHNICAL GROUP ▪ Software implementations ▪ Database Security ▪ Encryption ▪ Data Masking LEGAL GROUP ▪ Liability ▪ Addressing regulation concerns ▪ Legal bases covered ▪ Data Protection Policies
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. OBJECTIVES FOR EACH GROUP BUSINESS GROUP TECHNICAL GROUP LEGAL GROUP
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. GETTING THE TEAMS TO WORK TOGETHER
“ © 2018 IDERA, Inc. All rights reserved. A lawyer is a person who writes a 10,000 word document and calls it a brief. – Franz Kafka
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. WHY ARE LEGAL TEAMS GETTING MORE INVOLVED?
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. PRIMARY AREAS OF FOCUS FOR GENERAL COUNSEL When asked what are the primary areas of focus for the coming 12 months (selecting all that apply): ▪ 59% - Data privacy and security matters ▪ 49% - Employee compliance training ▪ 40% - Third-party oversight and management ▪ 36% - Changes in regulatory matters ▪ 34% - Bribery and corruption ▪ 19% - Internal investigations https://consero.com/august-2017-corporate-compliance-ethics-report/
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. REGULATORY GUIDELINES (NOT ALL INCLUSIVE) ▪ Basel I, II and III (Banking) ▪ CGMP (Goods Manufacturing) ▪ CIS (Security) ▪ DISA/STIG (Security) ▪ FERPA (Family Rights) ▪ FISMA (Federal Agencies) ▪ GLBA (Finance) ▪ GDPR (Data Protection – EU) ▪ HIPAA (Healthcare) ▪ ISO (Security) ▪ NERC CIP (Electricity) ▪ PIPEDA (Data Protection – Canada) ▪ PCI DSS (Payment Cards) ▪ SOX (Accounting and Finance) 11
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. GUIDELINES MAY ASK YOU TO: ▪ Be transparent in how data is processed ▪ Collect only the information that is necessary ▪ Keep data accurate and up to date ▪ Keep data for a set amount of time ▪ Process information with adequate security measures in place ▪ Log, audit and monitor your operations and processing systems ▪ Detect and report on data breaches in a timely manner 12
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. GDPR AND THE DATA PROTECTION OFFICER (DPO) GDPR Article 39 states that the DPO’s responsibilities include (but are not limited to): ▪ Educating the company and employees on compliance requirements ▪ Training staff who are involved in data processing ▪ Conducting audits to ensure compliance and address any issues ▪ Liaison between the company and the GDPR Supervising Authority ▪ Monitoring the impact of data protection efforts ▪ Maintaining comprehensive records on all data processing activities ▪ Interfacing with users to inform them how their data is being used ▪ Creating and updating documentation on data protection policies ▪ Consulting on how to deal with privacy breaches
“ © 2018 IDERA, Inc. All rights reserved. 28K Data Protection Officers (DPOs) will be needed in the US and EU with as many as 75K needed around the Globe due to GDPR. (https://www.reuters.com/article/us-cyber-gdpr-dpo/rise-of-the-data-protection-officer-the-hottest-tech- ticket-in-town-idUSKCN1FY1MY)
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA SECURITY EXECUTIVE PERSPECTIVE ▪ 90% of CIOs admit to wasting millions on inadequate cybersecurity ▪ 90% of CIOs have already been attacked or expect to be attacked by bad guys hiding in their encryption ▪ 87% of CIOs believe their security controls are failing to protect their businesses ▪ 85% of CIOs expect criminal misuse of keys and certificates to get worse https://www.venafi.com/assets/pdf/wp/Venafie_2016CIO_SurveyReport.pdf
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. US DATA BREACHES IN 2017 https://www.idtheftcenter.org/images/breach/2017Breaches/2017AnnualDataBreachYearEndReview.pdf Category # of Breaches % of Breaches # of Records % of Records Banking/Credit/Financial 134 8.5% 3,122,090 1.7% Business 870 55.1% 163,449,242 91.3% Educational 127 8.0% 1,418,258 .8% Government/Military 74 4.7% 5,903,448 3.3% Medical/Healthcare 374 23.7% 5,062,031 2.8% Total for all Categories 1579 100% 178,955,069 100%
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. US DATA BREACHES IN 2018 AS OF 8/22/18 https://www.idtheftcenter.org/wp-content/uploads/2018/08/ITRC-Breach-Stats-Report-YTD-Summary-2018-7J.pdf Category # of Breaches % of Breaches # of Records % of Records Banking/Credit/Financial 96 12.2% 1,706,080 6.2% Business 361 45.8% 18,069,311 66.1% Educational 56 7.1% 787,868 2.9% Government/Military 63 8% 1,641,479 6% Medical/Healthcare 213 27% 5,113,765 18.7% Total for all Categories 789 100% 27,318,503 100%
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA BREACH LITIGATION ▪ Lawsuits are filed almost instantaneously upon announcement of a breach ▪ Legal defense costs between $500K and $1M are typical ▪ Regulatory fees and judgments can be extensive • Target paid $18.5M after a 2013 breach affecting 41M customers ▪ Legal defense works to determine the perceived “injury” and standard of harm of those affected by the breach (which still varies wildly) • Who was affected and what data was breached? ▪ Legal defense works on second level issues – class certification, causation, proof of damages
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA IN A “LEGAL HOLD” OR “LITIGATION HOLD” ▪ Initiate a legal hold ASAP instructing stakeholders, key employees and data stewards not to delete or alter their data ▪ Interview data team to understand what data needs to be retained ▪ Interview data team to understand the events under investigation ▪ Make sure that relevant data is preserved (either left in place or archived) ▪ Confirm that processes will not interfere with the preserved data ▪ Create a process to handle the responsibilities of the hold (preparing information for the legal teams and managing the process) ▪ Tracking the hold through the process and releasing it upon completion
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. INTERNAL INVESTIGATIONS INVOLVING DATA Amazon is currently investigating claims of employees leaking data for bribes • Providing internal sales metrics • Delivering reviewers’ email addresses • Deleting negative reviews • Restoring banned accounts https://www.cnbc.com/2018/09/17/amazon-investigating-claims-of-employees-leaking-data-for-bribes.html
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. LEGAL TEAMS NEED TO KNOW ▪ What processes affect data (especially PII data)? ▪ Which systems interact with the data? ▪ What happens to the data out of the company domain? ▪ Who has access to the data? ▪ What are the security policies and protocols? ▪ Are the processes being followed/audited? ▪ In the case of a “legal hold” what information is relevant? ▪ How do you track users accessing/modifying data they shouldn’t be?
“ © 2018 IDERA, Inc. All rights reserved. People are getting smarter nowadays; they are letting lawyers, instead of their conscience, be their guide. - Will Rogers
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. HOW CAN YOU START TO ENGAGE YOUR LEGAL TEAM?
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA IN PICTURES Business Technical Legal
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. PICTURES AREN’T JUST WORTH 1000 WORDS ▪ They enhance the story ▪ They communicate a vision ▪ They can be language/jargon agnostic ▪ They clarify the points you are trying to make ▪ They bring everyone onto the same page So why not use pictures instead of words when describing a business? 25
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. BUSINESS PROCESS DIAGRAMS ▪ Business Process Diagrams allow you to tell the story in a language that all 3 can understand ▪ Once you have started documenting a process, it’s easy to discuss all of the aspects relating to that item ▪ Each group will see different gaps and holes in the process ▪ Processes can easily be refined to incorporate new input ▪ Processes can be used to educate others in the company ▪ Processes can be used to train new people when they join
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. SIMPLE ORDER PROCESS * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. BUSINESS APPLICATIONS * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. BUSINESS ELEMENTS * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. TECHNICAL DETAILS * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. LEGAL CONSIDERATIONS * Business Process Diagram created using IDERA ER/Studio Business Architect
“ © 2018 IDERA, Inc. All rights reserved. Lawyers are seldom loved but often needed. - Robert McKay
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. EXAMPLES OF BUSINESS PROCESS MODELS FOR EVERYONE
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DETERMINE WHEN DATA SHOULD BE AVAILABLE * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. WHO HAS ACCESS TO THE DATA? * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. HOW DATA IS ARCHIVED 36 * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. HANDLING PII DATA * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. ESTABLISHING SECURITY PROTOCOLS * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA PROTECTION 39 * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. HOW TO RESPOND TO A BREACH * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA BREACH NOTIFICATION * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA COMPLIANCE 42 * Business Process Diagram created using IDERA ER/Studio Business Architect
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. IN CONCLUSION ▪ Different parts of the organization need to work together like never before ▪ Data Protection Officers are mandatory for those adhering to GDPR ▪ Regulations, Data Breaches and Litigation Holds require the legal team to have more active participation with data and how it is processed ▪ As companies continue to acquire more data, the need will not diminish ▪ Business Processes are the pictures that bring everyone (business, technical, and legal) into alignment
© 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. THANKS! Any questions? You can find me on Twitter via: Kim Brushaber @Brushaber_IDERA 44

Recommended

Mapping Business Processes to Compliance Procedures
Mapping Business Processes to Compliance ProceduresMapping Business Processes to Compliance Procedures
Mapping Business Processes to Compliance ProceduresDATAVERSITY
 
Slides: The Business Value of Data Modeling
Slides: The Business Value of Data ModelingSlides: The Business Value of Data Modeling
Slides: The Business Value of Data ModelingDATAVERSITY
 
Integrate ERP and CRM Metadata into ER/Studio
Integrate ERP and CRM Metadata into ER/StudioIntegrate ERP and CRM Metadata into ER/Studio
Integrate ERP and CRM Metadata into ER/StudioDATAVERSITY
 
Modeling Data Governance
Modeling Data GovernanceModeling Data Governance
Modeling Data GovernanceDATAVERSITY
 
New Year’s Resolution - Improve Team Communication
New Year’s Resolution - Improve Team CommunicationNew Year’s Resolution - Improve Team Communication
New Year’s Resolution - Improve Team CommunicationDATAVERSITY
 
Accelerate Your Move to the Cloud with Data Catalogs and Governance
Accelerate Your Move to the Cloud with Data Catalogs and GovernanceAccelerate Your Move to the Cloud with Data Catalogs and Governance
Accelerate Your Move to the Cloud with Data Catalogs and GovernanceDATAVERSITY
 
Advanced Databases and Knowledge Management
Advanced Databases and Knowledge ManagementAdvanced Databases and Knowledge Management
Advanced Databases and Knowledge ManagementDATAVERSITY
 
Seiner dataversity - rwdg 2017-09 - how to select the appropriate data gove...
Seiner dataversity - rwdg 2017-09 - how to select the appropriate data gove...Seiner dataversity - rwdg 2017-09 - how to select the appropriate data gove...
Seiner dataversity - rwdg 2017-09 - how to select the appropriate data gove...DATAVERSITY
 

Recommended

Mapping Business Processes to Compliance Procedures
Mapping Business Processes to Compliance ProceduresMapping Business Processes to Compliance Procedures
Mapping Business Processes to Compliance ProceduresDATAVERSITY
 
Slides: The Business Value of Data Modeling
Slides: The Business Value of Data ModelingSlides: The Business Value of Data Modeling
Slides: The Business Value of Data ModelingDATAVERSITY
 
Integrate ERP and CRM Metadata into ER/Studio
Integrate ERP and CRM Metadata into ER/StudioIntegrate ERP and CRM Metadata into ER/Studio
Integrate ERP and CRM Metadata into ER/StudioDATAVERSITY
 
Modeling Data Governance
Modeling Data GovernanceModeling Data Governance
Modeling Data GovernanceDATAVERSITY
 
New Year’s Resolution - Improve Team Communication
New Year’s Resolution - Improve Team CommunicationNew Year’s Resolution - Improve Team Communication
New Year’s Resolution - Improve Team CommunicationDATAVERSITY
 
Accelerate Your Move to the Cloud with Data Catalogs and Governance
Accelerate Your Move to the Cloud with Data Catalogs and GovernanceAccelerate Your Move to the Cloud with Data Catalogs and Governance
Accelerate Your Move to the Cloud with Data Catalogs and GovernanceDATAVERSITY
 
Advanced Databases and Knowledge Management
Advanced Databases and Knowledge ManagementAdvanced Databases and Knowledge Management
Advanced Databases and Knowledge ManagementDATAVERSITY
 
Seiner dataversity - rwdg 2017-09 - how to select the appropriate data gove...
Seiner dataversity - rwdg 2017-09 - how to select the appropriate data gove...Seiner dataversity - rwdg 2017-09 - how to select the appropriate data gove...
Seiner dataversity - rwdg 2017-09 - how to select the appropriate data gove...DATAVERSITY
 
Navigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance GuidelinesNavigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance GuidelinesDATAVERSITY
 
CDO - Chief Data Officer Momentum and Trends
CDO - Chief Data Officer Momentum and TrendsCDO - Chief Data Officer Momentum and Trends
CDO - Chief Data Officer Momentum and TrendsJeffrey T. Pollock
 
The Chief Data Officer's Agenda: The Need for Information Governance Controls
The Chief Data Officer's Agenda: The Need for Information Governance ControlsThe Chief Data Officer's Agenda: The Need for Information Governance Controls
The Chief Data Officer's Agenda: The Need for Information Governance ControlsDATAVERSITY
 
The Chief Data Officer Agenda: Metrics for Information and Data Management
The Chief Data Officer Agenda: Metrics for Information and Data ManagementThe Chief Data Officer Agenda: Metrics for Information and Data Management
The Chief Data Officer Agenda: Metrics for Information and Data ManagementDATAVERSITY
 
Talking to your CEO about the Chief Data Officer Role
Talking to your CEO about the Chief Data Officer Role Talking to your CEO about the Chief Data Officer Role
Talking to your CEO about the Chief Data Officer Role Craig Milroy
 
ADV Slides: Data Curation for Artificial Intelligence Strategies
ADV Slides: Data Curation for Artificial Intelligence StrategiesADV Slides: Data Curation for Artificial Intelligence Strategies
ADV Slides: Data Curation for Artificial Intelligence StrategiesDATAVERSITY
 
Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110
Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110
Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110Abed Ajraou
 
Practical steps to GDPR compliance
Practical steps to GDPR compliance Practical steps to GDPR compliance
Practical steps to GDPR compliance Jean-Michel Franco
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...TrustArc
 
Metadata Governance for Vocabularies, Dictionaries, and Data
Metadata Governance for Vocabularies, Dictionaries, and DataMetadata Governance for Vocabularies, Dictionaries, and Data
Metadata Governance for Vocabularies, Dictionaries, and DataDATAVERSITY
 
Delivering data governance with a Yes
Delivering data governance with a YesDelivering data governance with a Yes
Delivering data governance with a YesJean-Michel Franco
 
Why You Need to Govern Big Data
Why You Need to Govern Big DataWhy You Need to Govern Big Data
Why You Need to Govern Big DataIBM Analytics
 
DM Radio Webinar: Adopting a Streaming-Enabled Architecture
DM Radio Webinar: Adopting a Streaming-Enabled ArchitectureDM Radio Webinar: Adopting a Streaming-Enabled Architecture
DM Radio Webinar: Adopting a Streaming-Enabled ArchitectureDATAVERSITY
 
Using Machine Learning to Understand and Predict Marketing ROI
Using Machine Learning to Understand and Predict Marketing ROIUsing Machine Learning to Understand and Predict Marketing ROI
Using Machine Learning to Understand and Predict Marketing ROIDATAVERSITY
 
Data Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data IntelligenceData Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data IntelligenceAlation
 
The Disappearing Data Scientist
The Disappearing Data ScientistThe Disappearing Data Scientist
The Disappearing Data ScientistDATAVERSITY
 
Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Jean-Michel Franco
 
How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success
How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success
How to Become a Chief Data Officer - The 5 Golden Rules to Achieve SuccessMario Faria
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID Inc
 
Does your organization need a Chief Data Officer (CDO) ?
Does your organization need a Chief Data Officer (CDO) ?Does your organization need a Chief Data Officer (CDO) ?
Does your organization need a Chief Data Officer (CDO) ?Mario Faria
 
Battle the Dark Side of Data Governance
Battle the Dark Side of Data GovernanceBattle the Dark Side of Data Governance
Battle the Dark Side of Data GovernanceDATAVERSITY
 
Data Architecture - The Foundation for Enterprise Architecture and Governance
Data Architecture - The Foundation for Enterprise Architecture and GovernanceData Architecture - The Foundation for Enterprise Architecture and Governance
Data Architecture - The Foundation for Enterprise Architecture and GovernanceDATAVERSITY
 

More Related Content

What's hot

Navigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance GuidelinesNavigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance GuidelinesDATAVERSITY
 
CDO - Chief Data Officer Momentum and Trends
CDO - Chief Data Officer Momentum and TrendsCDO - Chief Data Officer Momentum and Trends
CDO - Chief Data Officer Momentum and TrendsJeffrey T. Pollock
 
The Chief Data Officer's Agenda: The Need for Information Governance Controls
The Chief Data Officer's Agenda: The Need for Information Governance ControlsThe Chief Data Officer's Agenda: The Need for Information Governance Controls
The Chief Data Officer's Agenda: The Need for Information Governance ControlsDATAVERSITY
 
The Chief Data Officer Agenda: Metrics for Information and Data Management
The Chief Data Officer Agenda: Metrics for Information and Data ManagementThe Chief Data Officer Agenda: Metrics for Information and Data Management
The Chief Data Officer Agenda: Metrics for Information and Data ManagementDATAVERSITY
 
Talking to your CEO about the Chief Data Officer Role
Talking to your CEO about the Chief Data Officer Role Talking to your CEO about the Chief Data Officer Role
Talking to your CEO about the Chief Data Officer Role Craig Milroy
 
ADV Slides: Data Curation for Artificial Intelligence Strategies
ADV Slides: Data Curation for Artificial Intelligence StrategiesADV Slides: Data Curation for Artificial Intelligence Strategies
ADV Slides: Data Curation for Artificial Intelligence StrategiesDATAVERSITY
 
Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110
Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110
Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110Abed Ajraou
 
Practical steps to GDPR compliance
Practical steps to GDPR compliance Practical steps to GDPR compliance
Practical steps to GDPR compliance Jean-Michel Franco
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...TrustArc
 
Metadata Governance for Vocabularies, Dictionaries, and Data
Metadata Governance for Vocabularies, Dictionaries, and DataMetadata Governance for Vocabularies, Dictionaries, and Data
Metadata Governance for Vocabularies, Dictionaries, and DataDATAVERSITY
 
Delivering data governance with a Yes
Delivering data governance with a YesDelivering data governance with a Yes
Delivering data governance with a YesJean-Michel Franco
 
Why You Need to Govern Big Data
Why You Need to Govern Big DataWhy You Need to Govern Big Data
Why You Need to Govern Big DataIBM Analytics
 
DM Radio Webinar: Adopting a Streaming-Enabled Architecture
DM Radio Webinar: Adopting a Streaming-Enabled ArchitectureDM Radio Webinar: Adopting a Streaming-Enabled Architecture
DM Radio Webinar: Adopting a Streaming-Enabled ArchitectureDATAVERSITY
 
Using Machine Learning to Understand and Predict Marketing ROI
Using Machine Learning to Understand and Predict Marketing ROIUsing Machine Learning to Understand and Predict Marketing ROI
Using Machine Learning to Understand and Predict Marketing ROIDATAVERSITY
 
Data Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data IntelligenceData Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data IntelligenceAlation
 
The Disappearing Data Scientist
The Disappearing Data ScientistThe Disappearing Data Scientist
The Disappearing Data ScientistDATAVERSITY
 
Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Jean-Michel Franco
 
How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success
How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success
How to Become a Chief Data Officer - The 5 Golden Rules to Achieve SuccessMario Faria
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID Inc
 
Does your organization need a Chief Data Officer (CDO) ?
Does your organization need a Chief Data Officer (CDO) ?Does your organization need a Chief Data Officer (CDO) ?
Does your organization need a Chief Data Officer (CDO) ?Mario Faria
 

What's hot (20)

Navigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance GuidelinesNavigating the Complex World of Compliance Guidelines
Navigating the Complex World of Compliance Guidelines
 
CDO - Chief Data Officer Momentum and Trends
CDO - Chief Data Officer Momentum and TrendsCDO - Chief Data Officer Momentum and Trends
CDO - Chief Data Officer Momentum and Trends
 
The Chief Data Officer's Agenda: The Need for Information Governance Controls
The Chief Data Officer's Agenda: The Need for Information Governance ControlsThe Chief Data Officer's Agenda: The Need for Information Governance Controls
The Chief Data Officer's Agenda: The Need for Information Governance Controls
 
The Chief Data Officer Agenda: Metrics for Information and Data Management
The Chief Data Officer Agenda: Metrics for Information and Data ManagementThe Chief Data Officer Agenda: Metrics for Information and Data Management
The Chief Data Officer Agenda: Metrics for Information and Data Management
 
Talking to your CEO about the Chief Data Officer Role
Talking to your CEO about the Chief Data Officer Role Talking to your CEO about the Chief Data Officer Role
Talking to your CEO about the Chief Data Officer Role
 
ADV Slides: Data Curation for Artificial Intelligence Strategies
ADV Slides: Data Curation for Artificial Intelligence StrategiesADV Slides: Data Curation for Artificial Intelligence Strategies
ADV Slides: Data Curation for Artificial Intelligence Strategies
 
Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110
Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110
Chief Data Officer Challenges - Be Data Driven - Deloitte conference - 20161110
 
Practical steps to GDPR compliance
Practical steps to GDPR compliance Practical steps to GDPR compliance
Practical steps to GDPR compliance
 
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
Managing Multiple Compliance Priorities - GDPR, CCPA, HIPAA, APEC, ISO 27001,...
 
Metadata Governance for Vocabularies, Dictionaries, and Data
Metadata Governance for Vocabularies, Dictionaries, and DataMetadata Governance for Vocabularies, Dictionaries, and Data
Metadata Governance for Vocabularies, Dictionaries, and Data
 
Delivering data governance with a Yes
Delivering data governance with a YesDelivering data governance with a Yes
Delivering data governance with a Yes
 
Why You Need to Govern Big Data
Why You Need to Govern Big DataWhy You Need to Govern Big Data
Why You Need to Govern Big Data
 
DM Radio Webinar: Adopting a Streaming-Enabled Architecture
DM Radio Webinar: Adopting a Streaming-Enabled ArchitectureDM Radio Webinar: Adopting a Streaming-Enabled Architecture
DM Radio Webinar: Adopting a Streaming-Enabled Architecture
 
Using Machine Learning to Understand and Predict Marketing ROI
Using Machine Learning to Understand and Predict Marketing ROIUsing Machine Learning to Understand and Predict Marketing ROI
Using Machine Learning to Understand and Predict Marketing ROI
 
Data Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data IntelligenceData Catalog as the Platform for Data Intelligence
Data Catalog as the Platform for Data Intelligence
 
The Disappearing Data Scientist
The Disappearing Data ScientistThe Disappearing Data Scientist
The Disappearing Data Scientist
 
Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)Are Your Data Ready for GDPR? (with MAPR and Talend)
Are Your Data Ready for GDPR? (with MAPR and Talend)
 
How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success
How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success
How to Become a Chief Data Officer - The 5 Golden Rules to Achieve Success
 
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with ITBigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
BigID, OneTrust, IAPP Webinar: Bridging the Privacy Office with IT
 
Does your organization need a Chief Data Officer (CDO) ?
Does your organization need a Chief Data Officer (CDO) ?Does your organization need a Chief Data Officer (CDO) ?
Does your organization need a Chief Data Officer (CDO) ?
 

Similar to Mapping Business Processes to Compliance Procedures

Battle the Dark Side of Data Governance
Battle the Dark Side of Data GovernanceBattle the Dark Side of Data Governance
Battle the Dark Side of Data GovernanceDATAVERSITY
 
Data Architecture - The Foundation for Enterprise Architecture and Governance
Data Architecture - The Foundation for Enterprise Architecture and GovernanceData Architecture - The Foundation for Enterprise Architecture and Governance
Data Architecture - The Foundation for Enterprise Architecture and GovernanceDATAVERSITY
 
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Software
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceIDERA Software
 
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Enterprise Management Associates
 
Geek Sync | Modeling Data Governance
Geek Sync | Modeling Data GovernanceGeek Sync | Modeling Data Governance
Geek Sync | Modeling Data GovernanceIDERA Software
 
Strategic imperative the enterprise data model
Strategic imperative the enterprise data modelStrategic imperative the enterprise data model
Strategic imperative the enterprise data modelDATAVERSITY
 
Proactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionProactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionMike Wons
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallSplunk
 
GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?DATUM LLC
 
2019 08-21 Automating Privacy Management
2019 08-21 Automating Privacy Management2019 08-21 Automating Privacy Management
2019 08-21 Automating Privacy ManagementTrustArc
 
Why Your Data Management Strategy Isn't Working (and How to Fix It)
Why Your Data Management Strategy Isn't Working (and How to Fix It)Why Your Data Management Strategy Isn't Working (and How to Fix It)
Why Your Data Management Strategy Isn't Working (and How to Fix It)DATAVERSITY
 
Business Value Metrics for Data Governance
Business Value Metrics for Data GovernanceBusiness Value Metrics for Data Governance
Business Value Metrics for Data GovernanceDATAVERSITY
 
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]TrustArc
 
The future of FinTech product using pervasive Machine Learning automation - A...
The future of FinTech product using pervasive Machine Learning automation - A...The future of FinTech product using pervasive Machine Learning automation - A...
The future of FinTech product using pervasive Machine Learning automation - A...Shift Conference
 
Getting Started with Data Governance? Use Process Models!
Getting Started with Data Governance? Use Process Models!Getting Started with Data Governance? Use Process Models!
Getting Started with Data Governance? Use Process Models!DATAVERSITY
 
Designing a Successful Governed Citizen Data Science Strategy
Designing a Successful Governed Citizen Data Science StrategyDesigning a Successful Governed Citizen Data Science Strategy
Designing a Successful Governed Citizen Data Science StrategyDATAVERSITY
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...ForgeRock
 
Data Natives meets DataRobot | "Build and deploy an anti-money laundering mo...
Data Natives meets DataRobot | "Build and deploy an anti-money laundering mo...Data Natives meets DataRobot | "Build and deploy an anti-money laundering mo...
Data Natives meets DataRobot | "Build and deploy an anti-money laundering mo...Dataconomy Media
 

Similar to Mapping Business Processes to Compliance Procedures (20)

Battle the Dark Side of Data Governance
Battle the Dark Side of Data GovernanceBattle the Dark Side of Data Governance
Battle the Dark Side of Data Governance
 
Data Architecture - The Foundation for Enterprise Architecture and Governance
Data Architecture - The Foundation for Enterprise Architecture and GovernanceData Architecture - The Foundation for Enterprise Architecture and Governance
Data Architecture - The Foundation for Enterprise Architecture and Governance
 
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Pre...
 
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and GovernanceGeek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
Geek Sync | Tackling Key GDPR Challenges with Data Modeling and Governance
 
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
 
Geek Sync | Modeling Data Governance
Geek Sync | Modeling Data GovernanceGeek Sync | Modeling Data Governance
Geek Sync | Modeling Data Governance
 
GDPR 101
GDPR 101GDPR 101
GDPR 101
 
Strategic imperative the enterprise data model
Strategic imperative the enterprise data modelStrategic imperative the enterprise data model
Strategic imperative the enterprise data model
 
Proactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionProactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital Disruption
 
GDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your DownfallGDPR Complaince: Don't Let SIEM BE Your Downfall
GDPR Complaince: Don't Let SIEM BE Your Downfall
 
GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?GDPR: Is Your Organization Ready for the General Data Protection Regulation?
GDPR: Is Your Organization Ready for the General Data Protection Regulation?
 
2019 08-21 Automating Privacy Management
2019 08-21 Automating Privacy Management2019 08-21 Automating Privacy Management
2019 08-21 Automating Privacy Management
 
Why Your Data Management Strategy Isn't Working (and How to Fix It)
Why Your Data Management Strategy Isn't Working (and How to Fix It)Why Your Data Management Strategy Isn't Working (and How to Fix It)
Why Your Data Management Strategy Isn't Working (and How to Fix It)
 
Business Value Metrics for Data Governance
Business Value Metrics for Data GovernanceBusiness Value Metrics for Data Governance
Business Value Metrics for Data Governance
 
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
 
The future of FinTech product using pervasive Machine Learning automation - A...
The future of FinTech product using pervasive Machine Learning automation - A...The future of FinTech product using pervasive Machine Learning automation - A...
The future of FinTech product using pervasive Machine Learning automation - A...
 
Getting Started with Data Governance? Use Process Models!
Getting Started with Data Governance? Use Process Models!Getting Started with Data Governance? Use Process Models!
Getting Started with Data Governance? Use Process Models!
 
Designing a Successful Governed Citizen Data Science Strategy
Designing a Successful Governed Citizen Data Science StrategyDesigning a Successful Governed Citizen Data Science Strategy
Designing a Successful Governed Citizen Data Science Strategy
 
Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...Shift from GDPR readiness to sustained compliance to improve your business an...
Shift from GDPR readiness to sustained compliance to improve your business an...
 
Data Natives meets DataRobot | "Build and deploy an anti-money laundering mo...
Data Natives meets DataRobot | "Build and deploy an anti-money laundering mo...Data Natives meets DataRobot | "Build and deploy an anti-money laundering mo...
Data Natives meets DataRobot | "Build and deploy an anti-money laundering mo...
 

More from DATAVERSITY

Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...DATAVERSITY
 
Data at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and GovernanceData at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and GovernanceDATAVERSITY
 
Exploring Levels of Data Literacy
Exploring Levels of Data LiteracyExploring Levels of Data Literacy
Exploring Levels of Data LiteracyDATAVERSITY
 
Building a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsBuilding a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsDATAVERSITY
 
Make Data Work for You
Make Data Work for YouMake Data Work for You
Make Data Work for YouDATAVERSITY
 
Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?DATAVERSITY
 
Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?DATAVERSITY
 
Data Modeling Fundamentals
Data Modeling FundamentalsData Modeling Fundamentals
Data Modeling FundamentalsDATAVERSITY
 
Showing ROI for Your Analytic Project
Showing ROI for Your Analytic ProjectShowing ROI for Your Analytic Project
Showing ROI for Your Analytic ProjectDATAVERSITY
 
How a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleHow a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleDATAVERSITY
 
Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?DATAVERSITY
 
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...DATAVERSITY
 
Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?DATAVERSITY
 
Data Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and ForwardsData Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and ForwardsDATAVERSITY
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayDATAVERSITY
 
2023 Trends in Enterprise Analytics
2023 Trends in Enterprise Analytics2023 Trends in Enterprise Analytics
2023 Trends in Enterprise AnalyticsDATAVERSITY
 
Data Strategy Best Practices
Data Strategy Best PracticesData Strategy Best Practices
Data Strategy Best PracticesDATAVERSITY
 
Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?DATAVERSITY
 
Data Management Best Practices
Data Management Best PracticesData Management Best Practices
Data Management Best PracticesDATAVERSITY
 
MLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive AdvantageMLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive AdvantageDATAVERSITY
 

More from DATAVERSITY (20)

Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
Architecture, Products, and Total Cost of Ownership of the Leading Machine Le...
 
Data at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and GovernanceData at the Speed of Business with Data Mastering and Governance
Data at the Speed of Business with Data Mastering and Governance
 
Exploring Levels of Data Literacy
Exploring Levels of Data LiteracyExploring Levels of Data Literacy
Exploring Levels of Data Literacy
 
Building a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business GoalsBuilding a Data Strategy – Practical Steps for Aligning with Business Goals
Building a Data Strategy – Practical Steps for Aligning with Business Goals
 
Make Data Work for You
Make Data Work for YouMake Data Work for You
Make Data Work for You
 
Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?Data Catalogs Are the Answer – What is the Question?
Data Catalogs Are the Answer – What is the Question?
 
Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?Data Catalogs Are the Answer – What Is the Question?
Data Catalogs Are the Answer – What Is the Question?
 
Data Modeling Fundamentals
Data Modeling FundamentalsData Modeling Fundamentals
Data Modeling Fundamentals
 
Showing ROI for Your Analytic Project
Showing ROI for Your Analytic ProjectShowing ROI for Your Analytic Project
Showing ROI for Your Analytic Project
 
How a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at ScaleHow a Semantic Layer Makes Data Mesh Work at Scale
How a Semantic Layer Makes Data Mesh Work at Scale
 
Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?Is Enterprise Data Literacy Possible?
Is Enterprise Data Literacy Possible?
 
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
The Data Trifecta – Privacy, Security & Governance Race from Reactivity to Re...
 
Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?Emerging Trends in Data Architecture – What’s the Next Big Thing?
Emerging Trends in Data Architecture – What’s the Next Big Thing?
 
Data Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and ForwardsData Governance Trends - A Look Backwards and Forwards
Data Governance Trends - A Look Backwards and Forwards
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement Today
 
2023 Trends in Enterprise Analytics
2023 Trends in Enterprise Analytics2023 Trends in Enterprise Analytics
2023 Trends in Enterprise Analytics
 
Data Strategy Best Practices
Data Strategy Best PracticesData Strategy Best Practices
Data Strategy Best Practices
 
Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?Who Should Own Data Governance – IT or Business?
Who Should Own Data Governance – IT or Business?
 
Data Management Best Practices
Data Management Best PracticesData Management Best Practices
Data Management Best Practices
 
MLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive AdvantageMLOps – Applying DevOps to Competitive Advantage
MLOps – Applying DevOps to Competitive Advantage
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Mapping Business Processes to Compliance Procedures

  • 1. © 2018 IDERA, Inc. All rights reserved. BUSINESS PROCESSES TO COMPLIANCE PROCEDURES Presented by Kim Brushaber, Senior Product Manager, IDERA
  • 2. “ © 2018 IDERA, Inc. All rights reserved. A jury consists of twelve persons chosen to decide who has the better lawyer. - Robert Frost
  • 3. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. BUSINESS JARGON VS TECHNICAL JARGON 3
  • 4. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. JARGON – BUSINESS VS TECHNICAL VS LEGAL BUSINESS JARGON TECHNICAL JARGON LEGAL JARGON
  • 5. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. OBJECTIVES FOR EACH GROUP BUSINESS GROUP ▪ Reporting to Stakeholders ▪ Assessing ROI of releases ▪ Identifying PII Data ▪ Defining Business Processes TECHNICAL GROUP ▪ Software implementations ▪ Database Security ▪ Encryption ▪ Data Masking LEGAL GROUP ▪ Liability ▪ Addressing regulation concerns ▪ Legal bases covered ▪ Data Protection Policies
  • 6. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. OBJECTIVES FOR EACH GROUP BUSINESS GROUP TECHNICAL GROUP LEGAL GROUP
  • 7. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. GETTING THE TEAMS TO WORK TOGETHER
  • 8. “ © 2018 IDERA, Inc. All rights reserved. A lawyer is a person who writes a 10,000 word document and calls it a brief. – Franz Kafka
  • 9. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. WHY ARE LEGAL TEAMS GETTING MORE INVOLVED?
  • 10. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. PRIMARY AREAS OF FOCUS FOR GENERAL COUNSEL When asked what are the primary areas of focus for the coming 12 months (selecting all that apply): ▪ 59% - Data privacy and security matters ▪ 49% - Employee compliance training ▪ 40% - Third-party oversight and management ▪ 36% - Changes in regulatory matters ▪ 34% - Bribery and corruption ▪ 19% - Internal investigations https://consero.com/august-2017-corporate-compliance-ethics-report/
  • 11. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. REGULATORY GUIDELINES (NOT ALL INCLUSIVE) ▪ Basel I, II and III (Banking) ▪ CGMP (Goods Manufacturing) ▪ CIS (Security) ▪ DISA/STIG (Security) ▪ FERPA (Family Rights) ▪ FISMA (Federal Agencies) ▪ GLBA (Finance) ▪ GDPR (Data Protection – EU) ▪ HIPAA (Healthcare) ▪ ISO (Security) ▪ NERC CIP (Electricity) ▪ PIPEDA (Data Protection – Canada) ▪ PCI DSS (Payment Cards) ▪ SOX (Accounting and Finance) 11
  • 12. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. GUIDELINES MAY ASK YOU TO: ▪ Be transparent in how data is processed ▪ Collect only the information that is necessary ▪ Keep data accurate and up to date ▪ Keep data for a set amount of time ▪ Process information with adequate security measures in place ▪ Log, audit and monitor your operations and processing systems ▪ Detect and report on data breaches in a timely manner 12
  • 13. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. GDPR AND THE DATA PROTECTION OFFICER (DPO) GDPR Article 39 states that the DPO’s responsibilities include (but are not limited to): ▪ Educating the company and employees on compliance requirements ▪ Training staff who are involved in data processing ▪ Conducting audits to ensure compliance and address any issues ▪ Liaison between the company and the GDPR Supervising Authority ▪ Monitoring the impact of data protection efforts ▪ Maintaining comprehensive records on all data processing activities ▪ Interfacing with users to inform them how their data is being used ▪ Creating and updating documentation on data protection policies ▪ Consulting on how to deal with privacy breaches
  • 14. “ © 2018 IDERA, Inc. All rights reserved. 28K Data Protection Officers (DPOs) will be needed in the US and EU with as many as 75K needed around the Globe due to GDPR. (https://www.reuters.com/article/us-cyber-gdpr-dpo/rise-of-the-data-protection-officer-the-hottest-tech- ticket-in-town-idUSKCN1FY1MY)
  • 15. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA SECURITY EXECUTIVE PERSPECTIVE ▪ 90% of CIOs admit to wasting millions on inadequate cybersecurity ▪ 90% of CIOs have already been attacked or expect to be attacked by bad guys hiding in their encryption ▪ 87% of CIOs believe their security controls are failing to protect their businesses ▪ 85% of CIOs expect criminal misuse of keys and certificates to get worse https://www.venafi.com/assets/pdf/wp/Venafie_2016CIO_SurveyReport.pdf
  • 16. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. US DATA BREACHES IN 2017 https://www.idtheftcenter.org/images/breach/2017Breaches/2017AnnualDataBreachYearEndReview.pdf Category # of Breaches % of Breaches # of Records % of Records Banking/Credit/Financial 134 8.5% 3,122,090 1.7% Business 870 55.1% 163,449,242 91.3% Educational 127 8.0% 1,418,258 .8% Government/Military 74 4.7% 5,903,448 3.3% Medical/Healthcare 374 23.7% 5,062,031 2.8% Total for all Categories 1579 100% 178,955,069 100%
  • 17. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. US DATA BREACHES IN 2018 AS OF 8/22/18 https://www.idtheftcenter.org/wp-content/uploads/2018/08/ITRC-Breach-Stats-Report-YTD-Summary-2018-7J.pdf Category # of Breaches % of Breaches # of Records % of Records Banking/Credit/Financial 96 12.2% 1,706,080 6.2% Business 361 45.8% 18,069,311 66.1% Educational 56 7.1% 787,868 2.9% Government/Military 63 8% 1,641,479 6% Medical/Healthcare 213 27% 5,113,765 18.7% Total for all Categories 789 100% 27,318,503 100%
  • 18. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA BREACH LITIGATION ▪ Lawsuits are filed almost instantaneously upon announcement of a breach ▪ Legal defense costs between $500K and $1M are typical ▪ Regulatory fees and judgments can be extensive • Target paid $18.5M after a 2013 breach affecting 41M customers ▪ Legal defense works to determine the perceived “injury” and standard of harm of those affected by the breach (which still varies wildly) • Who was affected and what data was breached? ▪ Legal defense works on second level issues – class certification, causation, proof of damages
  • 19. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA IN A “LEGAL HOLD” OR “LITIGATION HOLD” ▪ Initiate a legal hold ASAP instructing stakeholders, key employees and data stewards not to delete or alter their data ▪ Interview data team to understand what data needs to be retained ▪ Interview data team to understand the events under investigation ▪ Make sure that relevant data is preserved (either left in place or archived) ▪ Confirm that processes will not interfere with the preserved data ▪ Create a process to handle the responsibilities of the hold (preparing information for the legal teams and managing the process) ▪ Tracking the hold through the process and releasing it upon completion
  • 20. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. INTERNAL INVESTIGATIONS INVOLVING DATA Amazon is currently investigating claims of employees leaking data for bribes • Providing internal sales metrics • Delivering reviewers’ email addresses • Deleting negative reviews • Restoring banned accounts https://www.cnbc.com/2018/09/17/amazon-investigating-claims-of-employees-leaking-data-for-bribes.html
  • 21. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. LEGAL TEAMS NEED TO KNOW ▪ What processes affect data (especially PII data)? ▪ Which systems interact with the data? ▪ What happens to the data out of the company domain? ▪ Who has access to the data? ▪ What are the security policies and protocols? ▪ Are the processes being followed/audited? ▪ In the case of a “legal hold” what information is relevant? ▪ How do you track users accessing/modifying data they shouldn’t be?
  • 22. “ © 2018 IDERA, Inc. All rights reserved. People are getting smarter nowadays; they are letting lawyers, instead of their conscience, be their guide. - Will Rogers
  • 23. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. HOW CAN YOU START TO ENGAGE YOUR LEGAL TEAM?
  • 24. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA IN PICTURES Business Technical Legal
  • 25. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. PICTURES AREN’T JUST WORTH 1000 WORDS ▪ They enhance the story ▪ They communicate a vision ▪ They can be language/jargon agnostic ▪ They clarify the points you are trying to make ▪ They bring everyone onto the same page So why not use pictures instead of words when describing a business? 25
  • 26. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. BUSINESS PROCESS DIAGRAMS ▪ Business Process Diagrams allow you to tell the story in a language that all 3 can understand ▪ Once you have started documenting a process, it’s easy to discuss all of the aspects relating to that item ▪ Each group will see different gaps and holes in the process ▪ Processes can easily be refined to incorporate new input ▪ Processes can be used to educate others in the company ▪ Processes can be used to train new people when they join
  • 27. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. SIMPLE ORDER PROCESS * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 28. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. BUSINESS APPLICATIONS * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 29. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. BUSINESS ELEMENTS * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 30. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. TECHNICAL DETAILS * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 31. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. LEGAL CONSIDERATIONS * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 32. “ © 2018 IDERA, Inc. All rights reserved. Lawyers are seldom loved but often needed. - Robert McKay
  • 33. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. EXAMPLES OF BUSINESS PROCESS MODELS FOR EVERYONE
  • 34. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DETERMINE WHEN DATA SHOULD BE AVAILABLE * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 35. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. WHO HAS ACCESS TO THE DATA? * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 36. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. HOW DATA IS ARCHIVED 36 * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 37. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. HANDLING PII DATA * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 38. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. ESTABLISHING SECURITY PROTOCOLS * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 39. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA PROTECTION 39 * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 40. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. HOW TO RESPOND TO A BREACH * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 41. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA BREACH NOTIFICATION * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 42. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. DATA COMPLIANCE 42 * Business Process Diagram created using IDERA ER/Studio Business Architect
  • 43. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. IN CONCLUSION ▪ Different parts of the organization need to work together like never before ▪ Data Protection Officers are mandatory for those adhering to GDPR ▪ Regulations, Data Breaches and Litigation Holds require the legal team to have more active participation with data and how it is processed ▪ As companies continue to acquire more data, the need will not diminish ▪ Business Processes are the pictures that bring everyone (business, technical, and legal) into alignment
  • 44. © 2016 IDERA, Inc. All rights reserved. Proprietary and confidential.© 2018 IDERA, Inc. All rights reserved. THANKS! Any questions? You can find me on Twitter via: Kim Brushaber @Brushaber_IDERA 44