SlideShare a Scribd company logo

Gdpr and compliance framework

Download as PPTX, PDF
G
Goher Mohammad

Some ideas on structuring Jira Issue type to manage GSPR and IT Compliance

Technology
1 of 3
GDPR Mapping framework built into security mapping (being refined) IT System VULN RISK Security Control Data Journey Data Touches Has VULN Has RISK Risk Reduced By Data Source Threat Model Security Goal meets Business Goal Helps meet Project Mitigates Has RISK Used in identifies
Proposed Policy Relationship Schema in Jira ISO27001* Policy RISK Vuln GDPR* mitigates PCI* Brand GRC* IT System Brand GRC* Brand GRC* Brand GRC* Ismitigatedby Compliancemetby Compliesto Group GRC* Has policy Policy covers Covers Is covered by Policy issuetype links via hyperlink to G-Drive policy repository as single ‘source of truth’. Confluence also linked via hyperlink to G-Drive for policies for consistency * Issuetypes to be yet created.
Proposed Policy Relationship Schema in Jira v2 ISO27001* Policy RISK Vuln GDPR* mitigates PCI* IT System Is mitigated by Compliance met by Complies to Policy issuetype links via hyperlink to G-Drive policy repository as single ‘source of truth’. Confluence also linked via hyperlink to G-Drive for policies for consistency * Issuetypes to be yet created. Security Control Meets Is met by Security Goal Meets Is met by

Recommended

New security solutions for next generation of IT
New security solutions for next generation of ITNew security solutions for next generation of IT
New security solutions for next generation of ITDATA SECURITY SOLUTIONS
 
Fisma compliance solutions @ cdg.io
Fisma compliance solutions @ cdg.ioFisma compliance solutions @ cdg.io
Fisma compliance solutions @ cdg.ioCyberGroup
 
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...Cloud Security Alliance Lviv Chapter
 
June 2016 EMEA Netskope Cloud Report
June 2016 EMEA Netskope Cloud Report June 2016 EMEA Netskope Cloud Report
June 2016 EMEA Netskope Cloud Report Netskope
 
How to incorporate data classification capabilities within your application
How to incorporate data classification capabilities within your applicationHow to incorporate data classification capabilities within your application
How to incorporate data classification capabilities within your applicationMicrosoft Tech Community
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsYusuf Hadiwinata Sutandar
 
Software Supply Chain Observability with Grafeas and Kritis
Software Supply Chain Observability with Grafeas and KritisSoftware Supply Chain Observability with Grafeas and Kritis
Software Supply Chain Observability with Grafeas and KritisAysylu Greenberg
 
Shift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXShift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXNGINX, Inc.
 

Recommended

New security solutions for next generation of IT
New security solutions for next generation of ITNew security solutions for next generation of IT
New security solutions for next generation of ITDATA SECURITY SOLUTIONS
 
Fisma compliance solutions @ cdg.io
Fisma compliance solutions @ cdg.ioFisma compliance solutions @ cdg.io
Fisma compliance solutions @ cdg.ioCyberGroup
 
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...Cloud Security Alliance Lviv Chapter
 
June 2016 EMEA Netskope Cloud Report
June 2016 EMEA Netskope Cloud Report June 2016 EMEA Netskope Cloud Report
June 2016 EMEA Netskope Cloud Report Netskope
 
How to incorporate data classification capabilities within your application
How to incorporate data classification capabilities within your applicationHow to incorporate data classification capabilities within your application
How to incorporate data classification capabilities within your applicationMicrosoft Tech Community
 
Biznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsBiznet GIO National Seminar on Digital Forensics
Biznet GIO National Seminar on Digital ForensicsYusuf Hadiwinata Sutandar
 
Software Supply Chain Observability with Grafeas and Kritis
Software Supply Chain Observability with Grafeas and KritisSoftware Supply Chain Observability with Grafeas and Kritis
Software Supply Chain Observability with Grafeas and KritisAysylu Greenberg
 
Shift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXShift Left for More Secure Apps with F5 NGINX
Shift Left for More Secure Apps with F5 NGINXNGINX, Inc.
 
Security in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualSecurity in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualVMware Tanzu
 
Network Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisitedNetwork Automation Forum
 
Engineering Continuous Security and Compliance
Engineering Continuous Security and ComplianceEngineering Continuous Security and Compliance
Engineering Continuous Security and ComplianceQAware GmbH
 
Cloud control fitness - GRC202 - AWS re:Inforce 2019
Cloud control fitness - GRC202 - AWS re:Inforce 2019 Cloud control fitness - GRC202 - AWS re:Inforce 2019
Cloud control fitness - GRC202 - AWS re:Inforce 2019 Amazon Web Services
 
Building Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWSBuilding Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWSBoyan Dimitrov
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...PaaSword EU Project
 
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdf
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdfCNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdf
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdfLibbySchulze
 
BigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Inc
 
BigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingBigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingDimitri Sirota
 
Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Bitglass
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402
Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402
Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402vrij
 
Open Source Compliance Toolchain - A Proposal
Open Source Compliance Toolchain - A ProposalOpen Source Compliance Toolchain - A Proposal
Open Source Compliance Toolchain - A ProposalShane Coughlan
 
AEM DataLayer IMMERSE 2017 Presentation by Dan Klco
AEM DataLayer IMMERSE 2017 Presentation by Dan KlcoAEM DataLayer IMMERSE 2017 Presentation by Dan Klco
AEM DataLayer IMMERSE 2017 Presentation by Dan KlcoDaniel Klco
 
DLP
DLPDLP
DLPsaurabh.sood
 
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...Vignesh Ganesan I Microsoft MVP
 
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docxgerardkortney
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information securityElkanouni Mohamed
 
Importance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesImportance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesSEEBURGER
 
Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...
Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...
Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...Puppet
 
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....rightmanforbloodline
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 

More Related Content

Similar to Gdpr and compliance framework

Security in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualSecurity in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualVMware Tanzu
 
Network Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisitedNetwork Automation Forum
 
Engineering Continuous Security and Compliance
Engineering Continuous Security and ComplianceEngineering Continuous Security and Compliance
Engineering Continuous Security and ComplianceQAware GmbH
 
Cloud control fitness - GRC202 - AWS re:Inforce 2019
Cloud control fitness - GRC202 - AWS re:Inforce 2019 Cloud control fitness - GRC202 - AWS re:Inforce 2019
Cloud control fitness - GRC202 - AWS re:Inforce 2019 Amazon Web Services
 
Building Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWSBuilding Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWSBoyan Dimitrov
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...PaaSword EU Project
 
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdf
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdfCNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdf
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdfLibbySchulze
 
BigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Inc
 
BigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingBigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingDimitri Sirota
 
Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Bitglass
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402
Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402
Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402vrij
 
Open Source Compliance Toolchain - A Proposal
Open Source Compliance Toolchain - A ProposalOpen Source Compliance Toolchain - A Proposal
Open Source Compliance Toolchain - A ProposalShane Coughlan
 
AEM DataLayer IMMERSE 2017 Presentation by Dan Klco
AEM DataLayer IMMERSE 2017 Presentation by Dan KlcoAEM DataLayer IMMERSE 2017 Presentation by Dan Klco
AEM DataLayer IMMERSE 2017 Presentation by Dan KlcoDaniel Klco
 
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...Vignesh Ganesan I Microsoft MVP
 
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docxgerardkortney
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information securityElkanouni Mohamed
 
Importance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesImportance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesSEEBURGER
 
Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...
Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...
Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...Puppet
 

Similar to Gdpr and compliance framework (20)

Security in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualSecurity in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty Mutual
 
Network Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisitedNetwork Source of Truth and Infrastructure as Code revisited
Network Source of Truth and Infrastructure as Code revisited
 
Engineering Continuous Security and Compliance
Engineering Continuous Security and ComplianceEngineering Continuous Security and Compliance
Engineering Continuous Security and Compliance
 
Cloud control fitness - GRC202 - AWS re:Inforce 2019
Cloud control fitness - GRC202 - AWS re:Inforce 2019 Cloud control fitness - GRC202 - AWS re:Inforce 2019
Cloud control fitness - GRC202 - AWS re:Inforce 2019
 
Building Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWSBuilding Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWS
 
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
Towards Efficient and Secure Data Storage in Multi-Tenant Cloud-Based CRM Sol...
 
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdf
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdfCNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdf
CNCF Online - Data Protection Guardrails using Open Policy Agent (OPA).pdf
 
BigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and TaggingBigID Data Sheet: Smart Data Labeling and Tagging
BigID Data Sheet: Smart Data Labeling and Tagging
 
BigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and TaggingBigID's Smart Data Labeling and Tagging
BigID's Smart Data Labeling and Tagging
 
Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402
Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402
Gridforum Pierre Guisset Damien Hubaux B Ein Grid 20080402
 
Open Source Compliance Toolchain - A Proposal
Open Source Compliance Toolchain - A ProposalOpen Source Compliance Toolchain - A Proposal
Open Source Compliance Toolchain - A Proposal
 
AEM DataLayer IMMERSE 2017 Presentation by Dan Klco
AEM DataLayer IMMERSE 2017 Presentation by Dan KlcoAEM DataLayer IMMERSE 2017 Presentation by Dan Klco
AEM DataLayer IMMERSE 2017 Presentation by Dan Klco
 
DLP
DLPDLP
DLP
 
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...What's new in Security and Compliance in SharePoint , OneDrive for Business &...
What's new in Security and Compliance in SharePoint , OneDrive for Business &...
 
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Co.docx
 
Cobit 5 for information security
Cobit 5 for information securityCobit 5 for information security
Cobit 5 for information security
 
Importance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesImportance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation Initiatives
 
Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...
Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...
Puppet Camp East, Converting Group Policy settings to Puppet manifests, Shane...
 

Recently uploaded

TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....rightmanforbloodline
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceIES VE
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformWSO2
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaWSO2
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxMarkSteadman7
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityVictorSzoltysek
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingWSO2
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseWSO2
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceWSO2
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringWSO2
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 

Recently uploaded (20)

TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
TEST BANK For Principles of Anatomy and Physiology, 16th Edition by Gerard J....
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Decarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational PerformanceDecarbonising Commercial Real Estate: The Role of Operational Performance
Decarbonising Commercial Real Estate: The Role of Operational Performance
 
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data PlatformLess Is More: Utilizing Ballerina to Architect a Cloud Data Platform
Less Is More: Utilizing Ballerina to Architect a Cloud Data Platform
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 
Choreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software EngineeringChoreo: Empowering the Future of Enterprise Software Engineering
Choreo: Empowering the Future of Enterprise Software Engineering
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 

Gdpr and compliance framework

  • 1. GDPR Mapping framework built into security mapping (being refined) IT System VULN RISK Security Control Data Journey Data Touches Has VULN Has RISK Risk Reduced By Data Source Threat Model Security Goal meets Business Goal Helps meet Project Mitigates Has RISK Used in identifies
  • 2. Proposed Policy Relationship Schema in Jira ISO27001* Policy RISK Vuln GDPR* mitigates PCI* Brand GRC* IT System Brand GRC* Brand GRC* Brand GRC* Ismitigatedby Compliancemetby Compliesto Group GRC* Has policy Policy covers Covers Is covered by Policy issuetype links via hyperlink to G-Drive policy repository as single ‘source of truth’. Confluence also linked via hyperlink to G-Drive for policies for consistency * Issuetypes to be yet created.
  • 3. Proposed Policy Relationship Schema in Jira v2 ISO27001* Policy RISK Vuln GDPR* mitigates PCI* IT System Is mitigated by Compliance met by Complies to Policy issuetype links via hyperlink to G-Drive policy repository as single ‘source of truth’. Confluence also linked via hyperlink to G-Drive for policies for consistency * Issuetypes to be yet created. Security Control Meets Is met by Security Goal Meets Is met by