Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
What to Upload to SlideShare
Loading in …3
×
1 of 18

Building a Strategy customers and Auditors Love

Jul. 11, 2018
1 like 2,459 views

1

Share

Download to read offline

Data & Analytics

How to be Successful in the Post GDPR Landscape – Building a Strategy Customers & Auditors Love

May 25th isn’t the end of a journey, it’s really just the beginning. GDPR is one piece of the compliance puzzle. One of the most important things to remember about GDPR is that it’s not a one off compliance effort. It is a continuous process that will need to be continually evaluated and evolved over time. In order to be successful long term, a strategy must be built across all functions in the organization. Join us to learn how to build a strategy that will help you identify and link GDPR related processes, rules, standards and metrics to your organization's compliance goals and objectives to meet the new regulatory landscape. In this session, Jonathan will highlight how to develop processes and controls to build a strategy that ensure that the information being utilized is compliant, accessible, and manageable. He will conclude with a brief demo of DATUM’s Information Value Management® and share best practices and actionable takeaways to help inspire you to build a strategy both your customers and auditors will love.

Recommended

More Related Content

You Might Also Like

Physical/Network Access Control
Physical/Network Access Control
jwpiccininni
SharePoint 2010 ECM: The Best Practices of Organizing and Finding Information in the Enterprise
SharePoint 2010 ECM: The Best Practices of Organizing and Finding Information...
Corro'll Driskell
Map of the Cloud minefield - Banktech Sydney Summit 17 july 2012
Map of the Cloud minefield - Banktech Sydney Summit 17 july 2012
Livingstone Advisory
Social Media Governance - how it works in organisations
Social Media Governance - how it works in organisations
iGo2 Pty Ltd
White Paper-1-AnalytiX Mapping Manager-Governance And Architecture In Data Integration
White Paper-1-AnalytiX Mapping Manager-Governance And Architecture In Data In...
AnalytixDataServices
4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance
Imperva
SAP Inside Track Toronto ASUG Ontario 2013 Enterprise Risk Management: Align Goals with Actions
SAP Inside Track Toronto ASUG Ontario 2013 Enterprise Risk Management: Align ...
William Newman
Driving Business Performance with effective Enterprise Information Management
Driving Business Performance with effective Enterprise Information Management
Ray Bachert
Alsup gd13 final
Alsup gd13 final
Mike Alsup
Enterprise Data Governance for Financial Institutions
Enterprise Data Governance for Financial Institutions
Sheldon McCarthy
Data-Ed Online: Unlock Business Value through Reference & MDM
Data-Ed Online: Unlock Business Value through Reference & MDM
DATAVERSITY
Cybersecurity Framework: Where Do We Go From Here?
Cybersecurity Framework: Where Do We Go From Here?
Protiviti
Enterprise Security Architecture
Enterprise Security Architecture
Kris Kimmerle
Information Governance
Information Governance
Lorne Rogers, ECM-M, PMP [Open Networker]
Cff data governance best practices
Cff data governance best practices
Beth Fitzpatrick
Sheila Jeffrey - Well Behaved Data - It's a Matter of Principles
Sheila Jeffrey - Well Behaved Data - It's a Matter of Principles
iasaglobal
Establishing Content Structure & Information Governance in SharePoint
Establishing Content Structure & Information Governance in SharePoint
Nick Inglis
Security review using SABSA
Security review using SABSA
Maganathin Veeraragaloo
Data Audit Approach To Developing An Enterprise Data Strategy
Data Audit Approach To Developing An Enterprise Data Strategy
Alan McSweeney
A Practical Guide To Information Governance
A Practical Guide To Information Governance
Michael Curcio
ISO 9001:2015 webinar Part 3 - UL DQS Inc
ISO 9001:2015 webinar Part 3 - UL DQS Inc
DQS Inc.
7 steps to build an effective corporate compliance strategy
7 steps to build an effective corporate compliance strategy
Maarten BOONEN
7 Steps to Build an Effective Corporate Compliance Strategy
7 Steps to Build an Effective Corporate Compliance Strategy
Maarten Boonen
AMCTO presentation on moving from records managment to information management
AMCTO presentation on moving from records managment to information management
Christopher Wynder
Ecm implementation planning_workshop_hospital_sample
Ecm implementation planning_workshop_hospital_sample
Christopher Wynder
Spire Brief - Risk Consulting
Spire Brief - Risk Consulting
Prashant Jain
Does audit make us more secure
Does audit make us more secure
EnterpriseGRC Solutions, Inc.
Enterprise governance risk_compliance_fcm slides
Enterprise governance risk_compliance_fcm slides
EnterpriseGRC Solutions, Inc.
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Stephanie McVitty
DV 2016: Why Your Organization Needs Data and Analytics Governance
DV 2016: Why Your Organization Needs Data and Analytics Governance
Tealium
meta360 - enterprise data governance and metadata management
meta360 - enterprise data governance and metadata management
Bojana Ciric
Security Basics for Law Firms
Security Basics for Law Firms
Clio - Cloud-Based Legal Technology
Success by integrating risk management in data governance
Success by integrating risk management in data governance
Tejasvi Addagada, CBAP
Security: Enabling the Journey to the Cloud
Security: Enabling the Journey to the Cloud
Capgemini
Enterprise Security Architecture
Enterprise Security Architecture
Priyanka Aash
5 Steps to Prepare for Digital Transformation & Real-Time Analytics
5 Steps to Prepare for Digital Transformation & Real-Time Analytics
DATUM LLC
Ethics Case Study Review_JKostak_APA_Style
Ethics Case Study Review_JKostak_APA_Style
John Kostak
20170323 are you ready the new gdpr is here
20170323 are you ready the new gdpr is here
Richard Hogg,Global GDPR Offerings Evangelist
CISSP - Chapter 2 - Asset Security
CISSP - Chapter 2 - Asset Security
Karthikeyan Dhayalan
Enterprise Security Architecture Design
Enterprise Security Architecture Design
Priyanka Aash

Related Books

Free with a 30 day trial from Scribd

See all
Power Pivot and Power BI: The Excel User's Guide to DAX, Power Query, Power BI & Power Pivot in Excel 2010-2016 Rob Collie
(4.5/5)
Free
Supercharge Excel: When you learn to Write DAX for Power Pivot Matt Allington
(0/5)
Free
Learn to Write DAX: A practical guide to learning Power Pivot for Excel and Power BI Matt Allington
(4/5)
Free
Business Analysis Debra Paul
(4.5/5)
Free
Python Data Science Essentials - Second Edition Boschetti Alberto
(4/5)
Free
Probability, Markov Chains, Queues, and Simulation: The Mathematical Basis of Performance Modeling William J. Stewart
(2/5)
Free
Numerical Methods for Stochastic Computations: A Spectral Method Approach Dongbin Xiu
(5/5)
Free
Data Visualization: a successful design process Andy Kirk
(4/5)
Free
Dynamic Models in Biology Stephen P. Ellner
(4/5)
Free
Agent-Based and Individual-Based Modeling: A Practical Introduction, Second Edition Steven F. Railsback
(4/5)
Free
Outnumbered: From Facebook and Google to Fake News and Filter-bubbles – The Algorithms That Control Our Lives David Sumpter
(5/5)
Free
Data Model Patterns: A Metadata Map David C. Hay
(3/5)
Free
Guerrilla Data Analysis Using Microsoft Excel: 2nd Edition Covering Excel 2010/2013 Oz du Soleil
(3/5)
Free
Python Machine Learning Sebastian Raschka
(4/5)
Free
Mastering Predictive Analytics with R Rui Miguel Forte
(3.5/5)
Free
Network Graph Analysis and Visualization with Gephi Ken Cherven
(5/5)
Free

Building a Strategy customers and Auditors Love

  1. 1. DGIQ 2018 JUNE 13, 2018 How to be Successful in the Post GDPR Landscape – Building a Strategy Customers & Auditors Love Confidential and Proprietary. Copyright© 2018. DATUM LLC
  2. 2. 2 Agenda • Who we are • Compliance Being Compliant AND being Audit Resilient The Data Control Model; Control Elements 4 Steps to a Governance Framework • Building the Governance Framework in Information Value Management Confidential and Proprietary. Copyright© 2018. DATUM LLC
  3. 3. We help the world’s leading organizations identify, organize and use data to solve problems and create opportunities. Confidential and Proprietary. Copyright© 2018. DATUM LLC3
  4. 4. 4 Compliance evolves with capabilities Confidential and Proprietary. Copyright© 2018. DATUM LLC Compliance is the goal, but over time what you want is Audit Resilience Easy, Stress Free, Repeatable, Transparent, Extensible Compliance is about defining the Data Control Model that reduces risk, and creates “Audit Resilience”
  5. 5. Data Control Model 5 Confidential and Proprietary. Copyright© 2018. DATUM LLC Control System Defined: Control Environment • Sets the tone for the organization Risk Assessment • Identification and analysis of relevant risks to the achievement of objectives Information and Communication • Systems or processes that support the identification, capture, and exchange of information Control Activities • Policies and procedures that help ensure management directives are carried out Monitoring-processes • Assess the quality of internal control performance over time. The configuration of the Governance Framework to align impacted data with compliance requirements An Operating Model that ensures accountability and minimizes risk For DATUM a Data Control Model sits within the Control System, and is always: https://www.aicpa.org/
  6. 6. Data Control Model 6 Confidential and Proprietary. Copyright© 2018. DATUM LLC Control Elements: Data is labelled with sufficient metadata to support risk analysis and alignment to larger Control System Elements • Data Catalog / Dictionary have been configured with appropriate metadata labelling to support risk processes Control activities are completely defined • All data in scope is controlled via Rule(s) that are supported by Standards • All Composers have Owners, and Rules have execution Owners (Roles) The controls are exposed and communicated • Reports are configured in Information Value Management Monitoring process exists • Data Quality feature is activated and are monitoring Control Rules 1. Configure Governance Framework 2. Configure Operating Model 3. Identify Control Points 4. Ensure that the Control Points have all control elements implemented Steps to setting up Control Model:
  7. 7. 7 Four Steps to a Governance Framework Confidential and Proprietary. Copyright© 2017. DATUM LLC What are Value Driver Goals ? What Objectives Support Goals? How do I Recognize Success? Start with Business Value!
  8. 8. 8 1. Build out the Goals, Objectives & Metrics to align Value Confidential and Proprietary. Copyright© 2017. DATUM LLC StrategyAction
  9. 9. 9 2. Build the Catalog Confidential and Proprietary. Copyright© 2017. DATUM LLC 2 Catalog Data: Foundational to Managing Data 3 Describe Data: Tag to align with value drivers Identify Data: What are my sources?1 What is the data that matters? If data is not cataloged, it is not governed!
  10. 10. 10 Value emerges… Confidential and Proprietary. Copyright© 2017. DATUM LLC Data Asset: Transaction File dd/mm/yy Purchase $ Purchase Date Purchase SKU Customer Metric Tags Purchase Activity PI Collected Channel = Web Product Category All business processes where customers present must have 95% completion of Customer Metrics StrategyData • Data’s role in supporting business strategies is established • Provides the basis for data’s value as an “Asset”
  11. 11. 11 3. Define Processes Confidential and Proprietary. Copyright© 2017. DATUM LLC Where Is the data; how Is It Used? • E-commerce sites • Marketing functions • Shipping fulfillment • CRM Start with known Business Functions Focus on Core Requirements • What data is where? • What are value drivers? • Who gets the value? • What are standards, controls & metrics
  12. 12. 12 Processes complete alignment of data, people & processes Confidential and Proprietary. Copyright© 2017. DATUM LLC • Identifies business function & Owner • Ensures business alignment to “value” • Addresses order & efficiency objectives StrategyPeople
  13. 13. 13 4. Add Standards & Rules to address control objectives Confidential and Proprietary. Copyright© 2017. DATUM LLC • Standards provide enterprise wide guidance on the implementation of policy • Rules implement Standards at the data level StrategyGovernance
  14. 14. 14 The “Managed” Data Ecosystem Confidential and Proprietary. Copyright© 2017. DATUM LLC Data Aligned • The data required to meet objectives Strategy Driven Business Focused • Measurable Objectives Action Oriented • What people do Managed • The observable, measurable “controls” and metrics; evidence of business impact
  15. 15. 15 Example: GDPR Obligation Management Confidential and Proprietary. Copyright© 2017. DATUM LLC GDPR Compliance Goals Remediation Management Objectives GDPR Obligation Management Processes GDPR Remediation Standard GDPR Risk Management Communication Standards Standards GDPR Task Management GDPR PI Owner Identification GDPR Remediation Log Detail GDPR Communication Template Rules Metrics GDPR Article 12 GDPR Article 18 GDPR Article 19 GDPR Article 16 POLICY
  16. 16. 16 Multiple Frameworks may exist Confidential and Proprietary. Copyright© 2018. DATUM LLC GDPR Case Study For GDPR, a Framework exists for each of the Capability Areas specified in the Best Practices Model Each Framework answers a key question required for Audit Resilience
  17. 17. Benefits of a Governance Framework 17 Confidential and Proprietary. Copyright© 2017. DATUM LLC Clear Line of Site between Compliance & Controls Business Aligned Accountability Easy to Communicate Easy to Defend Audit Defensibility The degree to which the organization is ready to address the demands of an auditor: • Observable • Measureable • Repeatable • Robust • Transparent • Defensible
  18. 18. 18 Information Value Management® 01| Discover where GDPR personal information data lives, who uses it and how it is used. 02| Connect that information to data governance processes. 03| Enable collaboration with all stakeholders across the organization. Confidential and Proprietary. Copyright© 2018. DATUM LLC

×