GM
Uploaded byGoher Mohammad
PPTX, PDF71 views

Gdpr and compliance framework

The document proposes a framework for mapping policies and their relationships to risks, vulnerabilities, compliance standards, security controls, and systems in Jira. This framework includes issue types for policies, risks, vulnerabilities, standards like GDPR and PCI, and systems. It defines relationship types like "mitigates", "is mitigated by", and "complies to" to link these issue types and represent how policies, controls, and standards address risks. Policies will be linked to the single source of truth in the G-Drive repository.

Embed presentation

Download to read offline
GDPR Mapping framework built into security mapping (being refined) IT System VULN RISK Security Control Data Journey Data Touches Has VULN Has RISK Risk Reduced By Data Source Threat Model Security Goal meets Business Goal Helps meet Project Mitigates Has RISK Used in identifies
Proposed Policy Relationship Schema in Jira ISO27001* Policy RISK Vuln GDPR* mitigates PCI* Brand GRC* IT System Brand GRC* Brand GRC* Brand GRC* Ismitigatedby Compliancemetby Compliesto Group GRC* Has policy Policy covers Covers Is covered by Policy issuetype links via hyperlink to G-Drive policy repository as single ‘source of truth’. Confluence also linked via hyperlink to G-Drive for policies for consistency * Issuetypes to be yet created.
Proposed Policy Relationship Schema in Jira v2 ISO27001* Policy RISK Vuln GDPR* mitigates PCI* IT System Is mitigated by Compliance met by Complies to Policy issuetype links via hyperlink to G-Drive policy repository as single ‘source of truth’. Confluence also linked via hyperlink to G-Drive for policies for consistency * Issuetypes to be yet created. Security Control Meets Is met by Security Goal Meets Is met by

More Related Content

PPTX
New security solutions for next generation of IT
byDATA SECURITY SOLUTIONS
 
PDF
Fisma compliance solutions @ cdg.io
byCyberGroup
 
PDF
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
byCloud Security Alliance Lviv Chapter
 
PDF
June 2016 EMEA Netskope Cloud Report
byNetskope
 
PDF
Maclear’s IT GRC Tools – Key Issues and Trends
byMaclear LLC
 
PPTX
A practical data privacy and security approach to ffiec, gdpr and ccpa
byUlf Mattsson
 
PPTX
Cybersecurity by the numbers
byEoin Keary
 
PDF
Nist cybersecurity framework isc2 quantico
byTuan Phan
 
New security solutions for next generation of IT
byDATA SECURITY SOLUTIONS
 
Fisma compliance solutions @ cdg.io
byCyberGroup
 
Michael Kropyva - Security Compliance For Cloud Providers - Customer`s Perspe...
byCloud Security Alliance Lviv Chapter
 
June 2016 EMEA Netskope Cloud Report
byNetskope
 
Maclear’s IT GRC Tools – Key Issues and Trends
byMaclear LLC
 
A practical data privacy and security approach to ffiec, gdpr and ccpa
byUlf Mattsson
 
Cybersecurity by the numbers
byEoin Keary
 
Nist cybersecurity framework isc2 quantico
byTuan Phan
 

Similar to Gdpr and compliance framework

PDF
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
byTuan Phan
 
PDF
Building an Effective GRC Process with TrustedAgent GRC
byTuan Phan
 
PPTX
Swascan Cyber Security Testing Platform
byPierguido Iezzi
 
PPTX
Swascan brochure-eng
bySWASCAN
 
PPTX
Brochure SWASCAN-ENG On Premise
bySWASCAN
 
PPTX
Swascan brochure-EN
byPierguido Iezzi
 
PPT
EUCI Mapping Cybersecurity to CIP
byScott Baron
 
PPTX
Risk assessments and applying organisational controls for GDPR compliance
byIT Governance Ltd
 
PDF
GovSec ITSRM2 23052019-RomanianConference.pdf
bymorkupelta
 
PDF
SecureGRC: Unification of Security Monitoring and IT-GRC
byxmeteorite
 
PDF
SecureGRC: Unification of Security Monitoring and IT-GRC
byAegify Inc.
 
PDF
Gartner Security & Risk Management Summit Brochure
bytrunko
 
PPTX
Regulated Reactive - Security Considerations for Building Reactive Systems in...
byRyan Hodgin
 
PDF
Rick Borden, Chief Privacy Officer, White & Williams LLP - #InfoGov17 - Cyber...
byARMA International
 
PPTX
325838924-Splunk-Use-Case-Framework-Introduction-Session
byRyan Faircloth
 
PPTX
A Framework for Developing and Operationalizing Security Use Cases
byRyan Faircloth
 
PDF
Brochure swascan ENG
bySWASCAN
 
PDF
Introduction to NIST Cybersecurity Framework
byTuan Phan
 
PPTX
Cyber Tekes Safety and Security programme 2013
byTurvallisuus2013
 
PPTX
CrossIdeas Roadshow IBM IAM Governance Andrea Rossi
byIBM Sverige
 
NIST Cybersecurity Framework Intro for ISACA Richmond Chapter
byTuan Phan
 
Building an Effective GRC Process with TrustedAgent GRC
byTuan Phan
 
Swascan Cyber Security Testing Platform
byPierguido Iezzi
 
Swascan brochure-eng
bySWASCAN
 
Brochure SWASCAN-ENG On Premise
bySWASCAN
 
Swascan brochure-EN
byPierguido Iezzi
 
EUCI Mapping Cybersecurity to CIP
byScott Baron
 
Risk assessments and applying organisational controls for GDPR compliance
byIT Governance Ltd
 
GovSec ITSRM2 23052019-RomanianConference.pdf
bymorkupelta
 
SecureGRC: Unification of Security Monitoring and IT-GRC
byxmeteorite
 
SecureGRC: Unification of Security Monitoring and IT-GRC
byAegify Inc.
 
Gartner Security & Risk Management Summit Brochure
bytrunko
 
Regulated Reactive - Security Considerations for Building Reactive Systems in...
byRyan Hodgin
 
Rick Borden, Chief Privacy Officer, White & Williams LLP - #InfoGov17 - Cyber...
byARMA International
 
325838924-Splunk-Use-Case-Framework-Introduction-Session
byRyan Faircloth
 
A Framework for Developing and Operationalizing Security Use Cases
byRyan Faircloth
 
Brochure swascan ENG
bySWASCAN
 
Introduction to NIST Cybersecurity Framework
byTuan Phan
 
Cyber Tekes Safety and Security programme 2013
byTurvallisuus2013
 
CrossIdeas Roadshow IBM IAM Governance Andrea Rossi
byIBM Sverige
 

Recently uploaded

PDF
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PDF
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
PDF
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
PDF
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
PDF
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
PDF
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PDF
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
PDF
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
PDF
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
PDF
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PPTX
NTG - Data Center Management System Software
byMustafa Kuğu
 
PPTX
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
React Mastery: Visual Mental Models to Understand React Deeply
byThomas Gaye
 
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
Startup Formation Collapses While Acquisition Activity Hits New High!
byMemoori
 
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
Title Installing Windows, Linux, MacOS.pdf
byGeraldAbadajos
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
NTG - Data Center Management System Software
byMustafa Kuğu
 
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 

Gdpr and compliance framework

  • 1.
    GDPR Mapping frameworkbuilt into security mapping (being refined) IT System VULN RISK Security Control Data Journey Data Touches Has VULN Has RISK Risk Reduced By Data Source Threat Model Security Goal meets Business Goal Helps meet Project Mitigates Has RISK Used in identifies
  • 2.
    Proposed Policy RelationshipSchema in Jira ISO27001* Policy RISK Vuln GDPR* mitigates PCI* Brand GRC* IT System Brand GRC* Brand GRC* Brand GRC* Ismitigatedby Compliancemetby Compliesto Group GRC* Has policy Policy covers Covers Is covered by Policy issuetype links via hyperlink to G-Drive policy repository as single ‘source of truth’. Confluence also linked via hyperlink to G-Drive for policies for consistency * Issuetypes to be yet created.
  • 3.
    Proposed Policy RelationshipSchema in Jira v2 ISO27001* Policy RISK Vuln GDPR* mitigates PCI* IT System Is mitigated by Compliance met by Complies to Policy issuetype links via hyperlink to G-Drive policy repository as single ‘source of truth’. Confluence also linked via hyperlink to G-Drive for policies for consistency * Issuetypes to be yet created. Security Control Meets Is met by Security Goal Meets Is met by