IVI Framework Viewer

Management and Oversight

Governance and oversight for personal data handling.

Capability Building Blocks

A1Strategy and Governance
Design, develop, and maintain policies and controls for protecting personal data that comply with relevant regulations and laws, and that align with the organization's business model and objectives.
A2Supplier Management
Select suppliers that are committed to observing the organization's personal data protection obligations, and manage supplier compliance with them.
A3Monitoring, Reporting, and Enforcement
Establish appropriate measures for monitoring and reporting of non-compliance with personal data protection policies and of the remedial actions taken. Drive improvements based on lessons learned from incidents and near-incidents.