Management and Oversight
Governance and oversight for personal data handling.
Capability Building Blocks
- A1Strategy and Governance
- Design, develop, and maintain policies and controls for protecting personal data that comply with relevant regulations and laws, and that align with the organization's business model and objectives.
- A2Supplier Management
- Select suppliers that are committed to observing the organization's personal data protection obligations, and manage supplier compliance with them.
- A3Monitoring, Reporting, and Enforcement
- Establish appropriate measures for monitoring and reporting of non-compliance with personal data protection policies and of the remedial actions taken. Drive improvements based on lessons learned from incidents and near-incidents.