IVI Framework Viewer

Security, Access Rights, and Risk Management

C1

Establish, identify, and communicate security criteria, access rights controls (based on life-cycle state) and risk criteria for personal data.

Improvement Planning

Practices-Outcomes-Metrics (POM)

Representative POMs are described for Security, Access Rights, and Risk Management at each level of maturity.

1Initial
  • Practice
    Assess, evaluate, and manage personal data risks.
    Outcome
    Specification, procurement or management tends to be department choice or ad hoc.
  • Practice
    Gather intelligence on threats and vulnerabilities from internal and external sources.
    Outcomes
    • Toolset selection and management is based on preferred vendor recommendations.
    • Resource allocation is local or assigned to resolve issues as needed.
    Metrics
    • # data protection tools in use for data acquisition, and consent agreement capture.
    • # tools available at customer or data subject interfaces.
  • Practice
    Identify, establish, and communicate personal data security criteria and practices to secure the physical environment together with manual and automated data.
    Outcome
    IT and some business units are agreed on the automation levels, tooling, resourcing, and management of security resources.
    Metrics
    • # data protection tools in use for data acquisition, and consent agreement capture.
    • # tools available at customer or data subject interfaces.
  • Practice
    Match access control procedures to data classifications.
    Outcome
    Monitoring is highly automated via standard toolsets and resources are actively managed to improve security and data protection services across the enterprise.
    Metrics
    • # data protection tools in use for data acquisition, and consent agreement capture.
    • # tools available at customer or data subject interfaces.
2Basic
  • Practice
    Assess, evaluate, and manage personal data risks.
    Outcome
    The specification, procurement, and management of data protection and security tools and resources are continuously reviewed and improved as necessary across the business ecosystem.
    Metric
    # average usage of tools to implement privacy by design in the data life cycles.
  • Practice
    Gather intelligence on threats and vulnerabilities from internal and external sources.
    Outcome
    Data retention policy for personal data (if any) is ad hoc.
  • Practice
    Identify, establish, and communicate personal data security criteria and practices to secure the physical environment together with manual and automated data.
    Outcomes
    • A data retention policy has been drafted.
    • Implementation has started in some business units.
    Metric
    % personal data covered by implemented data retention policies.
  • Practice
    Match access control procedures to personal data classifications.
    Outcomes
    • Data is reviewed and classified at least annually.
    • Suitable retention periods specified against each personal data attribute.
    Metric
    % personal data covered by implemented data retention policies.
3Intermediate
  • Practice
    Assess, evaluate, and manage personal data risks.
    Outcomes
    • Data is reviewed and classified regularly.
    • Some retention periods specified against each personal data attribute.
    Metric
    % personal data covered by implemented data retention policies.
  • Practice
    Gather intelligence on threats and vulnerabilities from internal and external sources.
    Outcomes
    • Continuous monitored approach to data classification.
    • Retention periods reviewed in line with business strategy and objectives and fully compliant with statutory requirements.
    Metric
    % personal data with retention polices.
  • Practice
    Identify, establish, and communicate personal data security criteria and practices to secure the physical environment together with manual and automated data.
    Outcome
    The destruction of personal data (if any) is ad hoc.
  • Practice
    Match access control procedures to personal data classifications.
    Outcomes
    • A capability to anonymize personal data is in use.
    • Selection for deletion is based on a mix of data age and life cycle stage.
    Metric
    % Media destroyed using commercial or professional techniques.
4Advanced
  • Practice
    Assess, evaluate, and manage personal data risks.
    Outcome
    Life cycles and meta data clearly identify data that is ready for anonymization or deletion.
    Metric
    % Media destroyed using commercial or professional techniques.
  • Practice
    Gather intelligence on threats and vulnerabilities from internal and external sources.
    Outcome
    Personal data and media (paper and digital) holding personal data destruction is policy and process compliant across the organization.
    Metric
    % Media destroyed using commercial or professional techniques.
  • Practice
    Identify, establish, and communicate personal data security criteria and practices to secure the physical environment together with manual and automated data.
    Outcomes
    • Personal data removal is effective across the business ecosystem.
    • Systems are in place to prevent the inappropriate restoration of obsolete personal data.
    Metric
    % of end of life equipment and paper that is verifiably destroyed across the entire eco system.
  • Practice
    Match access control procedures to personal data classifications.
    Outcome
    The destruction of personal data (if any) is ad hoc.
5Optimized
  • Practice
    Assess, evaluate, and manage personal data risks.
    Outcomes
    • A capability to anonymize personal data is in use.
    • Selection for deletion is based on a mix of data age and life cycle stage.
    Metrics
    • % personal data fields deleted based on life-cycle stage.
    • % personal data fields deleted based on age.
    • % personal data not addressed by a data deletion policy.
  • Practice
    Gather intelligence on threats and vulnerabilities from internal and external sources.
    Outcome
    Life cycles and meta data clearly identify data that is ready for anonymization or deletion.
    Metrics
    • % personal data fields deleted based on life-cycle stage.
    • % personal data fields deleted based on age.
    • % personal data not addressed by a data deletion policy.
  • Practice
    Identify, establish, and communicate personal data security criteria and practices to secure the physical environment together with manual and automated data.
    Outcome
    Personal data and media (paper and digital) holding personal data destruction is policy and process compliant across the organization.
    Metrics
    • % personal data fields deleted based on life-cycle stage.
    • % personal data fields deleted based on age.
    • % personal data not addressed by a data deletion policy.
  • Practice
    Match access control procedures to personal data classifications.
    Outcomes
    • Personal data removal is effective across the business ecosystem.
    • Systems are in place to prevent the inappropriate restoration of obsolete personal data.
    Metric
    % personal data that is automatically destroyed in line with retention policies.