DATA RISK MANAGEMENT HEALTH CHECK
With the emergence in the last twenty years of the internet, mobile devices and the exponential growth in data complexity, veracity and volume outdated legislation governing the protection and privacy of consumers personal data devised in the infancy of the internet and pre dating mobile devices and big data is being dramatically updated across the globe to help improve the rights of individuals in a modern digital mobile age.
New and pending legislation is now forcing companies to take data management and its impact on the protection and privacy of an individual’s data increasingly seriously, with data borders no longer confined to geographical locations and with potential fines increasing dramatically companies can no longer ignore or plead ignorance to failures in the way they collect data and manage its risk.
Increasing power means that regulators can enforce companies to show how they are complying with legislation and to demonstrate that they have the mechanics in place and demonstrate the systems that they have to achieve compliance. Failure to meet obligations can now result in significant fines totalling potentially millions of dollars with immeasurable levels of reputation damage caused by control failure.
It is becoming a standard cost of business for companies to demonstrate to their Executive boards and regulatory authorities alike that they have effectively designed, implemented and maintained Data Risk Management practices and controls that comply with specific Data Protection and Data Privacy legislation in the territories where they collect and use consumer data.
An independent data risk management review process can be a time consuming and expensive exercise and often fails to deliver clear insights into compliance gaps or provide actionable business intelligence needed to make necessary improvements to your Data Risk Management practices.
Regulated entities need to have a robust framework for regularly monitoring the effectiveness of their Data Risk Management practices to assess whether they have implemented controls that are fit for purpose and are operating effectively.
What is the Data Risk Management Health Check?
The Data Risk Management Health Check solution is an online platform dedicated to controls assurance and provides a structured framework for conducting independent reviews to assess the design and operational effectiveness of your Data Risk Management practices in meeting your organisations obligations to the Data Protection and Data Privacy legislation in any geography or jurisdiction in which you collects and uses consumer data.
After the assessment has been completed for each compliance obligation users can create executive summary reports directly from the platform, highlighting the key observations, findings and recommendations, as well as, actions, issues and risks identified during the review process. The Data Risk Management Health Check will be your Chief Data Officer, Data Compliance Officer and Data Stewards key tool in ensuring your and their personal liabilities for data risk.
The Data Risk Management Health Check platform also contains rich data analytics that provide actionable business intelligence including; real-time operational dashboards for tracking open and outstanding actions, issues and risks; interactive reports which can slice and dice audit data in many ways including, drilling into particular areas of interest, as well as, benchmarking audit outcomes across different timeframes, data owners and stewards, divisions and countries, it can even summarise on a single page the compliance status across hundreds of compliance obligations.
How it works – get started in 4 easy steps
Helping you meet your compliance challenges
The management of data across your enterprise will typically follow some form or blend of data industry recognised framework (e.g. DMBOK, CMMI, DCAM) each of which has specifically been created to help you ensure that you have covered all the specific data related disciplines needed for competent data management (e.g. Data Architecture, Master and Reference Data Management and Data Lineage.)
Ensuring the practices you have implemented enable you to meet all of your legislative and prudential obligations for appropriately managing data and its risk is an entirely different challenge and one that has not traditionally been inherent in industry frameworks because of the previous lack of regulatory attention.
Data risk management is a uniquely challenging space that requires your operational risk, compliance and internal audit teams to understand data management and data risk and your data owners and stewards to consider risk and controls around data, both aspects being typically unfamiliar and challenging to the normal day to day of both functions. The Data Risk Management Health Check is designed to support both sides of this challenge, helping risk and compliance teams more easily get to grips with data and data management practices and data managers to get to grips with risk and control management.
Data management practices themselves are not targeted to specific legislative or prudential obligations and will need to be tested to ensure compliance usually to one or more obligation. For example testing data lineage should help you identify whether you have potential gaps in your compliance to GDPR (General Data Protection Regulation (Regulation (EU) 2016/679) and whether the classification of your Financial Assets are correct in line with IFRS9 (Financial Instruments) obligations.
The Data Risk Management Health check is itself designed to allow you to test specific, data disciplines, controls, processes and technologies against multiple regulatory obligations to give you a true and complete view of your real data risk.
The Data Risk Management Health Check is your Chief Data Officers new best friend in supporting all aspects of your organisations embed effect Data Risk Management.