Riesgo Risk Management Data Protection Act Service description Request a pilot online today Introduction • Many organisations are faced with the challenges of Data protection Act and worried about being caught out. • Riesgo Risk Management DPA solution provides a new approach that allows the Data compliance officer to ascertain compliance in real time. • The solution is designed to be embedded within your current business practice and triggers set to allow you to know when non compliance occurs, as well as the ability to instigate remedial action. • The architecture is inherently embedded within your network and business operation of your organisation. • The focus is based on the 8 principles and information security best practices. Policies Guidelines Real time interaction DPA solution overview System setup mgmt - Data Protection - Compliance & Assurance Org chart Business units Business units Business units Business units Principle assessment 1st principle 2nd principle 3rd principle 4th principle 5th principle 6th principle 7th principle 8th principle Contract & data processing agreement - 3rd parties - Outsourced parties Alert  DPA  DPA Implementation overview Gap analysis Project plan Project execution Handover & support implementation Lawful business & commercial purpose Contract agreement Policies & guidelines Adaption & customisation Awareness & training Roll out Organisational chart 8 principles assessment •Retention policy •Personal data definition •Purpose policy •Information classification guideline •Information security policy Services Staff training Operational support Manned (onsite) Managed service DPA operational overview Purpose Select from Purpose policy  Minimum data Associated Minimum data Project name Does this project involve the collection, storage and/or use of personal data - PD determinator Yes Accuracy of data No Select from  Accuracy guideline Retention Existing Associated Retention policy outsource Rights  Security New Contractual Data processing agreement Confirm Rights compliance Does this Asset involve the collection, storage and/or use of personal data - PD determinator Purpose policy Accuracy guideline Retention policy Rights compliance Contractual agreement Minimum data guideline Asset database Yes Assets Risk assessment Project 1 Project 2 No Report Project 3 Project 4 Project 5 Db System setup mgmt Org Chart Business units Business units - Data Protection -Compliance & Assurance - Information Security Manager Business units Business units System setup Policies/ guidlines Database The 8 principles Purpose policy Accuracy guideline Retention policy Rights compliance Contractual agreement Minimum data guideline Asset database 1st Fairly & Lawfully Purpose policy 2nd Used only for purpose obtained Minimum data guideline 3rd Quality – accuracy & relevance Accuracy and relevance guideline 4th Accuracy & kept up to date Accuracy & kept up to date 5th Retention 6th Rights Used only for purpose obtained 7th 8th Rights Rights Retention Policy Security outsource Project or Asset name: Entry date: Contact name: DPA project results Applicable policy Purpose policy Principle 1st principle 2nd principle 3rd principle 4th principle Objective Fairly & Lawfully Results Comments Used only for purpose obtained Quality – accuracy & relevance Minimum data guideline Accuracy and relevance guideline Accuracy policy & kept up to date Accuracy & kept up to date 5th principle 6th principle 7th principle 8th principle Retention Retention policy Rights Used only for purpose obtained Security & 3rd party access Contract & data processing agreement Security & 3rd party access Outsourcing Getting started Request pilot www.riesgoriskmanagement.com Contractual agreement Implementation Contact Details • • • • Ben oguntala info@riesgoriskmanagement.com www.riesgoriskmanagement.com Tel – 07812 039 867