Data Protection Assessment

Privacy legislations and related controls are advancing rapidly around the world in response to consumer pressures. Understanding and complying to these requirements is critical to avoiding legal liability and building customer confidence.

Maintaining a comprehensive and effective data protection strategy within an organisation is not easy. Data protection is not just about the technology but adapting to changing business practices, the changing objectives of multiple stakeholders, several regulations around the world, and ultimately every single person that touches sensitive data throughout its lifecycle.

As the business and technology have changed, we are supporting our customer to prepare their IT security and compliance audit and reviewing their current environments to address this challenge.

Whether your are looking to pass your first compliance audit or you have maintained compliance and a strong security posture for years, we provide a pragmatic approach which will help your customer to reach their goals in protecting their sensitive information from different angles.

With vast experience in implementing data security measures and access controls, we will help you determine your current status on privacy protection and provide inputs to achieve compliance with applicable legislations.

Scope of Service

The Data Protection Assessment applies to all system components, which are under analysis. The system components are defined as any network component, server, or application that is included in or connected to your data environment. System components also include any virtualization components such as virtual machines, virtual switches/routers, virtual appliances, virtual applications/desktops, and hypervisors.

Your data environment is composed of people, processes and technology that store, process or transmit data or sensitive authentication data.

Furthermore it is important for the engagement to understand the sensitivity of their critical data in term of confidentiality, integrity and availability. It is crucial to discern where those critical data are located (which server, country, and so on). This step will help to understand which local regulation will apply on the protection requirement of the system and data.
© 2014 IRM-Advisors Contact Us