Support or deliver GDPR information asset requirements

• Article 30: records of processing
• Article 28: management of processors
• Article 32: security of processing
• Articles 5-9: Processing principles and lawfulness of processing
• Identifying where contracts (Article 28(3)) and sharing agreements (Article 26) are required
• Article Identifying flows outside the EEA/Approved countries (Article 30/44-47)
• Identifying flows which could be pseudonymised (Article 4)
• A valid and up to date risk assessment programme for all Information Assets and flows

Significantly reduce the risk of fines

ASSIST WITH ISO 27001 AND ISO 27005 COMPLIANCE

• Delegated management of information assets and business processes
• Identifying where contracts and sharing agreements are required
• Recording supporting assets such as software and hardware

SUPPORT DATA PROTECTION OFFICER (DPO) IN PROVIDING ASSURANCE (ARTICLE 39)

• Identification, review and approval of use of data requiring a Data Privacy Impact Assessment (DPIA)
• Monitoring of compliance with the regulation
• Ability to immediately provide evidence for the supervisory authority as requested
• Assists responses to data subjects on use of their data (drill down dashboard for Information Assets
• Enables significant assurance reporting to the Board

PROVIDE BOARDS WITH ASSURANCE THAT INFORMATION ASSETS ARE APPROPRIATELY MANAGED

• Reporting and dashboard provides assurance that information assets are accounted for by organisational hierarchy
• Distributed ownership of information assets
• Delegated ownership of information risk reporting
• Helps to identify those information assets you didn’t know you had
• Ensures information asset management and flow mapping becomes a valuable resource rather than a costly annual exercise

Reduce the on-going cost of managing information flows and assets through a simple browser-based interface