TRUSTe Assessment Manager
description
Transcript of TRUSTe Assessment Manager
CONTACT US US: 888.878.7830 www.truste.com | EU: +44 (0) 203 078 6495 www.truste.eu
Powering Privacy Compliance and Trust
Learn More:truste.com
TRUSTe Assessment Manager
ASSESSMENT AUTOMATION FOR THE ENTERPRISE
Imagine you’re the captain of large ship moving at full
speed, approaching unchartered waters. Do you slow
down? Should you change course? Can you call for
help? Or do you simply close your eyes and hope for the
best? When it comes to your company, addressing data
privacy risks presents a similar challenge. Slowing the
company down is not an option and hope is not enough.
Teams tasked with managing privacy need to quickly
identify potential issues, assess the risk, and implement
controls to steer clear of unneeded exposure. While
privacy professionals have adopted the Privacy
Assessment and standardized a methodology for
approaching these challenges; objectives, scope,
resources and practices can vary greatly.
Some companies will conduct hundreds, even thousands of smaller privacy assessments while others do
fewer taking on a larger, programmatic approach. Whether a single Privacy Assessment takes a few days
or lasts several months, privacy teams on whole are spending thousands of hours each year assessing
privacy risk. And yet, in the end they are all too often left feeling exposed to risk.
Many teams lack the people and tools needed to efficiently and effectively manage privacy, while keeping
pace with business change. Consequently when speed and quality cannot be compromised, outsourcing
a privacy assessment is the often only option left. But outsourcing can be expensive. A better approach
is to increase the capabilities of internal teams allowing their institutional knowledge and decision making
to guide you through the assessment process. When greater capability is needed but headcount is fixed,
technology can be used to increase both output and quality.
PRIVACY ASSESSMENT AUTOMATIONTRUSTe Assessment Manager was developed from the ground up as a highly automated solution for
privacy assessments. Assessment Manager takes you through the end–to–end assessment process,
guiding the user each step along the way and following the same assessment methodology used by
TRUSTe consultants and analysts.
Each step of the process is powered by privacy technology and insight developed by the TRUSTe
team in delivering industry leading assessments and certifications. The data you collect is instantly
coupled with the knowledge TRUSTe provides to streamline each assessment, allowing any member of
your team to create a privacy assessment that may otherwise require considerable hours or expensive
external expertise.
By automating your privacy assessment you can save countless hours needed for each assessment. The
cost benefit in each assessment is important. But equally important is your ability to assess more with
the same set of internal resources. Moreover, you’ll be able to react quicker to business needs and ensure
that data privacy management can keep pace with the fast pace of change.
Privacy Assessments are a top priority for global enterprises and require a major investment of time and money.
— TRUSTe 2015
Privacy Assessment
Benchmarking Report
2
CONTACT US US: 888.878.7830 www.truste.com | EU: +44 (0) 203 078 6495 www.truste.eu
Powering Privacy Compliance and Trust
TRUSTe Assessment Manager
PRIVACY ASSESSMENT PROCESS
1. COMPLIANCE REQUIREMENTS DEFINITION
Assessment Manager comes with a set of Authority Documents—the guiding laws and regulations that dictate what’s
needed for privacy compliance. TRUSTe analysts have reviewed each document to determine the precise set of
recommended Controls you need to have in place to ensure compliance. Authority Documents and Controls are regularly
updated so that you are always up to date.
2. AUDITING OF DATA COLLECTION PRACTICES
Assessment Manager comes with a streamlined survey engine, preloaded with privacy templates that let you immediately
assess popular use cases. Yes/No, multiple choice, open–field and conditional logic questions are mapped to the set of
Privacy Controls recommended for each Authority Document.. Survey questions are easily reassigned to others and periodic
reminders can be triggered when a response is delayed. You can also create custom templates and load your own policies
into your library. Rest assured –– any uploaded content will only be viewable by you.
Assessment Manager comes with pre-
configured survey templates for a wide array
of privacy use cases.
Templates are built with an “Intelligence”
that lets you automatically apply information
across multiple assessments.
The automation capabilities within
Assessment Manager can greatly
reduce the time and effort needed
to conduct an end-to-end privacy
assessment, helping you keep pace
with the ever-changing business,
legal and regulatory landscape.
1. Define Compliance Requirements
2. Audit Data Management Practices
3. Conduct Compliance Reviews 4. Identify Gaps / Risks
5. Implement Program Changes
3
CONTACT US US: 888.878.7830 www.truste.com | EU: +44 (0) 203 078 6495 www.truste.eu
Powering Privacy Compliance and Trust
TRUSTe Assessment Manager
3. CONDUCT COMPLIANCE REVIEWS
Once your data is collected, Assessment Manager will conduct a detailed compliance review. Survey responses are matched
against desired results so that you can quickly see how your practices map against regulations and industry best practices.
Because Assessment Manager uses a Stored Data Discovery architecture, Authority Documents are seamlessly mapped
to controls, which are then compared against your results. Consequently, Privacy Controls can be shared across multiple
Authority Documents.
4. IDENTIFY GAPS & RISKS
You will receive a summary report of all data analyzed. Compliant findings will be segregated from non–compliant responses
eliminating the time required for sorting. Areas of privacy risk are flagged and you get detailed recommendations for
remediation. Members of the privacy team can then evaluate the potential risk and see Controls and Authority Documents
of concern.
5. IMPLEMENT PROGRAM CHANGES
As gaps and risks are identified, Assessment Manager enables multiple options for addressing each finding. From the
findings report, open items can quickly be sent on for further inquiry. Exceptions can be documented, and program changes
can be logged. An assessment can have a single or multiple approvers, and once an assessment is complete, it is easily
shared with others or stored in the repository. An assessment can be re–run ad hoc or on a scheduled future date.
Assessment Manager guides you through
each step of the assessment process.
Get a detailed summary report showing
where you’re compliant, where you’re not,
and recommendations on how to address
any potential issues.
4
CONTACT US US: 888.878.7830 www.truste.com | EU: +44 (0) 203 078 6495 www.truste.eu
Powering Privacy Compliance and Trust
TRUSTe Assessment Manager
Features DescriptionEnterprise Dashboard Get an at–a–glance view of all of your privacy projects along with the notices and
activities that matter most.
Privacy Controls Library A prepopulated privacy controls library will save you countless hours of
researching laws and regulations and determining the full set of activities needed
for compliance.
Regulatory Updates TRUSTe privacy analysts regularly update Authority Documents, Controls and
Templates based on changes in the regulatory landscape to keep your projects
current.
Intelligent Privacy Templates Our preloaded privacy templates let you immediately assess popular use cases.
Conditional logic and controls mapping let you ask the right questions the first time.
Customizable Content Library Upload your own Authority Documents and Controls and create assessment
templates tailored to your business needs.
Assessment Survey Engine Create, execute and review automated survey with point and click ease.
Compliance Review & Gap Analysis The intelligence built into our assessment templates allow us to streamline the
review process and highlight the gaps that require your attention.
Workflow Management The platform helps save the time required to identify and organize key people
across large organizations.
Collaboration & Reporting Tools Ensure that everyone in your company is working from the same page and sharing
the breadth of information gathered in the assessment process.
Automated Scheduling Save even more time by rescheduling an assessment to run on a future date so
that you are continually able to demonstrate compliance.
Centralized Repository All of your assessments can be easily accessed from a centralized repository for
quick access, business continuity, and ongoing reference.
Annually Licensed Modular Pricing Pay only for what you need knowing that you can quickly and easily add modules
and new users at any time.
SaaS Delivery Model Avoid hardware installation, software download and get anywhere, anytime
access. Always have the latest version and most current regulations, templates,
and controls.
Professional Services Team Have TRUSTe’s team of privacy consultants set up your program or engage them
for consultation taking advantage of more than 17 years of experience.
ABOUT TRUSTeTRUSTe is the leading global Data Privacy Management (DPM) company
and powers trust in the data economy by enabling businesses to safely
collect and use customer data across their customer, employee, and
vendor channels. Our SaaS–based DPM Platform gives users control over
all phases of data privacy management from conducting assessments and
implementing compliance controls to managing ongoing monitoring. Our
DPM Services are delivered by an expert team of privacy professionals
and include the globally recognized Certified Privacy Seal. Thousands of
companies worldwide rely on TRUSTe to minimize compliance risk and
protect their brand. For more information, please visit www.truste.com.