TRUSTe Assessment Manager

CONTACT US US: 888.878.7830 www.truste.com | EU: +44 (0) 203 078 6495 www.truste.eu

Powering Privacy Compliance and Trust

Learn More:truste.com

TRUSTe Assessment Manager

ASSESSMENT AUTOMATION FOR THE ENTERPRISE

Imagine you’re the captain of large ship moving at full

speed, approaching unchartered waters. Do you slow

down? Should you change course? Can you call for

help? Or do you simply close your eyes and hope for the

best? When it comes to your company, addressing data

privacy risks presents a similar challenge. Slowing the

company down is not an option and hope is not enough.

Teams tasked with managing privacy need to quickly

identify potential issues, assess the risk, and implement

controls to steer clear of unneeded exposure. While

privacy professionals have adopted the Privacy

Assessment and standardized a methodology for

approaching these challenges; objectives, scope,

resources and practices can vary greatly.

Some companies will conduct hundreds, even thousands of smaller privacy assessments while others do

fewer taking on a larger, programmatic approach. Whether a single Privacy Assessment takes a few days

or lasts several months, privacy teams on whole are spending thousands of hours each year assessing

privacy risk. And yet, in the end they are all too often left feeling exposed to risk.

Many teams lack the people and tools needed to efficiently and effectively manage privacy, while keeping

pace with business change. Consequently when speed and quality cannot be compromised, outsourcing

a privacy assessment is the often only option left. But outsourcing can be expensive. A better approach

is to increase the capabilities of internal teams allowing their institutional knowledge and decision making

to guide you through the assessment process. When greater capability is needed but headcount is fixed,

technology can be used to increase both output and quality.

PRIVACY ASSESSMENT AUTOMATIONTRUSTe Assessment Manager was developed from the ground up as a highly automated solution for

privacy assessments. Assessment Manager takes you through the end–to–end assessment process,

guiding the user each step along the way and following the same assessment methodology used by

TRUSTe consultants and analysts.

Each step of the process is powered by privacy technology and insight developed by the TRUSTe

team in delivering industry leading assessments and certifications. The data you collect is instantly

coupled with the knowledge TRUSTe provides to streamline each assessment, allowing any member of

your team to create a privacy assessment that may otherwise require considerable hours or expensive

external expertise.

By automating your privacy assessment you can save countless hours needed for each assessment. The

cost benefit in each assessment is important. But equally important is your ability to assess more with

the same set of internal resources. Moreover, you’ll be able to react quicker to business needs and ensure

that data privacy management can keep pace with the fast pace of change.

Privacy Assessments are a top priority for global enterprises and require a major investment of time and money.

— TRUSTe 2015

Privacy Assessment

Benchmarking Report

2




PRIVACY ASSESSMENT PROCESS

1. COMPLIANCE REQUIREMENTS DEFINITION

Assessment Manager comes with a set of Authority Documents—the guiding laws and regulations that dictate what’s

needed for privacy compliance. TRUSTe analysts have reviewed each document to determine the precise set of

recommended Controls you need to have in place to ensure compliance. Authority Documents and Controls are regularly

updated so that you are always up to date.

2. AUDITING OF DATA COLLECTION PRACTICES

Assessment Manager comes with a streamlined survey engine, preloaded with privacy templates that let you immediately

assess popular use cases. Yes/No, multiple choice, open–field and conditional logic questions are mapped to the set of

Privacy Controls recommended for each Authority Document.. Survey questions are easily reassigned to others and periodic

reminders can be triggered when a response is delayed. You can also create custom templates and load your own policies

into your library. Rest assured –– any uploaded content will only be viewable by you.

Assessment Manager comes with pre-

configured survey templates for a wide array

of privacy use cases.

Templates are built with an “Intelligence”

that lets you automatically apply information

across multiple assessments.

The automation capabilities within

Assessment Manager can greatly

reduce the time and effort needed

to conduct an end-to-end privacy

assessment, helping you keep pace

with the ever-changing business,

legal and regulatory landscape.

1. Define Compliance Requirements

2. Audit Data Management Practices

3. Conduct Compliance Reviews 4. Identify Gaps / Risks

5. Implement Program Changes

3




3. CONDUCT COMPLIANCE REVIEWS

Once your data is collected, Assessment Manager will conduct a detailed compliance review. Survey responses are matched

against desired results so that you can quickly see how your practices map against regulations and industry best practices.

Because Assessment Manager uses a Stored Data Discovery architecture, Authority Documents are seamlessly mapped

to controls, which are then compared against your results. Consequently, Privacy Controls can be shared across multiple

Authority Documents.

4. IDENTIFY GAPS & RISKS

You will receive a summary report of all data analyzed. Compliant findings will be segregated from non–compliant responses

eliminating the time required for sorting. Areas of privacy risk are flagged and you get detailed recommendations for

remediation. Members of the privacy team can then evaluate the potential risk and see Controls and Authority Documents

of concern.

5. IMPLEMENT PROGRAM CHANGES

As gaps and risks are identified, Assessment Manager enables multiple options for addressing each finding. From the

findings report, open items can quickly be sent on for further inquiry. Exceptions can be documented, and program changes

can be logged. An assessment can have a single or multiple approvers, and once an assessment is complete, it is easily

shared with others or stored in the repository. An assessment can be re–run ad hoc or on a scheduled future date.

Assessment Manager guides you through

each step of the assessment process.

Get a detailed summary report showing

where you’re compliant, where you’re not,

and recommendations on how to address

any potential issues.

4




Features DescriptionEnterprise Dashboard Get an at–a–glance view of all of your privacy projects along with the notices and

activities that matter most.

Privacy Controls Library A prepopulated privacy controls library will save you countless hours of

researching laws and regulations and determining the full set of activities needed

for compliance.

Regulatory Updates TRUSTe privacy analysts regularly update Authority Documents, Controls and

Templates based on changes in the regulatory landscape to keep your projects

current.

Intelligent Privacy Templates Our preloaded privacy templates let you immediately assess popular use cases.

Conditional logic and controls mapping let you ask the right questions the first time.

Customizable Content Library Upload your own Authority Documents and Controls and create assessment

templates tailored to your business needs.

Assessment Survey Engine Create, execute and review automated survey with point and click ease.

Compliance Review & Gap Analysis The intelligence built into our assessment templates allow us to streamline the

review process and highlight the gaps that require your attention.

Workflow Management The platform helps save the time required to identify and organize key people

across large organizations.

Collaboration & Reporting Tools Ensure that everyone in your company is working from the same page and sharing

the breadth of information gathered in the assessment process.

Automated Scheduling Save even more time by rescheduling an assessment to run on a future date so

that you are continually able to demonstrate compliance.

Centralized Repository All of your assessments can be easily accessed from a centralized repository for

quick access, business continuity, and ongoing reference.

Annually Licensed Modular Pricing Pay only for what you need knowing that you can quickly and easily add modules

and new users at any time.

SaaS Delivery Model Avoid hardware installation, software download and get anywhere, anytime

access. Always have the latest version and most current regulations, templates,

and controls.

Professional Services Team Have TRUSTe’s team of privacy consultants set up your program or engage them

for consultation taking advantage of more than 17 years of experience.

ABOUT TRUSTeTRUSTe is the leading global Data Privacy Management (DPM) company

and powers trust in the data economy by enabling businesses to safely

collect and use customer data across their customer, employee, and

vendor channels. Our SaaS–based DPM Platform gives users control over

all phases of data privacy management from conducting assessments and

implementing compliance controls to managing ongoing monitoring. Our

DPM Services are delivered by an expert team of privacy professionals

and include the globally recognized Certified Privacy Seal. Thousands of

companies worldwide rely on TRUSTe to minimize compliance risk and

protect their brand. For more information, please visit www.truste.com.

TRUSTe Assessment Manager

Technology

Transcript of TRUSTe Assessment Manager