Description
High profile security breaches involving sensitive data have created intense publicity and significant regulatory action against those responsible. We have knowledge and experience in helping clients assess and manage the risk being faced. Our experience covers issues faced by organisations including understanding where their sensitive information is, performing detailed security assessments, reviewing third parties and understanding the regulatory environment. This enables us to design comprehensive people, process and technology control frameworks to reduce the risk.
Business drivers
- Compliance – demonstrate compliance with industry attestations and regulations, e.g. PCI DSS, European Directive …
- Client expectations – demonstrate to clients that their sensitive information is being managed effectively
- A strong privacy aware culture is now being seen as a competitive advantage, through gaining customer trust
- Revenue protection – safeguarding profits through the protection of sensitive information e.g. Intellectual property
Services
- Risk assessment – helping clients quantify the risk of information leakage
- Defining remediation plans – covering people, process and technology
- Implementation – full range of support for implementation activities including: project management; business process design and technology deployment
- Privacy program
- Breach response reviews
- Third party privacy reviews