As more services gather more data about individuals in the course of doing business, concern grows about the problems that could arise in processing that data if it is not protected properly. Improper protection impacts the organization because the organization is responsible for securely collecting and storing the data. While good cybersecurity practices help manage privacy risks by protecting people’s information, privacy risks can also arise from how you collect, store, use, and share this information to meet your mission or business objectives, as well as how individuals interact with your products and services.
NIST (National Institute of Standards and Technology) believes that organizations would be better able to address the full scope of privacy risk with tools that support better implementation of privacy protections. NIST has created the NIST Privacy Framework to help your organization identify your current privacy posture and your desired outcome. Using this framework, you can identify the gaps and develop action plans.
The RSA Archer NIST-Aligned Privacy Framework release 6.8 app-pack, which includes the NIST Cybersecurity Framework and utilizes the same methodology, allows you to assess both privacy and cybersecurity practices within your organization.
- Create a Current Profile that indicates which privacy implementation tier is being achieved
- Identify a Target Profile that describes the organization's desired privacy implementation tier
- Conduct a Privacy Risk Assessment against Core activities in the NIST Privacy Framework
- Analyze the Current Profile against the Target Profile to determine gaps
- Implement an Action Plan to address privacy gaps
- Conduct an assessment against the NIST Cybersecurity Framework
Benefits of the RSA Archer NIST-Aligned Privacy Framework app-pack include:
- An enhanced privacy foundation built by bringing privacy risk into parity with broader enterprise risk portfolio
- Improved protection of individual privacy and resiliency of critical infrastructure
- Reinforcement of privacy risk management through a common language and consistent process for communicating requirements and progress
- Ability to maintain compliance with regulatory requirements
Register and join us for a Free Friday Tech Huddle at 11:00 am Eastern Time on Friday, August 21 for a live demo. Free Friday Tech Huddles are only available to RSA Archer customers. If you are not yet a customer but you are interested in learning more, please contact your local representative or authorized reseller — or visit us at www.rsa.com.