Designing, operating, and using technologies in a way that is mindful to diverse privacy needs for an increasingly connected and complex environment can be a challenge. Developing technologies like the Internet of Things and artificial intelligence continue to raise concerns regarding individual privacy as they are constantly collecting information regarding individual usage, demographics, etc. As individuals interact with these system, products, and services, they may not be completely aware of the potential consequences for their privacy. This type of impact can result in an impact to the organization as well as the individual. In some cases, the consequences could be on a larger scale and could have an impact on society. Whatever the consequence may be, it falls back on the organization to protect the individuals' privacy.
The National Institute of Standards and Technology (NIST) published a privacy framework, in collaboration with private and public sector stakeholders, to help organizations better identify, assess, manage, and communicate privacy risks, meanwhile fostering the development of innovative approaches to protecting individuals’ privacy and increasing trust in products and services. Maintaining good cybersecurity practices to protect people's information can help manage privacy risk but privacy events still occur through the collection, storage, and usage of the data.
With the RSA Archer NIST-Aligned Privacy Framework app-pack, you can utilize the NIST Privacy Framework to assess your implementation of privacy protections to determine your current and target privacy implementation posture. By understanding the gaps in your privacy implementations, you can prioritize and implement action plans to better protect your organization and the individuals' privacy.
The NIST Privacy Framework utilizes the same methodology and process as the NIST Cybersecurity Framework to evaluate an organization's implementation to assess cybersecurity practices. The NIST Privacy Framework contains Core Activities that overlap with the NIST Cybersecurity Framework. With RSA Archer NIST-Aligned Privacy Framework release 6.8, the offering has been combined with the RSA Archer NIST-Aligned Cybersecurity Framework to allow you to assess both privacy and cybersecurity practices within your organization. Check out the RSA Archer NIST-Aligned Cybersecurity Framework app-pack, to gain a better understanding of how this offering can augment your RSA Archer NIST-Aligned Privacy Framework implementation.
The RSA Archer NIST-Aligned Privacy Framework app-pack enables organizations to:
Create a Current Profile indicating which privacy implementation tier is being achieved
Identify a Target Profile that describes the organization's desired privacy implementation tier
Conduct a Privacy Risk Assessment against Core activities from NIST's Privacy Framework
Analyze the Current Profile against the Target Profile to determine gaps
Implement an Action Plan to address privacy gaps
Includes the ability to conduct an assessment against the NIST Cybersecurity Framework
Building a better privacy foundation by bringing privacy risk into parity with broader enterprise risk portfolio
Improve protection of individual privacy and resiliency of critical infrastructure
Reinforce privacy risk management through a common language and consistent process for communicating requirements and progress
Maintain compliance with regulatory requirements
There are no prerequisites for RSA Archer NIST-Aligned Privacy Framework. However, there are many available use cases to expand this offering with your implementation of RSA Archer. For more information, please check out the Implementation Guide.
Supported Platform Version
The RSA Archer NIST-Aligned Privacy Framework app-pack was developed for and validated on RSA Archer Platform release 6.8 and later.
RSA Archer On-Demand Application (ODA) Licenses
Three (3) RSA Archer On-Demand Application (ODA) licenses are required for RSA Archer NIST-Aligned Privacy Framework or;
One (1) RSA Archer On-Demand Application (ODA) licenses is required if the RSA Archer NIST-Aligned Cybersecurity Framework is already implemented.
For More Information
To learn more about the RSA Archer NIST-Aligned Privacy Framework app-pack:
To learn more about this offering, please contact your Account Rep for additional details. For technical support questions regarding this offering, please open a support case or contact RSA Archer at firstname.lastname@example.org for more information.