CompliancePoint utilizes a full life cycle approach when helping organizations solve for their privacy challenges. This approach is founded in our experience with enterprise risk management and starts with risk identification (Find), then focuses on risk mitigation (Fix) and finally on to long-term program management to maintain and improve an organization’s risk posture over time (Manage). Within each of these phases CompliancePoint has developed milestones that help break down your organization’s initiative into manageable chunks providing an end-to-end solution for your privacy needs.
The Find phase of a privacy engagement is intended to help an organization identify the risk associated with their applicable regulatory requirements. This includes an evaluation of current business goals and objectives, how the organization engages with the data subjects, and assessing the readiness of the organization’s governance, operation and technology.
The Fix stage of a privacy engagement is intended to help an organization mitigate the risk associated with the regulatory requirements and deficiencies identified. This includes control design using a Corrective Action Plan and solutioning for deficiencies identified during the initial assessment. Once solutioning has been completed, CompliancePoint can provide resources to assist with implementation of controls into the production environment. CompliancePoint resources audit the environment with production controls and exercise these controls to test their effectiveness.
The Manage stage of a privacy engagement is intended to help an organization maintain ongoing current risk posture and compliance with the identified regulations. Our consultants work hard to implement personal information management systems and information security management systems that will meet the ongoing privacy requirements. CompliancePoint utilizes its proprietary OnePoint™ portal technology which enables our customers to setup a centralized management program for maintaining compliance, defining control owners and dashboard reporting for management oversight. CompliancePoint works with our customers to design feedback loops into program management processes, ensuring continuous improvement for the program and mitigating risk over the long run.
By maintaining a knowledgeable presence in privacy, information security, and regulator interpretation in the courtroom, CompliancePoint is uniquely prepared to provide a holistic and comprehensive approach to privacy compliance differentiating us from our competitors.