Leveraging the NIST Privacy Framework to Achieve Effective Privacy Governance
We are seeing a parallel to what the financial and banking industry went through during the early years of Sarbanes Oxley (SOX) implementation. In the same way that we can no longer rely on self-regulation, we are no longer able to rely on disparate compliance mechanisms with little to no enforcement.
Whether your organization is just beginning its privacy journey or engaged in operationalizing privacy by design, establishing a framework within which to operate is vital. An ad hoc or loosely defined approach will often result in recurring errors, poorly aligned resources, excessive cost, and ultimately suboptimal outcomes that may put the organization at risk.
Many privacy professionals have come to see the parallels between the maturation process of the information security sector,