Privacy Governance: ROPAs are the New Normal

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

Privacy Governance: ROPAs are the New Normal

 A key component of privacy governance is assessments. While Records of Processing Assessments (ROPAs) do not assess risk per se, they do assess the who, what, why, where, and how of information processing. Analyzing the results against internal policy, processes, and regulatory requirements to determine potential areas of risk is critical.

—Tara Jones, Senior Manager Global Data Privacy Compliance & Governance, Yahoo

We recently met with Tara’s colleague, Yahoo AGC, Katie Pimentel. Katie spoke compellingly about the benefits of adopting the NIST Privacy Framework as an effective vehicle for implementing data privacy governance and the value of ROPAs as an internal risk assessment tool.

But the framework is only part of the story. Successful implementation requires socialization, training, and teaming across the organization to enable the accurate collection of ROPA data

Read more

Explore the site

More from the blog

Latest News