Embed Privacy and Security Culture Within Your Organization

Drive employee engagement with privacy and security via governance and process integration.


Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.

Our employees don’t care about privacy and security and see them as burdens to their ability to do their jobs.

  • Without a custom approach to privacy and security and targeted privacy and security enablers for specific employee groups, employees will likely not understand the benefits of privacy and security and will view them as a nuisance.

Privacy-centric and security-aware organizations safeguard themselves by ensuring both privacy and security are the default as opposed to an afterthought.

  • Employees that are engaged with privacy and security increase the organization’s overarching privacy and security posture and create a repeatable, progressive culture of engagement.

Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Module 1: Determine Drivers and Engagement Objectives

The Purpose

  • Understand the current privacy and security landscape in the organization.

Key Benefits Achieved

  • Targeted set of drivers from both a privacy and security perspective

Activities: Outputs:
1.1 Discuss key drivers for a privacy and security engagement program.
  • Understanding of the role and requirements of privacy and security in the organization
1.2 Identify privacy requirements and objectives.
  • Privacy drivers and objectives
1.3 Identify security requirements and objectives.
  • Security drivers and objectives
1.4 Review the business context.
  • Privacy and security engagement program objectives

Module 2: Align Privacy and Security With the Business

The Purpose

  • Ensure that your privacy and security engagement program is positioned to obtain the buy-in it needs through business alignment.

Key Benefits Achieved

  • Direct mappings between a culture of privacy and security and the organization’s strategic and business objectives

Activities: Outputs:
2.1 Review the IT/InfoSec strategy with IT and the InfoSec team and map to business objectives.
2.2 Review the privacy program and privacy strategic direction with the Privacy/Legal/Compliance team and map to business objectives.
  • Privacy and security objectives mapped to business strategic goals
2.3 Define the four organizational groupings and map to the organization’s structure.
  • Mapped organizational structure to Info-Tech’s organizational groups
  • Framework for privacy and security engagement program
  • Initial mapping assessment within Privacy and Security Business Alignment Tool

Module 3: Map Privacy and Security Enablers to Organizational Groups

The Purpose

  • Make your engagement plan tactical with a set of enablers mapped to each of the organizational groups and privacy and security objectives.

Key Benefits Achieved

  • Measurable indicators through the use of targeted enablers that customize the organization’s approach to privacy and security culture

Activities: Outputs:
3.1 Define the privacy enablers.
3.2 Define the security enablers.
  • Completed Privacy and Security Engagement Charter.
3.3 Map the privacy and security enablers to organizational structure.
3.4 Revise and complete Privacy and Security Business Alignment Tool inputs.
  • Completed Privacy and Security Business Alignment Tool.

Module 4: Identify and Select KPIs and Metrics

The Purpose

  • Ensure that metrics are established to report on what the business wants to see and what security and privacy teams have planned for.

Key Benefits Achieved

  • End-to-end, comprehensive program that ensures continued employee engagement with privacy and security at all levels of the organization.

Activities: Outputs:
4.1 Segment KPIs and metrics based on categories or business, technical, and behavioral.
4.2 Select KPIs and metrics for tracking privacy and security engagement.
4.3 Assign ownership over KPI and metric tracking and monitoring.
  • KPIs and metrics identified at a business, technical, and behavioral level for employees for continued growth
4.4 Determine reporting cadence and monitoring.
  • Completed Privacy and Security Engagement Playbook
Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019