Embed Privacy and Security Culture Within Your Organization
Drive employee engagement with privacy and security via governance and process integration.
Book This Workshop
Our employees don’t care about privacy and security and see them as burdens to their ability to do their jobs.
- Without a custom approach to privacy and security and targeted privacy and security enablers for specific employee groups, employees will likely not understand the benefits of privacy and security and will view them as a nuisance.
Privacy-centric and security-aware organizations safeguard themselves by ensuring both privacy and security are the default as opposed to an afterthought.
- Employees that are engaged with privacy and security increase the organization’s overarching privacy and security posture and create a repeatable, progressive culture of engagement.
Book Your Workshop
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.
Book NowModule 1: Determine Drivers and Engagement Objectives
The Purpose
- Understand the current privacy and security landscape in the organization.
Key Benefits Achieved
- Targeted set of drivers from both a privacy and security perspective
| Activities: | Outputs: | |
|---|---|---|
| 1.1 | Discuss key drivers for a privacy and security engagement program. |
|
| 1.2 | Identify privacy requirements and objectives. |
|
| 1.3 | Identify security requirements and objectives. |
|
| 1.4 | Review the business context. |
|
Module 2: Align Privacy and Security With the Business
The Purpose
- Ensure that your privacy and security engagement program is positioned to obtain the buy-in it needs through business alignment.
Key Benefits Achieved
- Direct mappings between a culture of privacy and security and the organization’s strategic and business objectives
| Activities: | Outputs: | |
|---|---|---|
| 2.1 | Review the IT/InfoSec strategy with IT and the InfoSec team and map to business objectives. |
|
| 2.2 | Review the privacy program and privacy strategic direction with the Privacy/Legal/Compliance team and map to business objectives. |
|
| 2.3 | Define the four organizational groupings and map to the organization’s structure. |
|
Module 3: Map Privacy and Security Enablers to Organizational Groups
The Purpose
- Make your engagement plan tactical with a set of enablers mapped to each of the organizational groups and privacy and security objectives.
Key Benefits Achieved
- Measurable indicators through the use of targeted enablers that customize the organization’s approach to privacy and security culture
| Activities: | Outputs: | |
|---|---|---|
| 3.1 | Define the privacy enablers. |
|
| 3.2 | Define the security enablers. |
|
| 3.3 | Map the privacy and security enablers to organizational structure. |
|
| 3.4 | Revise and complete Privacy and Security Business Alignment Tool inputs. |
|
Module 4: Identify and Select KPIs and Metrics
The Purpose
- Ensure that metrics are established to report on what the business wants to see and what security and privacy teams have planned for.
Key Benefits Achieved
- End-to-end, comprehensive program that ensures continued employee engagement with privacy and security at all levels of the organization.
| Activities: | Outputs: | |
|---|---|---|
| 4.1 | Segment KPIs and metrics based on categories or business, technical, and behavioral. |
|
| 4.2 | Select KPIs and metrics for tracking privacy and security engagement. |
|
| 4.3 | Assign ownership over KPI and metric tracking and monitoring. |
|
| 4.4 | Determine reporting cadence and monitoring. |
|