Know exactly where your personal data resides
Preparing for the EU GPDR will require an extensive audit of your organisation’s data flows, including the type of data being held, where the data resides, who ‘owns’ the data, who has access to the data, and with whom the data is shared.
Keep track of your sensitive data with a data flow audit
A data flow audit pinpoints all of the locations where personal data is being hosted – both within and outside your organisation – and where that data flows to and from. By conducting a data flow audit, you will be able to:
• Gain visibility of your data flows;
• Have better insights for developing effective strategies to protect personal data;
• Improve efficiencies related to processes, systems and controls;
• Improve data lifecycle management;
• Better classify your data;
• Identify areas for contractual updates with third-party providers;
• Reduce privacy-related risks and associated data breaches.
A data flow audit delivers the following:
• A data inventory and data flow map of your company’s personal data, which will plot data in all of its forms, origins, paths, exit points and storage locations;
• An indication of where personal data exists in your network infrastructure and devices, servers, endpoints and protocols, and all data exit points (including firewalls, printers and endpoints where sensitive information can be copied to portable media);
• An indication of where data flows exit and transit through and beyond your organisation;
• An overview of where personal data is originated, where it is altered and where it is destroyed.