Data Governance Framework.

Overview 

BSS worked with the UK branch of a major international bank which had undergone an audit with findings around data governance and privacy. BSS were engaged to define a framework of data governance strategy, policy, procedures and responsibilities. Additionally, BSS captured and created high level data flows for the entire organisation.

The Solution

This work enhanced data protection through-out the organisation in several ways

 

Established clear data ownership and accountability:

The new data governance framework clearly defines who owns and is responsible for different types of data within an organisation. This helped to ensure that data is managed in a consistent and compliant manner; and that there is a clear accountability structure for data breaches or other privacy incidents.

 

Defined data access controls:

The new data governance framework outlined processes for granting access to data; ensuring that only authorized personnel can access sensitive information; This included defining access levels implementating  role based access controls; and requiring approval for access to certain data sets.

 

Defined data retention and disposal policies:

The new data governance framework established policies for how long data is retained and how it is securely disposed of when no longer needed. This helped to minimize the risk of data breaches and comply with data privacy regulations.

 

Supported Data integrity and security:

The new data governance framework implemented measures to protect data from unauthorized access modification or destruction; This included implementing physical and technical security controls; such as encryption, firewalls and access control lists.

 

Provided for data breach reporting and remediation: 

The new data governance framework outlined the procedures for identifying, reporting and remediating data breaches. This included establishing clear escalation procedures, notifying affected individuals and regulatory authorities, and taking corrective actions to prevent future breaches.

 

Supported the role of the Data Protection Officer (DPO) :

The new data governance framework provided the DPO with the necessary resources and authority to oversee data protection compliance within the organization. This includes conducting data protection audits, providing training and awareness to employees and advising on data protection impact assessments.

 

The Outcomes

Through this engagement the organisation strengthened their data governance practices, enhance data protection and reduce the risk of data breaches and other privacy incidents.

BSS
Tel: 020 7936 8999   info@bss.uk.com

 

 

 

 

 

Looking for more?

Contact us
About us

What we think

All posts
  • Meet the team: Scott Brayshaw, senior consultant at BSS
  • Meet the Team: John Madelin, BSS advisory board
  • Meet the Team: Chris Meehan, BSS advisory board