The assessment dashboard shows an organization’s overall data privacy posture in a single window.
An organization can initiate assessments by picking a predefined template from multiple compliance categories or use their custom assessment template from CSV files
An assessment consists of sets of questions divided into sections that address different aspects of compliance requirements. An assessment may manage compliance relative to a specific set of regulations such as GDPR or CCPA or apply to multiple regulation sets. The figure below shows a typical assessment question. An Assessment template has conditional risk, ratings, skip and recommendation logic.
Organizations can add or remove owners to any assessment for which they are already an owner. Organizations can invite stakeholders to complete sections within the assessment by assigning questions to them. They can also add collaborators to the assessment who do not have accounts by sending them email invites.
Stakeholders respond to questions through an intuitive, collaborative interface. Stakeholders can also invite other team members or external experts to contribute to and review responses. PrivacyOps platform also provides a messaging channel where the collaborators and owner of an assessment can communicate.
Track progress and gaps in real-time. Based on the assessment results, PrivacyOps assign aRating, Risk Score, or a Progress percentage that shows the organization at a glance the level of regulatory compliance reflected by the assessment.
For assessments, organizations can express the risk both in terms of its likelihood and the severity of the consequences should it occur. Risks (risk description and risk recommendations) may be triggered by conditional logic or can be added manually.
Formal review workflow ensures that assessment owners verify responses before they are published within the organization or shared externally.
After finalizing, the organizations can publish the assessments with one click to see the final recommendations and share them internally and externally. Also, organizations can maintain complete control over versions and retain the ability to redact assessments from one or all customers.