To alleviate the challenges mentioned above, PrivacyOps requires a system-of-record, a system-of-knowledge, a system-of-engagement, and a system-of-automation to bring all vendors together in one place to communicate privacy needs and complete assessments with one platform. It provides the following capabilities:
System of Record maintains assessments completed by all vendors in the vendor assessment dashboard. It also keeps a detailed track of all new, existing, and retired vendors, including documents, contracts, and evidence of evaluation & vulnerability agreements for data protection.
System of Knowledge provides a collection of updated global regulations templates like GDPR, CCPA, LGPD, etc., along with ready-made and custom assessment templates, curated especially by the organization to meet their vendors’ needs accordingly.
System of Engagement and Collaboration provides automated support regarding data-collecting assessments and enables organizations to meet and communicate with various vendors on a single, highly-secured platform. Organizations can use vendor Explorer to locate vendors and request an assessment of their privacy ratings. The system automatically generates comprehensive reports through a workflow, which the team can audit on-site for input, review, and approval processes.
System of Automation and Insights enables the organization to establish and keep momentum by generating timely reminders for the vendors to complete and update assessments and follow the periodic vendor assessment requirements under several privacy regulations. It also allows the organization to create a structured follow-up for all their vendors to formulate their responses according to multiple regulations efficiently. In this automation system, organizations can analyze the risk of vendors both in terms of their likelihood and the severity of the consequences should they occur. Risks in vendor assessments can be triggered by conditional logic or a heat map in the assessment process. Organizations can also use the risk panel to view risks flagged by vendor responses quickly. Furthermore, the business can launch automated campaigns via the web console for internal discussions with just a few clicks for one or hundreds of vendors.
For a detailed understanding of types of assessments and how it works in PrivacyOps, please refer to the Assessment Module No.5.