We have refined a methodology which has delivered consistently high-quality outcomes across a range of organisations and business sectors. This is a five-step process that is a systematic approach to identifying and documenting processes in your organisation.
This interactive guide will step you through the process.
The NSW MNDB Scheme requires agencies to maintain a public facing notification register, published on the agency’s website, for any public data breach notifications that the agency has issued.
We have developed a template notification register that can be customised to suit your agency.
The NSW MNDB Scheme requires agencies to maintain an internal data breach incident register, which is not public-facing, and acts as a record for the agency’s data breaches over time.
We have developed a template incident register that can be customised to suit your agency. This template can also be used to record privacy incidents or ‘near misses’.
This research report by elevenM looks at how Australian organisations are approaching the challenge or AI and data ethics.
Building a privacy impact assessment toolbox is an interactive resource that will step you through the four steps of a PIA and provide you with key tools to support you in this process.
The second of four steps of a PIA is information gathering. This information gathering covers organisational policy and process documents (such as privacy policies and collection notices), interviewing people involved in the project, and observing or assessing physical processes (when relevant).
We have developed a ‘Information gathering checklist’ template to help get you started, and which you can customise to your organisation.
The final step of a PIA is to mitigate the identified risks and record approval of actions against these risks. This process needs to have specific, pragmatic actions, so everyone is clear what needs to be done to reduce or remove a risk.
We have developed a template ‘PIA register’ to help get you started, and which you can customise to your organisation.
Developing a privacy heatmap is about using process data to proactively identify and strategically target those business areas that need more attention.