Your team is to write a report that proposes appropriate policies for the Charity in the following areas:
- Conduct a risk assessment for the Charity’s data. Consider the data and information that Charity holds on its clients in its current system.
- Establish the existing threats and risks to the security of that data and information contained in the in house database.
- Are there any other risks and threats to the client data after migration to an SaaS application?
- Assess the resulting severity of risk and threat to client data.
What are the threats and risks to the digital identities of the Charity’s clients from the move to a SaaS database?
Develop a Privacy strategy proposal for the Charity. The strategy should include the following items:
- Management of personal information,
- Collection and management of solicited personal information,
- Use and disclosure of personal information,
- Use and security of digital identities,
- Security of personal information,
- Access to personal information,
- Quality and correction of personal information.
Develop a personal data protection strategy proposal for the Charity. This strategy should include:
Protection of personal information,
Authorised access & disclosure of personal information,
De-identification of personal data,
Use of personal digital identities,
Security of personal data,
Archiving of personal data.