Strategic Management Flashcards

1
Q

3 sub tasks of strategic managment

A
  1. Create organizational privacy vision and mission statement
  2. Develop privacy strategy
  3. Structure privacy team
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

I. Privacy vision and mission statement

A
  1. Develop vision and mission statement objectives
  2. Define privacy program scope -laws, data impacted
  3. ID legal, regulatory compliance challenges, domestic and global; inventory of PI and uses
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Privacy models

A
  1. Sectoral (US)
  2. Comprehensive (EU, Canada)
  3. Co-regulatory (Australia)
  4. Self-regulatory (US, Japan, Singapore
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Questions to determine privacy legal requirements

A
  1. Who collects, uses, maintains PI?
  2. What types of PI and what legal requirements apply?
  3. Where is data stored?
  4. When is data collected, how and why?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

6 key questions about laws

A
  1. Who is covered by laws?
  2. What type of PI is covered?
  3. What is required, prohibited?
  4. Who enforces?
  5. Sanctions?
  6. Why does the law exist?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

II. Develop privacy strategy

A
  1. ID stakeholders and internal partnerships, build consensus in mgt
  2. Leverage key functions (buy-in)
  3. Create process for interfacing within the organisation
  4. Develop data governance strategy (collection, authorised use, access, security, destruction; survey of laws; rationalise requirements)
  5. Privacy workshops for stakeholders
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Privacy program activities (key functions)

A
  1. adoption of privacy program and procedures
  2. development of privacy training and communications
  3. deployment of privacy and security enhancing controls
  4. contracting with management of 3Ps
  5. assessment of compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

III. Structure privacy team

A
  1. governance: where lodged, IT or legal?
  2. establish organisational model, responsibility, reporting structure
  3. executive privacy team: CSO, CRO, CLO, CIO, BC exec, mkting exec, rep of business
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Governance models

A
  1. Centralized (CPO) - efficient, direction flows from single source
  2. Local (decentralised) - less efficient, flat organigram, less rigid policies
  3. Hybrid (MNCs) - CPO for policies and regional compliance hubs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly