ProvePrivacy Logo | Blue Green

Back to home

Data Management

Our platform allows your organisation to demonstrate that it has the technical and organisational measures and reporting to support processes and meet international certification standards for data protection, with your ROPA directly connected to a live information asset register.

Data Controls | ProvePrivacy

Technical & Organisational Measures

Being able to evidence how an organisation is ensuring data protection through technical and organisational measures is a key element of meeting the requirements of article 30. 

ProvePrivacy uses published standards as the basis to evidence that controls are in place and are evidenced.

Regardless of which standard you use or even if you choose not to obtain a certification, ProvePrivacy allows you to establish the scope of your programme, plan for implementation and provide evidence to support controls.

ISO/IEC 27001 is a comprehensive international standard for  information management, covering people, policies and technologies. It offers a security framework for risk management, cyber resilience and operational excellence, making it a great foundation for your data protection controls.

With ProvePrivacy, you can achieve your goals and manage privacy information in accordance with ISO 27701. This standard expands upon 27001 and focuses on privacy management. ProvePrivacy supports the majority of controls outlined in the standard, making compliance easier.

NIST 2.0 presents a set of standards to build a cyber risk management programme on.  It is a valuable resource which will enhance your cybersecurity resilience and help your teams adapt to emerging threats.  It is designed to be adaptable for all sectors, regardless of size or maturity.

Used widely in the Public Sector, the Cyber Assessment Framework (CAF) was developed by the National Cyber Security Centre (NCSC).  The framework provides a way of assessing the cyber risks to essential functions, looking at how these are managed,

Reporting | ProvePrivacy

Reporting & Support

Reporting provides you with the ability to demonstrate compliance; reporting covers areas such as risk management, breach reporting and data subject rights.

We also have a network of partners that specialise in areas such as data protection and cyber security should you need additional support.

Reporting covers risk management, action planning, staff awareness, policy completion, breach reporting and data subject rights.  If there are any additional reports you require these can be developed by submitting a Feature Request.

ProvePrivacy is supported by our partner network of data protection professionals, cyber security experts and consultant DPOs.  If you are struggling to determine the best course of action you can complete a help request and we can provide the advice and support you need.

Information Assets | ProvePrivacy

Information Asset Register

The Information Asset Register is linked to the ROPA to show all of the assets which are used as part of your processing activities. It will allow you to understand the risks associated with each asset whist it is in use, and whilst the data is in retention.

Further development on our roadmap will enable further detail to be captured to support business continuity and service availability.

A data retention schedule is included that allows your data champions to select the document type which, in turn will automatically assign the relevant retention period. 

The Information Asset Register will allow for all assets to be understood and if deemed critical, the business continuity characteristics can be recorded to help you define your approach.

Testimonials

What our clients say

Scroll to Top

Contact us

If you would like to ask more questions or to arrange training, complete the form below and we will respond shortly.

See our Privacy Statement for more details.

Get expert tips and business insights