60 likes | 74 Views
The Data Risk Management Framework (DRMF) is an open-source framework that provides organizations with accurate insights into data risk management capabilities. This framework offers a structured and strategic approach to efficiently managing data risks across governance, operational, and technical initiatives. It helps organizations prioritize efforts, align security programs with organizational guidance, and maximize the value of existing security solutions.
E N D
Data Risk Management Framework • Agenda Objectives Overview Practical Examples Q & A Artifact Review
Data Risk Management Framework • Introduction • The Data Risk Management Framework (DRMF) is a an open-source framework designed to provide organizations accurate line of sight into data risk management capabilities. • It is not a compliance framework. What • The DRMF uses a structured and strategic approach the maps efficiencies across governance, operational and technical initiatives. • The framework deconstructs data risk management into logical control areas and supporting sub-controls. How • This offering fulfills an underserved need for organizations. • Organizations are failing to holistically address data security needs. • Data is the currency of modern business. Why
Data Risk Management Framework • Framework Overview Governance Providing the Ground Rules Protection Execution of Governance Requirements Data Risk ManagementFramework Visibility Informed Decision Making
DRMF – Key Drivers Industry Drivers Benefits • Current approaches to managing data risk aren’t working – they’re siloed, industry-specific, and not comprehensive. • Organizations are focusing on compliance, and they don’t know how to achieve true data risk resilience. • Organizations spend most of their time and resources on infrastructure and threat protection, not data security. • The DRMF can help organizations prioritize efforts and maximize the value of their existing portfolio of security solutions (as well as guide procurement for new tools). • Strategic approach versus fire fighting and tool buying. • Root cause analysis of organizational gaps. • A logical method for aligning security programs with organizational guidance. • Intelligent use of resources. • Outputs that are understood by business and security leadership.