We’ve written a lot
on this blog about
AvePoint Privacy Impact Assessment system (APIA) and its ability to automate the process of conducting Privacy Impact Assessments (PIAs). However, APIA customers have quickly discovered that the very essence of the system is an extensible assessment framework that can be applied to many other areas of their business beyond just privacy. A prime example is the area of risk.
A steady increase in regulatory requirements as well as the ever-growing demand for transparency has forced businesses to increase the amount of resources they use to address risk and determine whether or not they have adequate controls in place to manage and mitigate any inadequacies. This leads to significant, often labor-intensive efforts to identify and manage risk across various aspects of a business.
[caption id="attachment_3424" align="alignnone" width="625"]
APIA mitigates the risk inherent with manual privacy impact assessments.[/caption]
Take
H3 Solutions as an example. A Microsoft Gold Certified Partner, H3 Solutions provides products and services for clients in both the public and private sectors, and are best known for
Mobile Entrée, which is an application that provides intuitive access to SharePoint content on mobile devices. Unique from its previous offerings, Mobile Entrée is a cloud-based solution, and as such, poses the challenge of needing to provide customers a level of assurance that the company is neither accessing nor collecting sensitive customer data when the service is implemented. Understanding this demand – as well as the prohibitive nature of trying to assess its cloud environment in a manual fashion – led H3 to implement APIA to assess and summarize privacy risk for its customers.
For H3 Solutions, APIA provides the necessary risk validation to its customers that their data is safe when using the cloud-based Mobile Entrée 365. The solution represents not only an automated, efficient means to conduct assessments, but one in which the risk of human error inherent in manual processes can be reduced across the board. To learn more about how H3 Solutions is using APIA, read our
case study.
Done properly, a risk assessment gives organizations a clear view of variables to which they may be exposed, whether internal or external, and at any point in the past, present, or future. A good assessment is centered on the organization’s defined risk appetite and tolerance, and provides a basis for determining risk responses. APIA provides a platform of automated questions and answers, robust workflow including reminders and alerts, and detailed stakeholder reporting – all the right ingredients for a successful assessment.
Beyond its ability to automate traditional PIAs, the possibility of extending APIA’s functionality to evaluate, assess, and report on risk, security, and vulnerability (among others) makes the solution incredibly valuable to organizations in all industries worldwide. To begin using the system today,
download APIA for free from our exclusive distributor the International Association of Privacy Professionals (IAPP).
For those at
Microsoft Worldwide Partner Conference 2014 this week, be sure to stop by and ask about APIA at booth 725!