Aunt Bette's Homemade Pecan Pie |
Rockin’ Rocky Road Ice Cream |
Tom’s Heavenly Apple Strudel |
Joe’s Divine Butter Tarts |
Which statement better describes the current state of the Privacy Information Management System (PIMS) in terms of the context, scope and leadership support?
There is no or minimal review of the organisation’s role as a PII Controller and/or PII Processor and determining the internal and external factors that could impact the PIMS outcomes.
The organisation understands its role as a PII Controller and/or PII Processor and has determined the applicable privacy regulations or contractual requirements.
There has been a formalised review of the internal and external factors that could impact the PIMS outcomes. The review was conducted through a close collaboration amongst key stakeholders of PIMS and has considered the interested party requirements.
The organisation’s Information Security and privacy context has been formally established. The PIMS scope has considered the organisation’s context, and there are established criteria to monitor and measure the scope’s effectiveness and relevance to the organisation’s context.
The organisation’s Information Security and privacy context has been formally established. The PIMS scope has considered the organisation’s context, and there are established criteria to monitor and measure the scope’s effectiveness and relevance to the organisation’s context. The management team regularly reviews the organisation’s context and the PIMS scope (Total Quality Management).
Evidence
-