Custom Writing Service-Are Privacy Impact Assessments (PIA) useful as a risk management tool?
Are Privacy Impact Assessments (PIA) useful as a risk management tool?
A client has asked your cybersecurity consulting firm to provide it with a white paper which discusses the usefulness of Privacy Impact Assessments (PIA) as a risk management tool. The purpose of this white paper is to inform attendees at an inter-agency workshop on writing Privacy Impact Assessments for their IT investments. PIA’s are required by the E-Government Act of 2002 and must be submitted to the Office of Management and Budget (OMB) each year by agencies as part of their E-Government Act compliance reports. OMB, in turn, forwards a summary of these reports to Congress as part of the administration’s E-Government Act Implementation Report. See the Week 1 readings for copies of the legislation and a recent implementation report.
Research how Privacy Impact Assessments are used by Chief Privacy Officers at the federal agency level and in the Executive Office of the President (Whitehouse) to manage risk by ensuring that personally identifiable information is handled in accordance with the requirements of federal law.
Find three or more additional sources which provide information about best practice recommendations for managing risks related to privacy and/or ensuring the privacy of information processed by or stored in an organization’s IT systems and databases. These additional sources can include analyst reports and/or news stories about recent attacks / threats, data breaches, cybercrime, cyber terrorism, etc. which impacted the privacy of individuals whose information was stored in federal IT systems and databases.
Write:
Write a two to three page summary of your research. At a minimum, your summary must include the following:
An introduction or overview of privacy which provides definitions and addresses the laws, regulations, and policies which require federal IT managers to protect the privacy of individuals whose information is processed or stored in federal IT systems. This introduction should be suitable for an executive audience.
A separate section which addresses the contents of Privacy Impact Assessments and how they are used to assess and monitor risks associated with personally identifiable information.
An analysis of whether or not privacy impact assessments provide useful information to Chief Privacy Officers, agency heads, OMB Staff, White House Staff, Congressional Committees and their staff members, and Members of Congress (Representatives & Senators).
A discussion of best practice recommendations for reducing risk by improving or ensuring the privacy of information processed by or stored in an organization’s IT systems and databases. These recommendations should be well supported by information from your research.
A closing section in which you summarize your research and your best practice recommendations.