OneTrust unveils its impact analysis model based on the CNIL’s PIA methodology: Order your free tool today
June 2020 by Marc Jacob
OneTrust to announce the completion of the OneTrust impact analysis model, now fully aligned with the CNIL’s PIA methodology.
Indeed, the complexity related to impact assessments begins upstream of the exercise, by identifying the processing that requires a PIA to be carried out. Once the process has been initiated, it is necessary to be able to support the business manager in carrying out this assessment, to involve various stakeholders inside or outside the organization, to centralize all these exchanges, to identify the measures to be put in place to secure the data and the action plan to bring the processing into compliance with the principles of the GDPR... A long and complex exercise. OneTrust offers you a PIA model based on the CNIL’s methodology, which will enable you to simplify this exercise thanks to the combination of high-performance technology, automation and exceptional legal content.
Features:
Integration of CNIL’s PIA methodology
• Context analysis
• Analysis of compliance with the fundamental principles of GDPR
• Compliance Action Plan
• Risk analysis according to the EBIOS method
• Inherent and residual risk
• Monitoring of risk treatment
• Automatic update of processing records and data mapping
Athena supports you in the analysis and follow-up process
• Preliminary analysis and automatic PIA generation
• Automatic identification of compliance deviations
• Automatic suggestion of action plans
• Integrated library of ISO 27001 & 27701 measurements and controls
• Automatic generation of in-depth evaluations
• Periodic review automatically generated according to the risk level of a processing activity
Ease of use
• Mobilization of internal and external stakeholders
• Centralized communications
• Generation of user notifications
• Simple formulations for GDPR beginners
• Advice and help with completion
Exceptional methodological and legal content
• Based on CNIL’s PIA guidelines
• Integrated GDPR & Loi Informatique et Liberté requirements
• CEPD integrated guidelines
• Integration of CNIL knowledge bases
• Integrated library of ISO 27001 & 27701 measurements and controls
• Content updated monthly to take into account French and international regulatory developments