secrets to success! accountability in global organizationssecrets to success! accountability in...
TRANSCRIPT
![Page 1: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/1.jpg)
![Page 2: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/2.jpg)
Secrets to Success! Accountability in Global
Organizations
Marisa Rogers & Jenifer Garone, Microsoft
Ruby Zefo, Intel
![Page 3: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/3.jpg)
AGENDA
• Accountability at the top
• Accountability across the business
• Assessments & Reporting
• Gaining Buy-In for Resources
• Remediation & Incident Response
![Page 4: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/4.jpg)
PRIVACY ACCOUNTABILITY FROM THE TOP
• Tone from the top
• Privacy ≠ Security.
vs.
![Page 5: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/5.jpg)
PRIVACY ACCOUNTABILITY ACROSS THE BUSINESS
• Policies, Tools & Training
vs.
![Page 6: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/6.jpg)
Services
Engineering Groups
HR, Finance,
Legal IT
Sales &
Marketing
The “hub,” Trustworthy Computing, is responsible for:
•Policies, Standards & Procedures (PSPs) •Training •Tools •Reporting •Capacity •Comms
The “spokes” are responsible for implementation and compliance with PSPs.
PRIVACY ACCOUNTABILITY AT MICROSOFT
TwC Privacy
Microsoft governs its privacy program using the “hub & spoke” model, with the corporate privacy team and Privacy Managers, Leads, & Champs in the organizations across the company.
![Page 7: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/7.jpg)
BRINGING A MATRIXED ORGANIZATION TOGETHER
Engineering Groups
Business Groups
Corporate Functions
Privacy Managers
Privacy Leads
Privacy Champs
Services
Engineering Groups
HR, Finance,
Legal IT
Sales &
Marketing
TwC Privacy
![Page 8: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/8.jpg)
BRINGING A MATRIXED ORGANIZATION TOGETHER
Engineering Groups
Business Groups
Corporate Functions
Privacy Managers
Privacy Leads
Privacy Champs
TwC Privacy
Privacy Managers
Privacy Leads
Privacy Champs
Privacy Managers
Privacy Leads
Privacy Champs
Privacy Steering Committee
Privacy Councils (e.g. marketing, advertising, enterprise, vendor)
Privacy Committees (e.g. training, career development, controls)
![Page 9: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/9.jpg)
PRIVACY ROLES
Requirements
•Review
•Approve
•Attest
•Consult
•Validation
Testing
•Test Plans
•UAT
Go/No Go
•Attend
•Vote
Deployment
•Review
•Approve
•Certify
•Consult
•Validation
Business Privacy Manager
Requirements
•Consultation
•Validation
Risk Mitigation
•Consultation
Deployment
•Approve
•Attest
Operate&Maintain
•Consultation
•Validation
•Risk Assessments
•SLT Reporting
•Contract Reviews
•Exceptions
•Policies&Standards
Issue Resolution
•Consultation
•Validation
•Escalations
MSIT Privacy Manager
Requirements
•Consultation
•Exceptions
•Policies&Standards
•Act as Business Privacy manager when gap exists
•MSIT and Business Privacy jointly approach TwC for guidance
Risk Mitigation
•Consultation
Deployment
•Consultation
•PERFs
Operate&Maintain
•Consultation
•Exceptions
•Policies&Standards
Issue Resolution
•Consultation
•Validation
•Escalations
•MSIT and Business Privacy jointly approach TwC for guidance
TwC Privacy
Scenario: Business is working with
MSIT SBU to create, design, deliver
applications & tools.
![Page 10: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/10.jpg)
PRIVACY TOOLS
PAM – PAGO review tool
IMS – Incident & Inquiry management tool
Contacts Tool – Coverage report by org
PrivPub
EGRC – Archer
Streamlined Risk Assessment (SRA)
![Page 11: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/11.jpg)
HOW DO I HANDLE AN EXCEPTION
REQUEST?
PRIVACY TOOLS
![Page 12: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/12.jpg)
QUIZ - TONE AT THE TOP
“If you have something that you don’t want anyone to know
maybe you shouldn’t be
doing it in the first place.”
“You have zero privacy anyway.
Get over it.”
“In reality, we wouldn't share your information in a way you wouldn't want ... The trust you place in
us as a safe place to share information is the most important part of what makes this work.”
![Page 13: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/13.jpg)
ASSESSMENTS/METRICS REPORTING
Everyone can do some metrics! Yes, you.
![Page 14: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/14.jpg)
EXAMPLE ASSESSMENT: PRIVACY ACCOUNTABILITY
Key: Green = Completed; Yellow = In Process; Red = At Risk
![Page 15: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/15.jpg)
EXAMPLE PRIVACY MATURITY ASSESSMENT
Pri
va
cy
Po
lic
ies
A
cc
ou
nta
bilit
y
Ide
nti
fy a
nd
Cla
ss
ify
Inc
ide
nt
an
d
Bre
ac
h
Res
po
nse
No
tic
e
Use
Ac
ce
ss
&
Ac
cu
rac
y
Tra
inin
g
Pri
va
cy b
y
Des
ign
3rd
pa
rty
tran
sfe
r
Inte
rnati
on
al
tra
ns
fer
Rete
nti
on
&
Dis
po
sa
l
Se
cu
rity
x x
x x x x x x
x x
4 - Managed
3 – Defined
2 - Repeatable
5 - Optimized
1 –Ad hoc
High
Low
Current Status = 2 Goal State = 3
Recommended minimum for processing XYZ data
Current Status = ~2 Goal State = 3
x
x
Subsidiary
![Page 16: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/16.jpg)
16
Creating a PAM Assessment
Policy Approval Manager
EXAMPLE PRIVACY IMPACT ASSESSMENT
![Page 17: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/17.jpg)
EXAMPLE PRIVACY PROGRAM METRICS
Metrics via Score carding
![Page 18: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/18.jpg)
EXAMPLE PRIVACY PROGRAM METRICS
Privacy Review volume - YOY
Org Engagement - June 2013
![Page 19: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/19.jpg)
EXAMPLE PRIVACY PROGRAM METRICS
217 174
0
100
200
300
400
July Aug Sept Oct Nov Dec Jan Feb Mar April May June
Privacy Program Monitoring Privacy Inquiries/Reviews
Volume YTD
![Page 20: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/20.jpg)
OBTAINING RESOURCES
What do all these have in common?
![Page 21: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/21.jpg)
REMEDIATION & INCIDENT RESPONSE
![Page 22: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/22.jpg)
MANAGING INCIDENTS
![Page 23: Secrets to Success! Accountability in Global OrganizationsSecrets to Success! Accountability in Global Organizations Marisa Rogers & Jenifer Garone, Microsoft Ruby Zefo, Intel . AGENDA](https://reader033.vdocuments.site/reader033/viewer/2022042805/5f62089685e8ca7d785a16e3/html5/thumbnails/23.jpg)
Privacy as a business enabler
Measure, measure, measure – people do what they’re measured on
Leveraging like-minded roles
Have a privacy elevator pitch!
KEY TAKEAWAYS