The various Data Regulations that your business needs to comply with presents numerous risks that you need identify, quantify, mitigate and report to stakeholders.  At Davies March we use the framework below to help clients address these requirements and have assembled a tool and data sets to accelerate your Risk Management strategy.

Risk Reporting.png

Risks Visualisations

At the top of the framework are the visualisations that summarise all of the risks by their impact on the business and how risk impacts are being mitigated by the controls and future actions.

Risk Mitigation Map.PNG
Risk Bar Chart.PNG
Risk Heatmap.PNG

Regulations

Understanding Obligations

An efficiency challenge for organisations is understanding and communicating the obligations of data regulation (eg GDPR, EPrivacy, BCBS239, PECR). This is often borne out by the length and format of regulations which makes it difficult to:

a) Find the clauses, articles, paragraphs, sub-paragraphs that are relevant to your business.

b) Present the obligations in a structured fashion so that teams can work through. 

c) Identify the penalties and fines and the obligations to which they apply. 

To accelerate, Davies March has built regulation data sets formatted to address these issues.

Regulation screen 1.PNG
Regulation Node Fines.PNG
Regulation Node 1.PNG

overlapping Regulation

As data volumes and capabilities have grown so has the attention of regulators looking to ensure accurate financial reporting, robust risk management, and protections for consumers, clients and data subjects.  As a result many of the data regulations you should be complying with have overlapping sections for example GDPR, PSD2 and ePrivacy all discuss obligations around consent. 

To improve time to compliance Davies March have prepared have prepared a number of data sets flagging where regulations overlap.  These can be loaded up to the Data Regulation Risk management application.   

Risks

Having broken the regulation down into the constituent obligations risks can be developed with probability and impact relative your business capplied. The Data Regulation Risk management application allows you to create and manage these risk in a number of simple and intuitive ways.

Risks 1.PNG
risks drag to node.PNG

Risk Mitigations

Having identified and quantified the Gross Risk presented by the Data Regulations the Application allows for the Net Risk to be calculated when appending the Controls and the Forecast Risk when appending the Actions.

Risk Mitigation screen.PNG