Improve the integrity of Company data, resulting in greater accuracy, timeliness and quality of information for decision-making.Įstablish standard definitions for critical Company data to promote data integrity and consistency.ĭefine Company policies relating to how data should be managed with respect to data subject requests for inspection, portability, or erasure.ĭirector of Technology (DoT) – The DoT is responsible for overseeing all Company activities related to the development, implementation, maintenance, and adherence to the organization’s policies and procedures affecting the privacy of, and access to, information belonging to or in the possession of the Company. Improve the Company's data security, including confidentiality and protection from loss. Improve ease of access and ensure that once data is located, users are able to interpret the data correctly and consistently. By adoption of this policy, the Company intends to:Įstablish appropriate responsibility for the management of data held by the Company as a Company asset. The Data Governance Policy addresses data governance structure, including but not limited to data access, data usage, and data integrity and integration. It is the goal of the Company to educate and train its employees on the elements of this policy in order to establish an appropriate security posture. The policies stated herein have been adopted based on a risk assessment of the Company, identifying its critical assets, potential threats, and developing mitigation strategies based on a cost/benefit analysis. The ultimate goal of this policy is to, where possible, limit access to data to only those persons who require access in order to perform necessary and authorized job functions, in accordance with the information security principle of least privilege, and manage data collection, processing, transfer, and storage compliant with state, federal, and international laws and regulations where applicable. However, different types of data have different degrees of sensitivity and confidentiality and should therefore be treated differently. The data held by the Company, whether in Information Systems or otherwise, is a valuable asset of the business and the Company has implemented information security policies to protect it. The objective of this policy is to establish a Data Governance and Classification program to protect the confidentiality, integrity, and availability of data collected by or held by BEAR COGNITION, INC (hereinafter “the Company”). BEAR COGNITION, INC – DATA GOVERNANCE AND CLASSIFICATION POLICY
0 Comments
Leave a Reply. |