Data Mapping

Data is the lifeblood of your organization, but it's impossible to protect if you don't know how it flows. Data mapping is the first and most important step in protecting your critical data assets.
The Key to Data Protection

The Key to Data Protection

Understanding how your company collects, processes, transmits, and stores data – as well as how it’s used and who uses it – is the foundation of your data privacy program and the key to complying with most privacy regulations. Yet the exact movements of sensitive data are often poorly understood, providing unknown exposure points and increasing the risk of data loss. Our data mapping exercise helps you make strategic decisions around regulatory compliance, cross-border data transfers, and risk mitigation efforts.

Our Approach

To provide visibility into the life cycle of your sensitive data, Focal Point's data inventory and­ information mapping methodology includes four key phases:

Phase 1

We put your existing policies and procedures under the microscope, refining the scope of our discovery sessions. Understanding your current governance program helps create a rough picture of data usage and controls.

  • Policy evaluation
  • Procedure examination
  • Understanding of current program

Phase 2

Using various tools, we distribute questionnaires to employees, end users, and third parties to gain insight into the day-to-day handling of sensitive data, as well as uncovering hidden data sources that may expose the company to risk.

  • Questionnaire design
  • Questionnaire distribution
  • Questionnaire monitoring

Phase 3

We interview key stakeholders to further refine the understanding of the information lifecycle, current data management practices, and the sensitive information within the organization.

  • Stakeholder interviews
  • Better understanding of information lifecycle
  • Lifecycle documentation

Phase 4

Our team builds a master repository of information lifecycle details. It includes data element types, collection mechanisms, transfers, privacy and security practices and transfers to third parties. We evaluate the strength and effectiveness of controls and safeguards in place and establish a sensitivity index to focus on areas of highest privacy and security risks.

  • Master repository
  • Data mapping lifecycle
  • Opportunities for improvement

Different from the Rest

At Focal Point, we take a different approach to managing privacy risk.

Varied Experience

Our team has provided data mapping services to support a variety of strategic initiatives - from digital transformation projects to privacy program design to regulatory compliance.

Proprietary Toolkit

Leveraging our deep data mapping experience, our team has built a customized tool for surveying data owners, processing the results, and visualizing your complete data flow.

Actionable Takeaways

We understand that data mapping is often just the first step in a long journey. Our team of experts in digital transformation, data privacy, and cybersecurity can help you prepare for what comes next.