Over the years solutions to address potential Privacy, Compliance and Data Security risks have been implemented in isolation. The PCDS concept of 3-in-one is meant to help privacy, security and compliance professionals of every industry identify their individual roles within a specific project, recognize the codependence of each risk component and the synergy it creates without isolating the roles in the overall solution. While we acknowledge the need to allow each of the three solutions to assess and resolve the problems relating to their areas, with a unified solution the following would be achieved.
- Reduce resources duplication
- Achieve a holistic solution that resolves a business overall strategic problem
- Reduce cost and time spent on implement solutions
- Quality and sustainable solutions rather than reactive and incident prone solutions
Though the three risk components are interdependent on each other, they have separate enforcement agencies with different objectives, goals and different risk assessment tools. Each of the three requires a specialist or Subject Matter Expert (SME) to implement and support ongoing operational needs. PCDS encourages each specialist to recognize the synergy and the role of each dependent variable and respect its influence in the risk solution architecture.
Any Risk solution that fails to employ the three dependent variables is not holistic and must be reassessed.
Due to specialized skills and knowledge required to access and implement risk framework, it is highly recommended that a single individual does not conduct the Security, Privacy and Compliance Risk Assessment.
PCDS recommends the need for interoperability, appreciation, recognition and respect of each component’s assessment of risk without influence, intimidation and overlapping of roles.