Scoring
See the Scoring Section in the DPDx Reporting Overview.
Working on audit sections
You will work on audit sections to address areas of risk that are uncovered in the audit report, and to address other issues. The next three subsections give instructions for working on sections from within the audit, as opposed to working from within the main topics in the DPDx app. Working through an audit gives you a shortcut into sections to work to remediate risk as you would from the main DPDx homepage. This user guide starts with basic functionality and will build into comparisons. So these next sections do not yet describe Comparison Audits.
Compliance section
This section provides the status of Compliance Audit tasks and risk scores. For this example, we will work on tasks in the compliance section Business Environment & Governance / Program Measurement. Note two things about the audit screenshots:
- There is not a previous audit being used for DPDx comparison
- The numbers circled indicate where differences will be seen later (for highlights only; this section is not an explanation of the “Comparison” feature)
While viewing our Real-Time Audit, we can work directly on issues that need our attention. We choose “Business Environment & Governance / Program Measurement”. View the audit and click on the section name within the audit.
A new tab opens directly in that section.
Now, from within that compliance section, you can work on the topic as you would from the DPDx homepage: tasks are assigned, given due dates and task statuses are updated. (See the User Guide chapter for Compliance Audit for instructions.) We update a few items here for the purpose of this example. Refer to the section below, Recalculate without a Comparison Audit, to see the results of our task updates.
Data Mapping section
This section provides the status of incomplete data mappings. Click on the Data Mapping tab to review that section.
For this example, we find that our data mapping is missing information on some Sensitive Personal Information Types (the column: # Sensitive PI, no lawful basis). We will add the legal basis for the data in Marketing & Sales>Customers / Clients. Note two things about the audit screenshots:
- There is not a previous audit being used for DPDx comparison
- The number circled indicates where we will see differences later (for highlights only; this section is not an explanation of the “Comparison” feature)
While viewing our Real-Time Audit, we can work directly on issues that need our attention. View the audit and click on the data mapping for Marketing & Sales>Customers / Clients within the audit.
A new tab opens directly in that section in data visualization. Reviewing the visualization may help you identify the issues.
TIP: The Validate button in Data Mapping may also help identify issues.
Next click on the Edit tab to change to the editing view.
The Data Mapping edit page appears. Note that the warning in the Status column may also help to identify issues.
We’ve determined that the missing data is in Marketing & Sales>Customers / Clients>Sales. Choose “Edit” on that item.
Now, from within the data mapping section, you can work on the topic as you would from the DPDx homepage. We will add the legal basis for the sensitive data. (See the User Guide chapter for Data Mapping for instructions.) Refer to the section below, Recalculate without a Comparison Audit, to see the results of our updates.
Other section
Audit results are produced for the following sections:
- Governance – completion status of governance documents
- Stakeholder Comms – employee/contractor status of policy acceptance
- Sharing Parties – completion status of Third Party/Sharing Party contracts
- Service Providers – completion status of Service Provider contracts
- DPIA – completion status of DPIAs
- DSAR – completion status of DSARs
- Breach – completion status of breach reports
Clicking on a section title opens a new tab directly in that section. From within that compliance section, you can work on the topic as you would from the DPDx homepage. Results of updates in these sections will mirror the updates that are described later in this section.
Recalculate without a Comparison Audit
The Recalculate feature will update the audit results to the point in time when the recalculation is done. The audit retains the same name, but the statistics from the creation or the prior recalculation are not saved. With “Recalculate”, the numbers will update in real-time, however there are no highlights to show the differences in the recalculated audit. The Recalculation timestamp is updated after you Recalculate.
TIPS:
- To highlight differences before and after changes: Use Comparison Audits
- To “lock” the audit results at a point in time: Mark as Complete. A Completed Audit cannot be Recalculated.
- For a historical snapshot, download an Excel sheet before you do a recalculation. This will help if you need to compare the same audit – before and after – in more detail, and can also help with troubleshooting. We suggest putting a date and timestamp in the downloaded file name.
Below are screenshots of before and after recalculations without comparison audit on the examples immediately above. The numbers showing changes are highlighted for this guide, but highlights do not appear on your screen. You can visually compare these numbers to downloads you have saved from prior to the Recalculation; otherwise you will not see differences.
Compliance – BEFORE Recalculate:
Compliance – AFTER Recalculate:
Data Mapping – BEFORE Recalculate:
Data Mapping – AFTER Recalculate:
After recalculation, you can download an Excel version of the updated audit for a historical snapshot and for comparison calculations. We suggest putting a date and timestamp of recalculation in the downloaded file name.