Sign In
An innovative technology management consulting firm
providing a unique blend of premium IT services.

Contact Us|Investor Relations
Skip navigation links
About Us
Services
Capabilities
Industries
News & Events
Careers
Skip Navigation Linksedgewater.com > Industries > Financial Services > Personally Identifiable Information

Personally Identifiable Information (PII) Risk Assessment


Today’s business environment demands improved customer information security and protection. Regulatory scrutiny and competitive pressures emphasize the importance of taking action. To meet these demands, taking steps to assess, remediate and monitor threats to nonpublic customer information is imperative. Customer confidence is severely damaged for organizations who report breaches in their customer information security measures. Therefore, organizations must be able to ensure they are taking all the appropriate actions to secure and protect their customers’ Personally Identifiable Information (PII).

Has your organization considered the following questions:

  • Do your daily operations involve processing, storing, or transmitting customer PII? 
  • Have you evaluated your risk exposure? 
  • Have you considered business processes across the company & their supporting systems?
  • Have you developed internal controls to help protect this information?  
  • Do you have a focused approach to further enhance your control environment?  
  • Have you identified the costs (financial and operational) to contact every customer in the event of a breach in customer PII?

Organizations face common challenges related to safeguarding customer PII in today’s environment:

Competitive
Environment

Regulatory
Compliance

Business
Operations

  • Mounting customer concern regarding protection of private information 
  • Investigation of compliance with regulatory guidelines & objectives
  • Questions around tracking customer PII – within business processes & systems
  • Emerging challenges to protect customer information
  • Increasing legislation requiring disclosure of information breach
  • Queries of how third parties are protecting customer PII

 

Edgewater PII Risk Assessment – Approach:
  • Work with management to define specific scoring and weight of Edgewater PII components
  • Perform inventory of organization’s departments, processes, sub-processes, supporting systems, and third-party vendors involved
  • Assess inherent risks to PII and evaluate relevant internal and external threats 
  • Evaluate existing mitigating controls for defined high risk areas within business processes and systems
  • Detail resulting Edgewater PII Score
  • Provide actionable recommendations to mitigate residual risk
  • Reevaluate controls on a periodic basis
  • Edgewater PII Risk Assessment

Edgewater PII Risk Assessment – Benefits:

  • Gain cross functional view of movement / management of PII within company;
  • Position organization to meet regulatory requirements;
  • Utilize a consistent, defined methodology to show “reasonable effort” at safeguarding PII;
  • Understand inherent and residual risk exposure to internal and external threats;
  • Identify residual high risk processes and develop a focused mitigation approach; 
  • Mitigate the organization’s reputational, financial, and operational risks; and
  • Provide baseline scoring mechanism that can be benchmarked over time.


An Edgewater PII Risk Assessment provides a framework for identifying and mitigating organizational risks to safeguarding customers’ personally identifiable information. 

To learn more about Edgewater’s PII Risk Assessment, contact us at 800-410-4014 or email at makewaves@edgewater.com