The Risk, Privacy, and Data Workflow Basics of BeyData Librarian

BeyData LibrarianBeyData Librarian is a Risk Management System that empowers organizations to build and maintain a catalog of all their data flows, PII processing, and risk assessments. By creating a scalable and repeatable processes it enhances the building and maintaining of Data Inventory Catalogs with Workflow and Data Flow Diagramming. The system is designed for small-medium businesses, consultants and enterprise organizations. Great effort was taken in allowing non-technical users to use the system to meet and exceed regulatory requirements, to keep and maintain accurate records of the data that they process, and to document their procedures and technical controls for addressing privacy and security risk.

BeyData Librarian uses a Drag and Drop user interface that creates a core group of processes that empower non-technical compliance officers, systems owners or business users to easily create, view and work with their risk assessments.  Anyone familiar with basic flow or data charting/diagramming will have no problem using the software. BeyData Librarian allows users to rapidly automate and build out workflows to reflect existing manual processes in an extremely timely manner.

The system utilizes core building blocks designed for ease of use, so that users can Build Once, Re-Use Often”. BeyData Librarian allows users to create an initial set of workflows based on the regular nature of their business. These workflows can include; inventory of data, systems identification, processing activities and associated task management, required documentation, risk assessments and approval chains.  Once these workflows have been developed they can be called and/or re-used as the components for all Privacy, Security or Risk Assessments across the organization.

In this way, rather than building a new workflow for every processing activity, organizations can scale their efforts. This “tool-kit” then becomes the core components for most of the processing activities within an organization. As most processing activities fall into a grouping of categories, this allows BeyData Librarian users to easily scale their efforts across an enterprise.  For non-identical but similar processes, BeyData Librarian cloning allows the organization to benefit from work that has already been done in the system, eliminating the need for repetitive data entry, but ensuring approval and review at every step required for accuracy.

BeyData Librarian uses optional Script Objects to control flow and to set workflow variables to some value via an expression. Script Objects allow the system, for example, to keep a running “risk count” that can trigger branching logic to require additional information, new approvals and/or to recommend technical controls.  These Objects are not required but are available and can provide great flexibility.

Workflows Tasks and Approvals can be automated and decentralized so that all necessary stakeholders can provide their input into the final risk assessment.  Task management can not only be predefined in the system, but more importantly can be addressed on an adhoc basis (based on user permission) so that the system can document and address both expected and non-expected risk appropriately.

So, for example, if in responding to a risk assessment, a new variable, not previously defined in the system, is introduced, a new workflow or automated alert can be automatically triggered.  It can also be assigned based on the workflow itself (i.e. does the CPO or CISO team respond to a question on controls within the system). This can be automated for system or data set or modified as necessary using “Flow Scripts” which allow for automated “exception handling” to previously defined logic.

Decisions can also be automated in the system based on predefined workflows utilizing Decision Objects. Decision Objects enable condition based actions or recommendations to control the flow of a risk assessment. For example, “Is my data stored in the Cloud” or “Am I collecting Sensitive PII as defined under the EU General Data Protection Regulation”?  Approvals can be implemented at the task level or at the assessment level.

BeyData Librarian provides the necessary level of simplicity, power and scale to support effective business processes for privacy and security risk management, and to document accountability for internal and external stakeholders. This system of accountability provides true ability for organizations to build a repeatable process for implementing a risk-based approach for data protection.

The following is a partial listing of the  main types of Objects in the system:

  • Script Objects – The Script Objects can be used to set variables or other code and variables to be used by the workflow.
  • Connector Lines – There are multiple types of connections that can Used, all to add both readability and functionality, they include but are not limited to; Source and Target Connectors, Branches. Joins, Arcs, and side connectors are also included.
  • Mail Objects – A mail system that allows for alerting based on conditions that allow for variable driven alerts, warnings and messages.
  • Task Objects – The task object is either a simple or complex object that can complete one or multiple grouped tasks, each task can allow or deny attachments and multiple allowed uses of attachments. Each task can allow additional fields to be added dynamically which are NOT predefined by the system. Approval types can be customized by the system and of course task expiration guidelines can be set.
  • Approval Object – Similar to the task object but with a single purpose of approval of a stage versus one to many tasks.
  • Decision Object – Allows for a conditional Expression to control the flow of the risk assessment
  • Canned Database Objects allow for Specific Updating of the associated risk database
  • Workflow Object – The Workflow object allows you to call one or many workflows from a workflow.
  • Flow Scripts – on connectors one can add a flow script, this allows you to set a variable conditionally and branch to a certain location in the flow based on that variable.

For more information on BeyData Librarian or to schedule a Demo please send a request to Sales@beydata.com

Product Information Pagehttps://beydata.com/librarian.html