KPMG Web Application Suite for Privacy

KPMG Web Application Suite for Privacy is a web-based platform that is used for performing data and privacy compliance assessments

A senior Indian male engineer is confidently posed in a high-tech workspace, showcasing professionalism and expertise amidst advanced technology and equipment.

Introducing KPMG Privacy Compliance Suite


Welcome to KPMG Web Application Suite for Privacy, a smart and proficient platform for performing data and privacy compliance assessments.

KPMG Web Application Suite for Privacy has the following modules:

Privacy Compliance Assessment

  1. Our privacy management framework ensures compliance with applicable privacy laws and regulations.
  2. Provides a consolidated overview of all the on-going and completed compliance assessments based on the framework, along with their status and completion percentage.
  3. Intuitive interface with search capabilities allows for effective identification of specific controls for effective analysis.
  4. Has the capability to provide a drilled down view of the compliance status for each of the privacy management framework domains.
Privacy Compliance Assessment

Privacy Maturity Assessment

  1. The privacy maturity model gives organisations the overall maturity score along with the score across all the 12 privacy domains.
  2. The organisation can be benchmarked against different clients against all the 12 privacy domains.

 

 

 

Privacy Maturity Assessment

Data Protection Impact Assessment

  1. Provides progress status of every control tested within the assessment.
  2. The detailed questionnaire for every sub-process of an organisation is captured. It can be customised based on every client requirement.
  3. The compliance score and completion status are showcased for every process and sub-process.
  4. All the non-compliant controls associated flow into the assessment issues module and can be tracked to closure.
Data Protection Impact Assessment

Vendor Privacy Assessment

  1. Vendor privacy assessment (VPA) offers a range of existing modules that can be utilised to create a framework and KPMG in India has the flexibility to customise it.
  2. Heatmap of VPA domains provide a drilled down view of the compliance status.
  3. Selection of specific or all controls from different VPA modules create a customised framework.
  4. Reports for every VPA conducted can be downloaded.

 

Vendor Privacy Assessment

How can we help?

KPMG Web Application Suite for Privacy is the privacy assessment tool, built by KPMG in India to make privacy assessments efficient.

  1. The web-based interface enables access through a URL, eliminating the need for software download.
  2. The tool assigns roles with specific privileges, ensuring only relevant data is visible to each role, improving security control.
  3. The tool has an easy-to-use UI/UX and follows a top-down approach to create a relationship between every functionality.
  4. The tool provides templates to eliminate the tedious task of creating multiple excel sheets, reducing effort and providing efficient templates for different organisations.

a

KPMG in India’s privacy experience in privacy compliance

Key potential benefits of using KPMG Web Application Suite for Privacy:

Competitor analysis

We are the pioneers among the major professional services firms in India to have a home-grown privacy-enhancing technology(PET)

a

CSR

Every year, KPMG conducts the Global Cyber Day to educate school children, teachers, and parents on cyber security with due focus on data privacy

b

Data localisation

The platform will be hosted in India; hence, would adhere to any data localisation requirements that may arise                                          

c

Digital Personal Data Protection Bill (DPDPB) ready

he tool has the required framework and modules tailored to the bill available to help clients be compliant               

a

Key features

The platform adheres to security controls such as encryption, access management, audit logging, system hardening, network security, etc.

b

A tool for all

Along with established organisations, this platform can be utilised by startups and empowers novice users while embarking on their privacy journey.

c

The principles behind our tool

work

Alignment with business objectives

                                                                                

change_circle

Flexibly adapt in line with your changing business

                                                                             

leaderboard

Covers Regulatory, Statutory and Leading Industry Practices

                                                                             

store

Scalable and flexible for global markets

                                                                    

security

Encompasses Privacy, Data Protection, Contractual controls

                                                                 

vrpano

Integrate with your existing technoology landscape

                                                                                

summarize

Analysis, reporting dashboards and metrics

                                                                                

cloud

On-premise and the cloud models

                                                                 

Security Features

Role Access

  1. System functionalities are configured with role-based access.
  2. Roles can be configured to modify the underlying functionalities, by the Admin.
Secure Access

Application access is protected with multiple secured layers.

  1. Application configured with SSL certificate.
  2. Application Gateway validate all requests and allow valid ones only.
  3. Users access the application via secured layer.
  4. Implemented 2 factor authentication for validating the user.
audit logs

  1. Audit logs for all transactions such as assessments and issues.
  2. Audit logs can be retrieved based on search criteria.

Data on Transit - All data will be encrypted and transfered over HTTPS protocol.

Data at Rest - Sensitive data including passwords are encrypted and stored in database.

  1. Server/Infrastructure hardening is being done as per Microsoft best practices.
  2. Vulnerability assessment and penetration testing is performed for all releases and annually.

  1. System doesn't request/capture any PII data.
  2. Azure backup & recovery services are enabled.

Solution Uniqueness

  1. Privacy maturity assessment and benchmarking with industry peers across the globe
  2. Bringing in our consulting and technology experience for solutioning and execution
  3. Platform adoption and implementation is flexible to customisatons and cost effective
  1. Exploring AI/ML to support clients in recommending suitable privacy practices
  2. The report generated by the system highlights the details of the user and controls completion status for assessments (both online and offline)
  3. Sub-process level risk ratings and scoring mechanisms

Key Contact

Atul Gupta

Partner and Head - Digital Trust and Cyber

KPMG in India

Connect with us

Contact our specialists for more information

connect with us