KPMG Web Application Suite for Privacy

    KPMG Web Application Suite for Privacy is a web-based platform that is used for performing data and privacy compliance assessments

    A senior Indian male engineer is confidently posed in a high-tech workspace, showcasing professionalism and expertise amidst advanced technology and equipment.

    Introducing KPMG Privacy Compliance Suite


    Welcome to KPMG Web Application Suite for Privacy, a smart and proficient platform for performing data and privacy compliance assessments.

    KPMG Web Application Suite for Privacy has the following modules:

    Privacy Compliance Assessment

    1. Our privacy management framework ensures compliance with applicable privacy laws and regulations.
    2. Provides a consolidated overview of all the on-going and completed compliance assessments based on the framework, along with their status and completion percentage.
    3. Intuitive interface with search capabilities allows for effective identification of specific controls for effective analysis.
    4. Has the capability to provide a drilled down view of the compliance status for each of the privacy management framework domains.
    Privacy Compliance Assessment

    Privacy Maturity Assessment

    1. The privacy maturity model gives organisations the overall maturity score along with the score across all the 12 privacy domains.
    2. The organisation can be benchmarked against different clients against all the 12 privacy domains.

     

     

     

    Privacy Maturity Assessment

    Data Protection Impact Assessment

    1. Provides progress status of every control tested within the assessment.
    2. The detailed questionnaire for every sub-process of an organisation is captured. It can be customised based on every client requirement.
    3. The compliance score and completion status are showcased for every process and sub-process.
    4. All the non-compliant controls associated flow into the assessment issues module and can be tracked to closure.
    Data Protection Impact Assessment

    Vendor Privacy Assessment

    1. Vendor privacy assessment (VPA) offers a range of existing modules that can be utilised to create a framework and KPMG in India has the flexibility to customise it.
    2. Heatmap of VPA domains provide a drilled down view of the compliance status.
    3. Selection of specific or all controls from different VPA modules create a customised framework.
    4. Reports for every VPA conducted can be downloaded.

     

    Vendor Privacy Assessment

    How can we help?

    KPMG Web Application Suite for Privacy is the privacy assessment tool, built by KPMG in India to make privacy assessments efficient.

    1. The web-based interface enables access through a URL, eliminating the need for software download.
    2. The tool assigns roles with specific privileges, ensuring only relevant data is visible to each role, improving security control.
    3. The tool has an easy-to-use UI/UX and follows a top-down approach to create a relationship between every functionality.
    4. The tool provides templates to eliminate the tedious task of creating multiple excel sheets, reducing effort and providing efficient templates for different organisations.

    a

    KPMG in India’s privacy experience in privacy compliance

    Key potential benefits of using KPMG Web Application Suite for Privacy:

    Competitor analysis

    We are the pioneers among the major professional services firms in India to have a home-grown privacy-enhancing technology(PET)

    a

    CSR

    Every year, KPMG conducts the Global Cyber Day to educate school children, teachers, and parents on cyber security with due focus on data privacy

    b

    Data localisation

    The platform will be hosted in India; hence, would adhere to any data localisation requirements that may arise                                          

    c

    Digital Personal Data Protection Bill (DPDPB) ready

    he tool has the required framework and modules tailored to the bill available to help clients be compliant               

    a

    Key features

    The platform adheres to security controls such as encryption, access management, audit logging, system hardening, network security, etc.

    b

    A tool for all

    Along with established organisations, this platform can be utilised by startups and empowers novice users while embarking on their privacy journey.

    c

    The principles behind our tool

    work

    Alignment with business objectives

                                                                                    

    change_circle

    Flexibly adapt in line with your changing business

                                                                                 

    leaderboard

    Covers Regulatory, Statutory and Leading Industry Practices

                                                                                 

    store

    Scalable and flexible for global markets

                                                                        

    security

    Encompasses Privacy, Data Protection, Contractual controls

                                                                     

    vrpano

    Integrate with your existing technoology landscape

                                                                                    

    summarize

    Analysis, reporting dashboards and metrics

                                                                                    

    cloud

    On-premise and the cloud models

                                                                     

    Security Features

    Role Access

    1. System functionalities are configured with role-based access.
    2. Roles can be configured to modify the underlying functionalities, by the Admin.
    Secure Access

    Application access is protected with multiple secured layers.

    1. Application configured with SSL certificate.
    2. Application Gateway validate all requests and allow valid ones only.
    3. Users access the application via secured layer.
    4. Implemented 2 factor authentication for validating the user.
    audit logs

    1. Audit logs for all transactions such as assessments and issues.
    2. Audit logs can be retrieved based on search criteria.

    Data on Transit - All data will be encrypted and transfered over HTTPS protocol.

    Data at Rest - Sensitive data including passwords are encrypted and stored in database.

    1. Server/Infrastructure hardening is being done as per Microsoft best practices.
    2. Vulnerability assessment and penetration testing is performed for all releases and annually.

    1. System doesn't request/capture any PII data.
    2. Azure backup & recovery services are enabled.

    Solution Uniqueness

    • Privacy maturity assessment and benchmarking with industry peers across the globe
    • Bringing in our consulting and technology experience for solutioning and execution
    • Platform adoption and implementation is flexible to customisatons and cost effective
    • Exploring AI/ML to support clients in recommending suitable privacy practices
    • The report generated by the system highlights the details of the user and controls completion status for assessments (both online and offline)
    • Sub-process level risk ratings and scoring mechanisms

    Key Contact

    Atul Gupta

    Partner and Head - Digital Trust and Cyber

    KPMG in India

    Connect with us

    Contact our specialists for more information

    connect with us