Repeatable and non-arbitrary approach to performing a compliance assessment.
The various components that we address are vast and sufficient. DFA Protect will provide suitably qualified resources to implement the technology and conduct the assessments.
Removes human error by having the appliance performing the technical data collection.
Allows flexibility in how to work with clients on performing compliance assessments. DFA can perform all three roles or divide the roles logically with the staff at the client’s site responsible for compliance.
Online Forms and Workspaces
Complete worksheets and forms to provide information that cannot be collected automatically. The human interface component to the process.
Augment Data found from Automated Scans
This covers the questions and answers about the client’s actual environment, users, and computers to provide details that cannot be gathered in an automated fashion.
Adds the workflow component to the exercise through links in emails informing the necessary role players when there are tasks that require their attention.
It assesses the compliance position and provides a document to show Auditors as a starting point to help them easily see how the organisation is going about compliance. Easy to use format and cross-references simplifes the Auditor’s process.
Evidence of Compliance
Gathers evidence into one document to back up the Auditor Checklists with real data.
Information Policies and Procedures
One of the first requirements is to have a P&P. Some organizations do not have one or at least one that conforms to compliance standards.
Looks for when you might need to update your compliance documentation to stay current.
Risk Treatment Plans
Track remediation efforts and provide a paper trail in the event of an audit or request for documentation.
Compliance standards require specific deeper scans looking for specific information. For GDPR, POPIA Compliance Manager helps identify where personal data resides.
External Vulnerability Scans
Identify weaknesses that an external attacker can exploit within a clients network.
Reports and documentation
Complete Audit trail of the process and evidence of compliance and risk assessments.
Comply with retention requirements and be able to demonstrate not just current compliance but ongoing compliance.
Performing compliance assessments cannot be done in a vacuum. Subject Matter Experts are often required to assist in completing worksheets, forms, and providing information that cannot be discovered automatically. DFA Protect provides a framework for inviting others to assist in the assessment process where applicable.
In-product guidance written by compliance experts helps to answer compliance related questions.
DFASolutions have a solution called DFA Protect that will address ICT POPIA requirements and it comprises of technology and of the human interface