This tool includes business risks related to privacy/data protection and accumulated privacy standards, defines the role of chief privacy officer, and also contains questions for a committee audit.
Sample questions include: Does the organization operate in any areas of the world where it is required to comply with privacy laws and regulations protecting the rights of the citizens in those jurisdictions? Does the organization have privacy and data protection risk management processes in place?