Data Protection Program
Photo Gallery
 |
Data Protection Program
Additional Info
| Company | Technology Oversight & Coordination - Saudi Aramco |
| Website | https://www.aramco.com |
| Company size (employees) | 500 to 999 |
| Headquarters Region | Middle East |
Overview
The building blocks for having an effective and efficient Data Protection Program are as follows:
1. Management commitment and responsibility.
2. Essential data protection functions:
Information Asset Management
Risk Assessment
Risk Treatment
Data Protection Awareness
Reporting Information Security Observations
Access Control & Access Reviews
Data Backup and Retention
Business Continuity Planning
Software Management
Data Protection Reviews
Compliance Management
Corrective and Preventive Action
Physical Security
External 3rd Party Security
3. Resources such as qualified and competent ISA and Assistant ISA (as required by GI.710.015), subject matter experts (SMEs), and inspection teams are required to successfully establish, execute and manage the Data Protection Program
4. Data Protection Program KPIs (Key Performance Indicators) to gauge the maturity, progress and state of the Data Protection Program.
5. Data protection performance reporting to provide insight into the results and status of the Data Protection Program for decision making.
How we are different
The Data Protection Program provides the following benefits to the business organizations within Saudi Aramco:
Brings the focus on information protection within the organization.
Changes the organization’s approach to information protection from reactive to proactive.
It is a simple-to-use program that is aligned with Saudi Aramco and international best practices.
Provides enhanced coverage of information assets, which are critical to the organization.
By implementing a wide range of administrative, physical and technical controls it provides enhanced information protection for the organization.
