Qualys recently announced new functionality in its Security Assessment Questionnaire (SAQ) Cloud App that allows customers to better achieve visibility of data across their own network and supply chain for compliance with GDPR.
The new GDPR-specific SAQ templates and a purpose-built dashboard allow customers to reduce the cost and effort of risk assessment to determine the status of their own business and procedural readiness for GDPR, as well as that of vendors in their supply chain.
SAQ will also offer customers a single dashboard from which to launch GDPR campaigns, manage new GDPR templates, and manage risky third-party vendors. This new tool will simplify the execution and management of GDPR vendor risk assessments by saving time and effort. With a single pane of glass for all GDPR-related assessments, customers can launch new GDPR assessments using the SAQ templates within a matter of minutes and a few clicks. Information on the status and aging of all assessments, vendor risk data along with risk scoring will be available on this dashboard.
Philippe Courtot, chairman and CEO at Qualys said “Our latest SAQ capabilities aim to streamline many of the mundane tasks for GDPR compliance and help customers document the security posture of both third-party vendors as well as their own, ultimately strengthening their cybersecurity practices and safeguarding customers’ data across on-premises, endpoints, mobile and cloud environments.”
Each of the seven new questionnaire templates spells out GDPR requirements in granular detail and helps teams assess their business readiness for GDPR compliance:
- GDPR Business Readiness Self-Assessment: Designed to identify key areas where operational changes will be required, and to assist the organization in prioritizing efforts for GDPR compliance.
- GDPR Data Inventory and Mapping: Helps in assessing the process to identify, locate, classify and map the flow of GDPR-protected data.
- GDPR Accountability and Responsibility Assessment: Helps in assessing the process of accountability and responsibility in terms of data governance as per GDPR requirements.
- GDPR Data Privacy Assessment in Operations: Focuses on assessing appropriate technical and organizational measures to protect EU residents’ personal data from loss or unauthorized access or disclosure.
- GDPR Third-Party Vendor Assessment: Helps to identify and assess the requirements of third-party vendors with which you share personal data of EU residents.
- GDPR Data Incident and Breach Notification Assessment: Helps in the assessment of GDPR’s data breach notification and communication requirements.
- GDPR Data Protection and Privacy Impact Assessment: Helps organizations in the assessment of the privacy risks and data protection safeguards of new projects
The SAQ GDPR-specific templates are available to customers today. The SAQ GDPR-specific dashboard will be available to customers in August.