INTELLILINK Personal Information Leakage Audit Service
Grasp, objectively evaluate and analyze the situation from the perspective of preventing leakage of personal information
Protection of personal information can be secured by a system that clearly defines the handling of information and maintains a proper organizational management system. The management system needs to be established from a business perspective (securing business balance), without only focusing on incorporating the guidelines and voluntary industry rules to meet legal obligations.
Issues and measures concerning prevention of leakage of personal information
Many of the incidents involving leakage of personal information are caused by violations of deviation from usual business practices and rules, which makes it difficult to initiate effective countermeasures.
Leakage of personal information by an insider or by human error is often observed in the current scenario; which is why it has become increasingly important to review how personal information is handled in every operation and establish an appropriate management system.
Current issues
- Which operational level can be considered as the appropriate management level?
- Is the management system sufficient enough to be applied in other scenarios in the world?
- How to manage information on distribution?
- Are there any unexpected risks?
Administrative measures
- Evaluate compliance to legal measures
- Assess the current situation and strengthen the management
- Review management in line with business reality
What is INTELLILINK Personal Information Leakage Audit Service?
Under the INTELLILINK Personal Information Leakage Audit Service, the personal information handled by the system and its distribution channels are identified. We prevent the occurrence of risks in handling the personal information and advise on improvement measures to enhance operational effectiveness through this service.
Compliance
- Act on the Protection of Personal Information
- JIS Q 15001
- Guidelines for Protection of Personal Information by the Ministry of Economy, Trade and Industry
- Information Security Audit Standards by Ministry of Economy, Trade and Industry
Operational appropriateness (validity)
- Handling and management of personal information
- Gap between rules and reality
- Security operations management level
Overview of INTELLILINK Personal Information Leakage Audit Service
Under the INTELLILINK Personal Information Leak Audit Service, the distribution channels of personal information in the target system are identified using an audit model diagram. In this service, we investigate deviations from audit standards and identify risks of personal information leakage.
INTELLILINK Personal Information Leakage Audit Service Flow
| Prior hearing | Implementation of audit | Report writing | Briefing |
|---|---|---|---|
| First, we identify what kind of information will fall under high risk information, such as information concerning the target organization and an overview of its operations. Then we prepare an audit plan. | We check the status of security by conducting interviews regarding the entire operation and examining records and documents. | Then, we analyze the evidence that forms the rationale of our audit opinion and prepare a report on the current situation, threats and areas that need to be reviewed. | The report indicates the problem areas and the reasons or rationale for determining them. We provide a report on the audit results and advise on how to improve operations. |