Data Trust Score (DTS) is a measure of the effectiveness of compliance of an organization to data protection law as assessed by an auditor. This brings visibility to the common man of how reliable are the data protection measures in an organization. It also brings accountability to the data audit system by requiring the auditor to convert the subjective assessments to a common objective number.
In the Corporate and Investment world, “Credit Rating” is a common measure of the safety of investment in an instrument and has been widely used. DTS now brings this concept to the world of “Personal Data” which is like a currency which public invest and Data Fiduciaries collect and use for generating business revenue.
Naavi has been working on developing a DTS system based on the PDPB 2018 which later became PDPB 2019 and now referred to as DPA2021 (or DPB 2021). In this process, Naavi developed a framework referred to as “Data Protection Compliance Standard of India” (DPCSI) which incorporates the best of the various frameworks for implementation of ISMS or PIMS and extends it with some other unique concepts.
Now, Naavi has tried to simplify the process of DPCSI audit by enabling DTS evaluation online. This online DTS computation has been enabled by Ujvala Consultants Private Limited. The process is enabled as a “Self Evaluation” based on certain assessment questions, submitted for review to Ujvala Consultants for validation. Validation can be further strengthened by review of policy documents into a summary assessment of DTS. Finally the system merges with a Certifiable audit by a FDPPI certified auditor.
The online Link to self assessment will be available on the payment of a prescribed fee.
The assessment goes through different steps as explained below and covers five responsibility centers in the organization namely,
1.Management (MIS 1-15)
2.DPO (MIS 16-24)
3.Legal (MIS 25-26)
4.HR (MIS 27-30)
5.IT (MIS 31-50)
General Instructions for use of the “My DTS” system
The assessment has been divided into five sections corresponding to the five different responsibility centers, so that different representatives of the company can complete the assessment in each of the sections. Each section covers the Implementation Specifications related to the specific responsibility center. The user is expected to complete the questionnaire with reference to the current practices in the organization.
The questionnaire consists of one or more questions related to each of the Model Implementation Specifications followed by a self assessment of an evaluation score for the specific implementation specification on a scale of 1-10. For each assessment, a list of documents referred may be indicated.
When these individual scores for each implementation specification is totalled, one arrives at the total score for the section.
It is envisaged that each section would be completed by a designated person.
The completion of the questionnaire can be stopped and continued as per the convenience of the responder. It can be reviewed internally before it is finally committed for submission.
The summation of the assessment scores for each of the five sections provides the first raw estimation of DTS of the organization based on self declaration.
When this assessment is submitted to Ujvala, Ujvala will apply a weightage system and compute an “Adjusted DTS” and communicate it to the organization along with some critical recommendations if any for further action. A Certificate would be issued in support of this “Self Assessment”. A general feedback on the next action required will also be provided by Ujvala along with the self assessment certificate.
Pingback: Professional | The Man with the Mission