Protect your personal data

A privacy audit helps DPO to monitor the company’s privacy program and can meet regulatory and contractual obligations and enable the continuous improvement of implemented processes.
Thus, the DM11® approach covers an analysis of the implemented controls for personal and privacy data protection, based on ISO 27001 and 27701 information privacy management standards.
Focusing on alignment with LGPD, we analyzed the main privacy indicators and identified gaps and opportunities for improvement in these controls. As a result, a detailed report that highlights the recommendations to be prioritized is prepared in order to boost its journey towards compliance.

We evaluate the risks associated with process dimensions, people and technology that can result in improper exposure of personal data. This assessment is performed considering the precepts of LGPD and based on solid good data protection practices.
The goal is to allow a broad view of vulnerabilities that can affect privacy, allowing your organization to be prepared to mitigate these risks effectively.

DM11® will conduct a detailed mapping of all processes, systems, and activity sectors that are involved in handling personal data. Additionally, a thorough cataloging and a structured classification of these data is performed, considering its nature, in order to enable the application of appropriate treatments, in accordance with the inherent risks.

After thoroughly mapping the risks involved in personal data protection and privacy management, our approach will focus on formulating a personalized plan for the implementation of strategic information security and cybersecurity actions, in line with the requirements of legislation in search for legal conformity. Thus reinforcing the confidence of the parties involved and the full protection of personal data that your organization deals with.

DM11® customizes assertive training on the application of LGPD that are specially adapted to meet the needs and characteristics of your organization.
These training is available in a directed manner and can consider the various levels within your company, from the person in charge of personal data to, for example, management and employees in general.

In order to identify the necessary corrections, DM11® performs intrusion tests in its environment by applying controlled manner, techniques and tools used by hackers in environments that treat personal data in order to evaluate to what extent a cybercriminal can gain access to data of your company. With this strategy, it is possible to evaluate ways by which potential strikers can penetrate your environment and gain access to sensitive data, thus identifying possible vulnerabilities and disabilities, which will allow your organization to take effective corrective measures and strengthen the safety of your environment .

Through noninvasive techniques and tools, DM11® trackout vulnerabilities of its assets that treat personal data and develops viable recommendations to the risks identified in order to correct vulnerabilities, enabling prioritization of the most critical corrections.
Our strategy focuses on a careful evaluation of the vulnerabilities present in the assets that manipulate personal data.