Failure to manage privacy risks can have a significant negative impact on an organization. This tool provides questions to consider when evaluating risks related to privacy/data protection and accumulated privacy standards.

Sample questions include: Does the organization operate in any areas of the world where it is required to comply with privacy laws and regulations protecting the rights of the citizens in those jurisdictions? Does the organization have privacy and data protection risk management processes in place? Has the organization created a chief product officer (CPO) position and provided resources?