Roles and Responisbilies Cheat Sheet

1. Board of Directors
2. 1- Approve an enterprise’s privacy policy
3. 2- Final accountability for all matters including privacy
4.  
5. Privacy Steering Committee
6. 1- Developing a privacy management plan
7. 2- The design and implementation strategy of the privacy management program
8. 3- Ensuring through monitoring and review, that good privacy practices are applied effectively and consistently throughout the enterprise
9. 4- Enterprise privacy management decisions in support of strategic decisions of the enterprise risk management
10. 5- Developing and maintaining the privacy framework and related privacy policies
11. 6- Review and approval of the privacy management policies and procedures
12.  
13. Enterprise Risk Management Committee
14. 1- Establishing Privacy risk and harm tolerance levels
15.  
16. CPO
17. 1- Development of privacy management policies and procedures
18. 2- Responsible for implementing and maintaining the privacy management program and associated strategies
19. 3- Developing a procedure to initially identify and then maintain an up-to-date personal information inventory throughout the enterprise
20. 4- Overall responsibility of the enterprise privacy management program
21. 5- Identification and communication of privacy threats, privacy harms, desirable behaviors, and changes needed to mitigate the threats and harms
22.  
23. Chief Risk Officer
24. 1- Provide specialist input when relevant and can be asked to join the ERM committee on occasion or as a permanent member
25. 2- Implementing policies and procedures to minimize and manage operational risk
26.  
27. Chief Information Security Officer
28. 1- Implementing policies and procedures for all aspects related ti information pertaining to the enterprise
29.  
30. Business Manager
31. 1- Responsible for developing, maintaining, guiding, and allocating resources to attain the overall organizational goal
32. 2- Ensuring that privacy is appropriately addressed and mitigated by those for whom they’re responsible according to enterprise privacy policies and procedures
33. 3- Accountable for Following the privacy policies, procedures, and standards
34.  
35. Privacy Manager
36. 1- Develop, implement, and enforces policies and procedure and reports to the CPO
37. 2- Responsible for the management of the enterprisewide privacy management effort and activity
38. 3- Management of specifically assigned scopes of privacy program management activities and supporting efforts
39. 4- overall daily decision-making authority over privacy management domain practices
40.  
41. Compliance Manager
42. 1- Ensure the business is conducted in accordance with legal and ethical frameworks pertaining to the enterprise
43.  
44. Data Controller
45. 1- Ensure compliance with privacy policies
46.  
47. Data Processor
48. 1- Responsible for Following privacy policies and procedures
49.