As the case for big companies to fund a data privacy team becomes more certain, these teams are looking at ways to make the most of the money they are given.
And, understandably, one of the first steps is to set some goals and work out how to measure progress towards them. Once data privacy teams have decided on what metrics they want to use and how to measure success (see this post for more), they need to understand how to make sense of the information they gather.
After all, a metrics dashboard can have the most relevant information in the world, but if nobody knows how to analyze the information, what to report and communicate, or how to improve performance, the whole exercise is pointless.
Chart 1 outlines four steps to follow, including activities, the participants to involve, and time estimates for each. Data privacy teams should make sure they allow enough time for making use of any data they’ve collected, as the whole process can take as long as nine weeks.
Chart 1: Making use of data privacy metrics Source: CEB analysis
Following these steps allows the chief privacy officer and stakeholders to determine what, if any, actions to take based on the results. These actions may include anything from making new decisions about corporate strategy or corporate operations, or restructuring the metrics program.