Unlock & harness the power of your information
with Information Fitness®
Zones
(Global IT Services across 100+ countries, ~$2B revenue, ~2000+ employees)
The Challenge
Zones approached Ringfence due to increasing levels of assurance being sought around data protection by their Customers, including renewals for existing, significant Customers generating multi-$M revenues annually for Zones.
Ringfence was asked to design and implement an International Data Protection & Privacy framework for Zones to provide stronger foundations for this globally.
Ringfence's Solution
Using Ringfence’s Information Governance pack as the underlying foundation, Ringfence worked with Zones' CPO, CISO and Information Security & Compliance team to “internationalise” this to meet Zones' global requirements across multiple jurisdictions.
Data Flows documents were then created, focused initially on Zones' processing of EU/UK sourced personal data/PII for Customers and Employees, to ensure that these were fully understood and being carried out safely and legally, with improvements needed being discussed and agreed with the relevant Zones managers.
Ringfence was also requested to ensure that Zones' International Data Protection & Privacy framework fully supported and was aligned to the latest ISO/IEC 27701 (Privacy) and ISO/IEC (Information Security) international standards as part of Zones upgrading these. This was achieved working with Zones' global Information Security & Compliance team to re-build from the ground up the necessary process changes and documentation and provide support for their wider Zones rollout.
Ringfence also provided Zones with Data Protection as a Service expertise as and when required, including specific Data Subject requests & helping Zones to achieve EU-U.S. Data Privacy Framework (DPF) self-certification.
Key Outcomes
International Data Protection & Privacy framework fully established, initially populated to reflect Zones' processing of EU/UK sourced personal data/PII.
Fully aligned with ISO/IEC 27701 (Privacy) and ISO/IEC 27001 (Information Security) international standards, supporting Zones' successful and on-going re-certification.
Better awareness and embedding of privacy fundamentals & key controls across Zones globally through training, comms, policy/process & governance improvements.
Easier and quicker provision of credible, detailed assurance to Zones' Customers, particularly across the UK & EU, as part of commercial bids, tenders and renewals.