PR-P: Protect-P
Description
Develop and implement appropriate data processing safeguards.
The Protect-P Function covers data protection to prevent cybersecurity-related privacy events,the overlap between privacy and cybersecurity risk management.
Framework Categories
PR.PO-P: Data Protection Policies, Processes, And Procedures
Security and privacy policies (e.g., purpose, scope, roles and responsibilities in the data processing ecosystem, and management commitment), processes, and procedures are maintained and used to manage the protection of data.
PR.AC-P: Identity Management, Authentication, And Access Control
Access to data and devices is limited to authorized individuals, processes, and devices, and is managed consistent with the assessed risk of unauthorized access.
PR.DS-P: Data Security
Data are managed consistent with the organization’s risk strategy to protect individuals’ privacy and maintain data confidentiality, integrity, and availability.
PR.MA-P: Maintenance
System maintenance and repairs are performed consistent with policies, processes, and procedures.
PR.PT-P: Protective Technology
Technical security solutions are managed to ensure the security and resilience of systems/products/services and associated data, consistent with related policies, processes, procedures, and agreements.