Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
First Claim
1. A computer-implemented data processing method of identifying and responding to one or more potential risk triggers based on a data model, the method comprising:
- identifying, by at least one processor, one or more potential risk triggers for an entity;
assessing and analyzing, by the at least one processor, the one or more potential risk triggers to determine a relevance of a risk posed to the entity by the one or more potential risk triggers, wherein determining the relevance of the risk posed to the entity comprises;
identifying one or more similarly situated entities, the one or more similarly situated entities being situated similarly to the entity,comparing, the one or more potential risk triggers to one or more previous risk triggers experienced by the one or more similarly situated entities,identifying one or more similar risk triggers from the one or more previous risk triggers, the one or more similar risk triggers being similar to the one or more potential risk triggers,analyzing the one or more similar risk triggers to determine a relevance, determined by the one or more similarly situated entities, of the one or more similar risk triggers, anddetermining the relevance of the risk posed by the one or more potential risk triggers based at least in part on the determined relevance of the one or more similar risk triggers determined by the one or more similarly situated entities;
identifying, by the at least one processor using one or more data modeling techniques, one or more data assets, associated with the entity, that may be affected by the risk, wherein identifying the one or more data assets that may be affected by the risk comprises;
scanning a respective digital inventory for each of the one or more data assets, each respective digital inventory comprising one or more inventory attributes, andanalyzing each respective digital inventory to determine one or more inventory attributes that may be affected by the risk;
determining, by the at least one processor, based at least in part on the one or more identified data assets and the relevance of the risk posed to the entity by the one or more potential risk triggers, whether to take one or more actions in response to the one or more potential risk triggers; and
in response to determining to take the one or more actions, taking, by the at least one processor, the one or more actions to remediate the risk.
2 Assignments
0 Petitions
Accused Products
Abstract
In various embodiments, a system may be configured to substantially automatically determine whether to take one or more actions in response to one or more identified risk triggers (e.g., data breaches, regulation change, etc.). The system may, for example: (1) compare the potential risk trigger to one or more previous risks triggers experienced by the particular entity at a previous time; (2) identify a similar previous risk trigger (e.g., one or more previous risk triggers related to a similar change in regulation, breach of data, type of issue identified, etc.); (3) determine the relevance of the current risk trigger based at least in part on a determined relevance of the previous risk trigger; and (4) determine whether to take one or more actions to the current risk trigger based at least in part on one or more determined actions to take in response to the previous, similar risk trigger.
345 Citations
16 Claims
-
1. A computer-implemented data processing method of identifying and responding to one or more potential risk triggers based on a data model, the method comprising:
-
identifying, by at least one processor, one or more potential risk triggers for an entity; assessing and analyzing, by the at least one processor, the one or more potential risk triggers to determine a relevance of a risk posed to the entity by the one or more potential risk triggers, wherein determining the relevance of the risk posed to the entity comprises; identifying one or more similarly situated entities, the one or more similarly situated entities being situated similarly to the entity, comparing, the one or more potential risk triggers to one or more previous risk triggers experienced by the one or more similarly situated entities, identifying one or more similar risk triggers from the one or more previous risk triggers, the one or more similar risk triggers being similar to the one or more potential risk triggers, analyzing the one or more similar risk triggers to determine a relevance, determined by the one or more similarly situated entities, of the one or more similar risk triggers, and determining the relevance of the risk posed by the one or more potential risk triggers based at least in part on the determined relevance of the one or more similar risk triggers determined by the one or more similarly situated entities; identifying, by the at least one processor using one or more data modeling techniques, one or more data assets, associated with the entity, that may be affected by the risk, wherein identifying the one or more data assets that may be affected by the risk comprises; scanning a respective digital inventory for each of the one or more data assets, each respective digital inventory comprising one or more inventory attributes, and analyzing each respective digital inventory to determine one or more inventory attributes that may be affected by the risk; determining, by the at least one processor, based at least in part on the one or more identified data assets and the relevance of the risk posed to the entity by the one or more potential risk triggers, whether to take one or more actions in response to the one or more potential risk triggers; and in response to determining to take the one or more actions, taking, by the at least one processor, the one or more actions to remediate the risk. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-implemented data processing method for updating risk remediation data of a data model, the method comprising:
-
accessing, by at least one processor, risk remediation data for an entity that has identified one or more suitable actions to remediate a risk in response to identifying one or more data assets of the entity that may be affected by one or more potential risk triggers; receiving, by the at least one processor, an indication of an update to the one or more data assets; identifying, by the at least one processor, one or more potential new risk triggers for an entity that have arisen due to the update of the one or more data assets; assessing and analyzing, by the at least one processor, the one or more potential new risk triggers to determine a relevance of a risk posed to the entity by the one or more potential new risk triggers, wherein assessing and analyzing the one or more potential new risk triggers to determine the relevance of the risk posed to the entity comprises; identifying one or more similarly situated entities, the one or more similarly situated entities being situated similarly to the entity, comparing the one or more potential risk triggers to one or more previous risk triggers experienced by the one or more similarly situated entities, identifying one or more similar risk triggers from the one or more previous risk triggers, the one or more similar risk triggers being similar to the one or more potential new risk triggers, analyzing the one or more similar risk triggers to determine a relevance of the one or more similar risk triggers experienced by the one or more similarly situated entities, and determining the relevance of the risk posed by the one or more potential risk triggers based at least in part on a determined relevance of the one or more similar risk triggers that has been determined by the one or more similarly situated entities; identifying, by the at least one processor using one or more data modeling techniques, one or more data assets associated with the entity that may be affected by the risk, wherein identifying the one or more data assets that may be affected by the risk comprises; scanning a respective digital inventory for each of the one or more data assets, each respective digital inventory comprising one or more inventory attributes, and analyzing each respective digital inventory to determine one or more inventory attributes that may be affected by the risk; updating, by the at least one processor, the risk remediation data to include the one or more actions to remediate the risk in response to identifying the one or more potential updated risk triggers; determining, by the at least one processor, based at least in part on the one or more identified data assets and the relevance of the risk, whether to take the one or more actions in response to the one or more potential updated risk triggers; and taking, by the at least one processor, the one or more actions to remediate the risk in response to identifying the one or more potential risk triggers. - View Dependent Claims (13, 14, 15, 16)
-
Specification