Target Data (See also Scoped Data)

Target Data (See also Scoped Data)

Nov 13, 2018

May also be described as “Scoped Data”. Any data elements that are determined to be at risk, such as a client’s company proprietary information, confidential information, or customer information of any privacy data classification, that is stored, transmitted or processed by the service provider; including data identified as being relevant to the risks presented by an outsourced arrangement The controls centered around those data elements identified as being “in scope” are what is evaluated, monitored, and remediated as needed in contracts, assessments, and other risk management processes. Target data can also include any data selected as being in scope by the processor or controller at the scoping of an assessment engagement. The concept of “target data” “client-scoped” data is the narrowing of the scope of any assessment to solely that data that lies within the scope of the product or service being delivered.

Sub Topics