Assets that include PPI/PHI need to be properly documented in Ostendio to efficiently keep track of higher-risk items.
To track this information, create your asset or choose an already created one. Once you have clicked on that asset you will find the Business and Privacy Data configurations in the second section of the asset information.
Privacy Impact
Identifiable Information
For each type of information you are given the the following answers to choose from:
Number of Records:
- 0-500
- 501-5000
- >5000
Encrypted:
- Yes
- No
Encrypt type:
- Full
- Partial
Encrypt detail
- A textbox is provided for you to add any PHI/Encryption Details not already listed.
Business Impact
The Business Impact sections include the following categories:
Recovery:
- Recovery Point Objective (RPO)
- Recovery Decision Objective (RDO)
- Recovery Time Objective (RTO)
Criticality:
- Criticality rating
- Business Impact
- Likelihood of outage
- Financial impact
- Operational impact
- Description
Dependencies
Add the appropriate dependencies to the asset.
Once you have added the dependency, select the dependency type from the drop-down and click Save changes:
Contingency process
- Contingency notes
- Contingency plan
