Data Audit Workflow

Auditing your unstructured data and applying information governance best practices takes place in three stages.

  • Analyze: Know what data needs protecting, where it is located, and who has access to it.
  • Remediate: Move data to safe locations, delete what is redundant or obsolete, and control access.
  • Monitor: Be proactive. Automatically detect and remediate sensitive data to keep it—and your organization—safe.

1. Analyze

  • Define policies. What are your policies for where certain data types should reside, and for how long? Who should have access? Gather key data stakeholders to define your Information Governance policies.
  • To assist with this, you can generate a heat map showing where data currently resides and the access rights, enabling an initial cleanup—see Analyze Administration Guide.
  • Classify data. Much of the sensitive data that needs to be protected—and that could pose a risk to your organization—consists of PCI, PHI, and PII.
  • REMEDIATE uses Machine Learning to classify data that matches definitions for these types and assigns a classification score.
  • Search for sensitive data. The Audit Manager creates an audit to search messages, attachments, files, and associated metadata across a variety of online and offline repositories. Assign Auditors to collaborate on searches—see About Searching.
  • Review and report. Audit Managers, Auditors, and any assigned Reviewers then comb through the documents and tag them appropriately. Generate audit reports to send to other decision-makers prior to taking remediation action—see About Reviewing Documents.

2. Remediate

  • Take compliance action. You can quarantine sensitive data until you decide what to do with it. This removes the data user inboxes and document repositories. From the quarantine, you can delete items, restore them to mailboxes, or move them to more appropriate locations.

3. Monitor

  • Classify data automatically. Set up Classification tasks to run on a schedule that works for your organization, tagging data PCI, PHI, or PII the minute it enters your network.
  • Perform compliance automatically. Set up Compliance tasks to automatically quarantine, delete, or move data that meets the criteria you set.
  • Configure alerts. Receive email reports detailing new sensitive data your automated compliance tasks have found. You can log in to REMEDIATE to take immediate action on any threats.
  • Control access rights automatically. You can use ENFORCE to automatically control access rights—see Enforce Administration Guide.
  • Conduct Supervision. Organizations subject to FINRA and SEC reporting requirements can perform randomly sampled spot checks on their data for compliance, as well as prepare reports to send to the respective regulatory bodies.