The ADISA ICT Asset Recovery Standard 8.0 helps you (the data controller) and S2S Group (the data processor) manage the asset recovery process to a set standard. Data Impact Assurance Levels (DIAL) puts you in control.
Based on the answers provided, you will be able to receive an overall DIAL Rating. The service S2S Group provide as a data processor will match the rating you have generated and agree with you an ADISA accredited asset recovery plan.
In order to receive a DIAL Rating and risk assessment we ask you the data controller five questions. We call these five questions VICTAR.
VICTAR Stands For:
Volume of Data refers to the volume of data due to be processed. Asset recovery is a physical process and focuses of overall storage capacity. Therefore, we would need to (as a data controller) determine the overall capacity of storage rather than a volume of data.
Impact of a Breach on Your Own Business. As a data controller you need to assess the impact would have on your business. When deciding this impact, take into consideration your business type, the scale of data being processed, your profile and lastly the type of data you wish to be processed.
Categories of Data refers to the categories of data you need processing. These categories align with UK GDPR.
Threat to the Business. You as a data controller need to determine where threats to your data/business are likely to come from. Who is likely to want to gain access to this data? What are the motivating factors behind their actions? Is it financial, intellectual property theft or is it another purpose?
Appetite to Risk refers to the levels of risk that your business is willing to take. Businesses will want to consider the previous risk factors and judge the levels of service required.
S2S is here to assist you through the IT collection process.