Data breach assessment using RadarFirstData breach assessment Privacy breach assessments play an important role whenever there is an incident that threatens the privacy of individuals. These assessments help to determine if there is a breach and then serve as a measure to gauge the extent and impact of a breach. The different assessment metrics that are required to assess the breach are mentioned below: Breach factors The factors contributing to the vulnerability of personal data. The breach factors like category(desktop, server, network), the nature of the incident, the risk mitigation description are collected to assess the incident. Data elements It refers to the specific types of personal or sensitive information that may have been compromised or exposed during a data breach. Jurisdictions The areas that the personal data are exposed, the number of individuals impacted in each jurisdiction. Frequently asked questions All the breach factors/data elements are not displayed The breach factors or data elements can be mapped based on regions. The PI Artifacts are created on the regions and so the data elements and breach factors mapped to all regions and the ones which are mapped to PI Artifact region will be displayed. Data elements are not reflected while saving the form. Data elements will be saved on the breach assessment form when we click on the "Update". One needs to click on the update button on the Data elements tab to save this. What are the jurisdictions that are displayed while undergoing the assessment? The PI Artifact will be created with the specific region and the level 1 and level 2 of the locations that are mapped to this region can be selected as jurisdictions while adding the impacted individuals for each jurisdiction. RadarFirst Assessment RadarFirst Assessment results are not displayed? During the radarfirst analysis, three APIs are fired with RadarFirst. They are: Creation of RadarFirst incident.Analysis of RadarFirst Incident.Getting the assessment results from RadarFirst. There are different scenarios where the RadarFirst Analysis can fail in any of the above API calls. Name should be less than 100 characters while creating the RadarFirst Incident. The breach assessment name is used to create the RadarFirst incident. Mapping of ServiceNow breach factors/data elements/jurisdictions needs to be done with RadarFirst. As OOTB functionality we will auto map the pre-shipped breach factors and data elements when the jursidictions are mapped correctly. If a new breach factor or a new data element is created at ServiceNow, one needs to map these newly created objects to RadarFirst data. If these newly created objects are selected in assessment if no mapping is added, analysis cannot be performed. All the error messages from RadarFirst will be displayed in our widget. If more information is required for an error message here: https://app.radarfirst.com/ If the RadarFirst has a planned maintenance, we get 5XX errors from RadarFirst and they will be displayed in the widget.