The client is a leading American company which provides risk management and asset protection software and services to the automotive industry. They were facing challenges in identifying and implementing reasonable security controls to develop an IT product in compliance with California Consumer Privacy Act (CCPA).
Infosys helped by conducting CCPA assessment for the application platform to determine the requisite reasonable security controls are in place that enable compliance with CCPA.
Key Challenges
The following were not compliant to CCPA:
- Privacy controls for handling personal information
- Reasonable security controls for personal information processing
- Privacy by design and secure code development practices for application development
The Solution
Conducted CCPA assessment to identify security gaps
- Checklist developed for reasonable security controls to enable compliance with CCPA
- Policies and procedural documents reviewed for client’s application platform
- Workshops conducted with the application owner and centralized IT team
- Gap assessment report provided to the client
Benefits
Built an effective roadmap in compliance with CCPA
Gaps identified with reference to Open Web Application Security Project (OWASP) standards to ensure implementation of reasonable security controls
Roadmap defined to comply with CCPA
Application security audit procedure provided to demonstrate compliance with CCPA on a regular basis
