The Privacy Engineer's Manifesto : : Getting from Policy to Code to QA to Value.
Saved in:
: | |
---|---|
TeilnehmendeR: | |
Place / Publishing House: | Berkeley, CA : : Apress L. P.,, 2014. ©2014. |
Year of Publication: | 2014 |
Edition: | 1st ed. |
Language: | English |
Online Access: | |
Physical Description: | 1 online resource (386 pages) |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
id |
5006422513 |
---|---|
ctrlnum |
(MiAaPQ)5006422513 (Au-PeEL)EBL6422513 (OCoLC)1231606322 |
collection |
bib_alma |
record_format |
marc |
spelling |
Dennedy, Michelle. The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value. 1st ed. Berkeley, CA : Apress L. P., 2014. ©2014. 1 online resource (386 pages) text txt rdacontent computer c rdamedia online resource cr rdacarrier Intro -- Contents at a Glance -- Contents -- About the Authors -- About the Technical Reviewers -- Acknowledgments -- Foreword, with the Zeal of a Convert -- Part1: Getting Your Head Around Privacy -- Chapter 1: Technology Evolution, People, and Privacy -- The Relationship Between Information Technology Innovation and Privacy -- The Information Age -- The Firewall Stage -- The Net Stage -- The Extranet Stage -- Access Stage -- The Intelligence Stage -- The Dawning of the Personal Information Service Economy -- Data-Centric and Person-Centric Processing -- Conclusion -- Chapter 2: Foundational Concepts and Frameworks -- What Is Privacy? -- Privacy Engineering -- Personal Information -- Privacy -- An Operational Definition of Privacy -- Processing of Personal Information -- Authorized -- Fair and Legitimate -- Fair Information Processing Principles and the OECD Guidelines -- Collection Limitation Principle -- Data Quality Principle -- Purpose Specification Principle -- Use Limitation Principle -- Security Safeguards Principle -- Openness Principle -- Individual Participation Principle -- Accountability Principle -- Other Governance Standards of which to be aware -- Privacy Is Not Confidentiality and Security Is Not Privacy -- Confidentiality ≠ Privacy -- Security ≠ Privacy -- The Overlaps -- The Disconnects -- Conclusion -- Chapter 3: Data and Privacy Governance Concepts -- Data Management: The Management of "Stuff" -- Data Governance -- Benefits of Data Governance -- The Privacy and Data Governance/Stewardship Connection -- Data Privacy Governance Frameworks -- Generally Accepted Privacy Principles (GAPP) -- Impact of Frameworks on the Privacy Engineer -- Frameworks Are Not the Same as Laws -- Privacy by Design -- How Privacy Engineering and Privacy by Design work Together -- Conclusion -- Part2: The Privacy Engineering Process. Chapter 4: Developing Privacy Policies -- Elements of Privacy Engineering Development -- Privacy Policy Development -- What Is a Good Policy? -- Designing a Privacy Policy -- What Should Be Included in a Privacy Policy? -- General-Level Privacy Policy Development -- Enterprise-Specific Privacy Development -- Internal vs. External Policies -- Policies, Present, and Future -- Conclusion -- Chapter 5: Developing Privacy Engineering Requirements -- Three Example Scenarios -- Example Scenario 1: The Privacy Component -- Example Scenario 2: A Runner's App -- Example Scenario 3: Hospitality Vacation Planner -- Privacy Requirements Engineering -- Privacy Requirements Engineering -- Use Cases: A Tool for Requirements Gathering -- Use Cases within Privacy Engineering -- Privacy Requirements Derived from Privacy Frameworks -- Develop Privacy Requirement Use Cases -- Use Case Metadata -- Use Case Metadata Model -- The Privacy Engineer's Use of Use Case Metadata -- Determining Data Requirements -- How Does the Distribution Channel Impact Privacy Engineering Requirements? -- Cloud Privacy Requirements -- Conclusion -- Chapter 6: A Privacy Engineering Lifecycle Methodology -- Enterprise Architecture -- Architectural Views -- Solution Architecture -- Develop Procedures, Processes, and Mechanisms -- Methodology -- System Engineering Lifecycle -- The Use of Models within the Methodology -- Stage 1: Project Initiation and Scoping Workshop -- Project Initiation Defines Project Processes -- Requirements Definition Within the Scoping Workshop -- Scoping Deliverables -- Stage 2: Develop Use Cases and Class or Data Models -- Develop Business Activity Diagrams -- Using the Business Activity Diagram for Privacy Assessment -- Defining Business and Privacy Data Classes -- Using the Unified Modeling Language Class Model as a Data Model -- Example: Privacy Component Class Model. Data Modeling Steps -- Stage 3: Design an Engineered Solution -- User Interface Design -- Basic User Interface Design Steps -- Mapping Business Class Objects to System and Technology Objects -- Prototyping Caveats -- User Interface Prototype -- Component Design -- What Is Component Architecture? -- Example: Privacy Component -- Privacy Rules -- Develop a System Activity Diagram -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Privacy Enabling Technologies -- Stage 4: Complete System Development -- Stages 5 and 6: Quality Assurance and Rollout -- Develop and Execute Test Cases -- Testing and Rollout Deliverables -- Knowledge Transfer -- Conclusion -- Chapter 7: The Privacy Component App -- Privacy Component Context Diagram -- Use Case Requirements to Build a "Privacy Component" -- The Privacy Component Class Model -- Developing the Unified Modeling Language Class Model -- Privacy Component User Interface Requirements -- Design the Privacy Component Solution -- The Privacy Component Solution Architecture -- The Privacy Component Class Structure -- Privacy Component System Activity Diagram -- Privacy Assessment Using the System Activity Diagram -- Develop the Privacy Component Design -- Using the System Development Methodology for the Privacy Component -- Conclusion -- Chapter 8: A Runner's Mobile App -- The Runner's Mobile App Use Case -- The Runner's App Class or Data Model -- The Runner's App User Experience Requirements -- Design the App Structure -- The Runner's App System Activity Diagram -- Privacy Assessment Using a System Activity Diagram -- Develop the Runner's App Component Design -- Using the System Development Methodology -- Conclusion -- Chapter 9: Vacation Planner Application -- Requirements Definition -- Use Case Metadata for Hospitality Vacation Planner Enterprise Application. Develop Business Activity Diagrams -- Business Activity Diagram for Scenario 3: Vacation Planning -- Activity Diagram Used as a Part of Privacy Assessment -- Privacy Component Class and Data Model -- Vacation Planner User Interface Requirements -- Design the Vacation Planner Solution -- The Vacation Planner Solution Architecture -- The Vacation Planner Component Architecture Structure -- Develop System Activity Diagrams -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Using the System Development Methodology -- Conclusion -- Chapter 10: Privacy Engineering and Quality Assurance -- Quality Assurance -- Using Frameworks to Create a Privacy Quality Assurance Checklist -- Purpose -- Notice -- Choice or Consent -- Transfer -- Access, Correction, or Deletion -- Security -- Minimization -- Proportionality -- Retention -- Act Responsibly -- Privacy Concerns During Quality Assurance -- Vector 1: Managing Privacy During Quality Assurance -- Vector 2: Privacy Impact Assessment: A Validation Tool -- Who Is Usually Involved in a PIA? -- What Should a Privacy Impact Assessment Document Contain? -- Vector 3: The Importance and Value of Privacy Impact Assessment to Key Stakeholders -- Resources for Conducting Privacy Impact Assessments -- Conclusion -- Part3: Organizing for the Privacy Information Age -- Chapter 11: Engineering Your Organization to Be Privacy Ready -- Privacy Responsibilities in Different Parts of the Organization -- Privacy Awareness and Readiness Assessments -- Define Existing Systems and Processes -- Consider the Context -- Skills Assessment -- Building the Operational Plan for Privacy Awareness and Readiness -- Building a Communication and Training Plan for Privacy Awareness and Readiness -- Communicating -- Internal Communications -- External Communication -- A Word About What Are Usually Important, but Boring Words. Monitoring and Adapting the Strategy -- Conclusion -- Chapter 12: Organizational Design and Alignment -- Organizational Placement and Structure -- Horizontal Privacy Team: Pros -- Horizontal Privacy Teams: Cons -- Common Privacy Engineering Roles -- Challenges of Bringing Privacy Engineering to the Forefront -- Expanding Executive Management Support -- Spreading Awareness and Gaining Cultural Acceptance -- Extending Your Reach with Limited Resources -- Creating Alliances -- Expanding the Scope of Data Governance -- Remaining Productive Amid Competing Priorities and Demands -- Best Practices for Organizational Alignment -- Aligning with Information Technology and Information Security -- Aligning with Data Governance Functions -- Benefits of Data Governance -- Business Benefits of Alignment -- Other Benefits -- Conclusion -- Part4: Where Do We Go from Here? -- Chapter 13: Value and Metrics for Data Assets -- Finding Values for Data -- Valuation Models -- Model 1 -- Model 2 -- Model 3 -- Model 4 -- Model 5 -- Building the Business Case -- Turning Talk into Action -- Conclusion -- Chapter 14: A Vision of the Future: The Privacy Engineer's Manifesto -- Where the Future Doesn't Need Us -- Even Social Networks (and Their Leaders) Get Cranky When Their Privacy Is Compromised -- Let's Remember How We Got Here -- Privacy Is Not a One-Size-Fits-All Formula -- Innovation and Privacy -- Societal Pressures and Privacy -- It Still Comes Down to Trust and Value -- A New Building Code for Privacy -- Getting Started -- A Privacy Engineer's Manifesto -- Conclusion -- Appendix A: Use-Case Metadata -- Example Use-Case Format -- Appendix B: Meet the Contributors -- Index. Description based on publisher supplied metadata and other sources. Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. Electronic books. Fox, Jonathan. Finneran, Tom. Print version: Dennedy, Michelle The Privacy Engineer's Manifesto Berkeley, CA : Apress L. P.,c2014 9781430263555 ProQuest (Firm) https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422513 Click to View |
language |
English |
format |
eBook |
author |
Dennedy, Michelle. |
spellingShingle |
Dennedy, Michelle. The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value. Intro -- Contents at a Glance -- Contents -- About the Authors -- About the Technical Reviewers -- Acknowledgments -- Foreword, with the Zeal of a Convert -- Part1: Getting Your Head Around Privacy -- Chapter 1: Technology Evolution, People, and Privacy -- The Relationship Between Information Technology Innovation and Privacy -- The Information Age -- The Firewall Stage -- The Net Stage -- The Extranet Stage -- Access Stage -- The Intelligence Stage -- The Dawning of the Personal Information Service Economy -- Data-Centric and Person-Centric Processing -- Conclusion -- Chapter 2: Foundational Concepts and Frameworks -- What Is Privacy? -- Privacy Engineering -- Personal Information -- Privacy -- An Operational Definition of Privacy -- Processing of Personal Information -- Authorized -- Fair and Legitimate -- Fair Information Processing Principles and the OECD Guidelines -- Collection Limitation Principle -- Data Quality Principle -- Purpose Specification Principle -- Use Limitation Principle -- Security Safeguards Principle -- Openness Principle -- Individual Participation Principle -- Accountability Principle -- Other Governance Standards of which to be aware -- Privacy Is Not Confidentiality and Security Is Not Privacy -- Confidentiality ≠ Privacy -- Security ≠ Privacy -- The Overlaps -- The Disconnects -- Conclusion -- Chapter 3: Data and Privacy Governance Concepts -- Data Management: The Management of "Stuff" -- Data Governance -- Benefits of Data Governance -- The Privacy and Data Governance/Stewardship Connection -- Data Privacy Governance Frameworks -- Generally Accepted Privacy Principles (GAPP) -- Impact of Frameworks on the Privacy Engineer -- Frameworks Are Not the Same as Laws -- Privacy by Design -- How Privacy Engineering and Privacy by Design work Together -- Conclusion -- Part2: The Privacy Engineering Process. Chapter 4: Developing Privacy Policies -- Elements of Privacy Engineering Development -- Privacy Policy Development -- What Is a Good Policy? -- Designing a Privacy Policy -- What Should Be Included in a Privacy Policy? -- General-Level Privacy Policy Development -- Enterprise-Specific Privacy Development -- Internal vs. External Policies -- Policies, Present, and Future -- Conclusion -- Chapter 5: Developing Privacy Engineering Requirements -- Three Example Scenarios -- Example Scenario 1: The Privacy Component -- Example Scenario 2: A Runner's App -- Example Scenario 3: Hospitality Vacation Planner -- Privacy Requirements Engineering -- Privacy Requirements Engineering -- Use Cases: A Tool for Requirements Gathering -- Use Cases within Privacy Engineering -- Privacy Requirements Derived from Privacy Frameworks -- Develop Privacy Requirement Use Cases -- Use Case Metadata -- Use Case Metadata Model -- The Privacy Engineer's Use of Use Case Metadata -- Determining Data Requirements -- How Does the Distribution Channel Impact Privacy Engineering Requirements? -- Cloud Privacy Requirements -- Conclusion -- Chapter 6: A Privacy Engineering Lifecycle Methodology -- Enterprise Architecture -- Architectural Views -- Solution Architecture -- Develop Procedures, Processes, and Mechanisms -- Methodology -- System Engineering Lifecycle -- The Use of Models within the Methodology -- Stage 1: Project Initiation and Scoping Workshop -- Project Initiation Defines Project Processes -- Requirements Definition Within the Scoping Workshop -- Scoping Deliverables -- Stage 2: Develop Use Cases and Class or Data Models -- Develop Business Activity Diagrams -- Using the Business Activity Diagram for Privacy Assessment -- Defining Business and Privacy Data Classes -- Using the Unified Modeling Language Class Model as a Data Model -- Example: Privacy Component Class Model. Data Modeling Steps -- Stage 3: Design an Engineered Solution -- User Interface Design -- Basic User Interface Design Steps -- Mapping Business Class Objects to System and Technology Objects -- Prototyping Caveats -- User Interface Prototype -- Component Design -- What Is Component Architecture? -- Example: Privacy Component -- Privacy Rules -- Develop a System Activity Diagram -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Privacy Enabling Technologies -- Stage 4: Complete System Development -- Stages 5 and 6: Quality Assurance and Rollout -- Develop and Execute Test Cases -- Testing and Rollout Deliverables -- Knowledge Transfer -- Conclusion -- Chapter 7: The Privacy Component App -- Privacy Component Context Diagram -- Use Case Requirements to Build a "Privacy Component" -- The Privacy Component Class Model -- Developing the Unified Modeling Language Class Model -- Privacy Component User Interface Requirements -- Design the Privacy Component Solution -- The Privacy Component Solution Architecture -- The Privacy Component Class Structure -- Privacy Component System Activity Diagram -- Privacy Assessment Using the System Activity Diagram -- Develop the Privacy Component Design -- Using the System Development Methodology for the Privacy Component -- Conclusion -- Chapter 8: A Runner's Mobile App -- The Runner's Mobile App Use Case -- The Runner's App Class or Data Model -- The Runner's App User Experience Requirements -- Design the App Structure -- The Runner's App System Activity Diagram -- Privacy Assessment Using a System Activity Diagram -- Develop the Runner's App Component Design -- Using the System Development Methodology -- Conclusion -- Chapter 9: Vacation Planner Application -- Requirements Definition -- Use Case Metadata for Hospitality Vacation Planner Enterprise Application. Develop Business Activity Diagrams -- Business Activity Diagram for Scenario 3: Vacation Planning -- Activity Diagram Used as a Part of Privacy Assessment -- Privacy Component Class and Data Model -- Vacation Planner User Interface Requirements -- Design the Vacation Planner Solution -- The Vacation Planner Solution Architecture -- The Vacation Planner Component Architecture Structure -- Develop System Activity Diagrams -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Using the System Development Methodology -- Conclusion -- Chapter 10: Privacy Engineering and Quality Assurance -- Quality Assurance -- Using Frameworks to Create a Privacy Quality Assurance Checklist -- Purpose -- Notice -- Choice or Consent -- Transfer -- Access, Correction, or Deletion -- Security -- Minimization -- Proportionality -- Retention -- Act Responsibly -- Privacy Concerns During Quality Assurance -- Vector 1: Managing Privacy During Quality Assurance -- Vector 2: Privacy Impact Assessment: A Validation Tool -- Who Is Usually Involved in a PIA? -- What Should a Privacy Impact Assessment Document Contain? -- Vector 3: The Importance and Value of Privacy Impact Assessment to Key Stakeholders -- Resources for Conducting Privacy Impact Assessments -- Conclusion -- Part3: Organizing for the Privacy Information Age -- Chapter 11: Engineering Your Organization to Be Privacy Ready -- Privacy Responsibilities in Different Parts of the Organization -- Privacy Awareness and Readiness Assessments -- Define Existing Systems and Processes -- Consider the Context -- Skills Assessment -- Building the Operational Plan for Privacy Awareness and Readiness -- Building a Communication and Training Plan for Privacy Awareness and Readiness -- Communicating -- Internal Communications -- External Communication -- A Word About What Are Usually Important, but Boring Words. Monitoring and Adapting the Strategy -- Conclusion -- Chapter 12: Organizational Design and Alignment -- Organizational Placement and Structure -- Horizontal Privacy Team: Pros -- Horizontal Privacy Teams: Cons -- Common Privacy Engineering Roles -- Challenges of Bringing Privacy Engineering to the Forefront -- Expanding Executive Management Support -- Spreading Awareness and Gaining Cultural Acceptance -- Extending Your Reach with Limited Resources -- Creating Alliances -- Expanding the Scope of Data Governance -- Remaining Productive Amid Competing Priorities and Demands -- Best Practices for Organizational Alignment -- Aligning with Information Technology and Information Security -- Aligning with Data Governance Functions -- Benefits of Data Governance -- Business Benefits of Alignment -- Other Benefits -- Conclusion -- Part4: Where Do We Go from Here? -- Chapter 13: Value and Metrics for Data Assets -- Finding Values for Data -- Valuation Models -- Model 1 -- Model 2 -- Model 3 -- Model 4 -- Model 5 -- Building the Business Case -- Turning Talk into Action -- Conclusion -- Chapter 14: A Vision of the Future: The Privacy Engineer's Manifesto -- Where the Future Doesn't Need Us -- Even Social Networks (and Their Leaders) Get Cranky When Their Privacy Is Compromised -- Let's Remember How We Got Here -- Privacy Is Not a One-Size-Fits-All Formula -- Innovation and Privacy -- Societal Pressures and Privacy -- It Still Comes Down to Trust and Value -- A New Building Code for Privacy -- Getting Started -- A Privacy Engineer's Manifesto -- Conclusion -- Appendix A: Use-Case Metadata -- Example Use-Case Format -- Appendix B: Meet the Contributors -- Index. |
author_facet |
Dennedy, Michelle. Fox, Jonathan. Finneran, Tom. |
author_variant |
m d md |
author2 |
Fox, Jonathan. Finneran, Tom. |
author2_variant |
j f jf t f tf |
author2_role |
TeilnehmendeR TeilnehmendeR |
author_sort |
Dennedy, Michelle. |
title |
The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value. |
title_sub |
Getting from Policy to Code to QA to Value. |
title_full |
The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value. |
title_fullStr |
The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value. |
title_full_unstemmed |
The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value. |
title_auth |
The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value. |
title_new |
The Privacy Engineer's Manifesto : |
title_sort |
the privacy engineer's manifesto : getting from policy to code to qa to value. |
publisher |
Apress L. P., |
publishDate |
2014 |
physical |
1 online resource (386 pages) |
edition |
1st ed. |
contents |
Intro -- Contents at a Glance -- Contents -- About the Authors -- About the Technical Reviewers -- Acknowledgments -- Foreword, with the Zeal of a Convert -- Part1: Getting Your Head Around Privacy -- Chapter 1: Technology Evolution, People, and Privacy -- The Relationship Between Information Technology Innovation and Privacy -- The Information Age -- The Firewall Stage -- The Net Stage -- The Extranet Stage -- Access Stage -- The Intelligence Stage -- The Dawning of the Personal Information Service Economy -- Data-Centric and Person-Centric Processing -- Conclusion -- Chapter 2: Foundational Concepts and Frameworks -- What Is Privacy? -- Privacy Engineering -- Personal Information -- Privacy -- An Operational Definition of Privacy -- Processing of Personal Information -- Authorized -- Fair and Legitimate -- Fair Information Processing Principles and the OECD Guidelines -- Collection Limitation Principle -- Data Quality Principle -- Purpose Specification Principle -- Use Limitation Principle -- Security Safeguards Principle -- Openness Principle -- Individual Participation Principle -- Accountability Principle -- Other Governance Standards of which to be aware -- Privacy Is Not Confidentiality and Security Is Not Privacy -- Confidentiality ≠ Privacy -- Security ≠ Privacy -- The Overlaps -- The Disconnects -- Conclusion -- Chapter 3: Data and Privacy Governance Concepts -- Data Management: The Management of "Stuff" -- Data Governance -- Benefits of Data Governance -- The Privacy and Data Governance/Stewardship Connection -- Data Privacy Governance Frameworks -- Generally Accepted Privacy Principles (GAPP) -- Impact of Frameworks on the Privacy Engineer -- Frameworks Are Not the Same as Laws -- Privacy by Design -- How Privacy Engineering and Privacy by Design work Together -- Conclusion -- Part2: The Privacy Engineering Process. Chapter 4: Developing Privacy Policies -- Elements of Privacy Engineering Development -- Privacy Policy Development -- What Is a Good Policy? -- Designing a Privacy Policy -- What Should Be Included in a Privacy Policy? -- General-Level Privacy Policy Development -- Enterprise-Specific Privacy Development -- Internal vs. External Policies -- Policies, Present, and Future -- Conclusion -- Chapter 5: Developing Privacy Engineering Requirements -- Three Example Scenarios -- Example Scenario 1: The Privacy Component -- Example Scenario 2: A Runner's App -- Example Scenario 3: Hospitality Vacation Planner -- Privacy Requirements Engineering -- Privacy Requirements Engineering -- Use Cases: A Tool for Requirements Gathering -- Use Cases within Privacy Engineering -- Privacy Requirements Derived from Privacy Frameworks -- Develop Privacy Requirement Use Cases -- Use Case Metadata -- Use Case Metadata Model -- The Privacy Engineer's Use of Use Case Metadata -- Determining Data Requirements -- How Does the Distribution Channel Impact Privacy Engineering Requirements? -- Cloud Privacy Requirements -- Conclusion -- Chapter 6: A Privacy Engineering Lifecycle Methodology -- Enterprise Architecture -- Architectural Views -- Solution Architecture -- Develop Procedures, Processes, and Mechanisms -- Methodology -- System Engineering Lifecycle -- The Use of Models within the Methodology -- Stage 1: Project Initiation and Scoping Workshop -- Project Initiation Defines Project Processes -- Requirements Definition Within the Scoping Workshop -- Scoping Deliverables -- Stage 2: Develop Use Cases and Class or Data Models -- Develop Business Activity Diagrams -- Using the Business Activity Diagram for Privacy Assessment -- Defining Business and Privacy Data Classes -- Using the Unified Modeling Language Class Model as a Data Model -- Example: Privacy Component Class Model. Data Modeling Steps -- Stage 3: Design an Engineered Solution -- User Interface Design -- Basic User Interface Design Steps -- Mapping Business Class Objects to System and Technology Objects -- Prototyping Caveats -- User Interface Prototype -- Component Design -- What Is Component Architecture? -- Example: Privacy Component -- Privacy Rules -- Develop a System Activity Diagram -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Privacy Enabling Technologies -- Stage 4: Complete System Development -- Stages 5 and 6: Quality Assurance and Rollout -- Develop and Execute Test Cases -- Testing and Rollout Deliverables -- Knowledge Transfer -- Conclusion -- Chapter 7: The Privacy Component App -- Privacy Component Context Diagram -- Use Case Requirements to Build a "Privacy Component" -- The Privacy Component Class Model -- Developing the Unified Modeling Language Class Model -- Privacy Component User Interface Requirements -- Design the Privacy Component Solution -- The Privacy Component Solution Architecture -- The Privacy Component Class Structure -- Privacy Component System Activity Diagram -- Privacy Assessment Using the System Activity Diagram -- Develop the Privacy Component Design -- Using the System Development Methodology for the Privacy Component -- Conclusion -- Chapter 8: A Runner's Mobile App -- The Runner's Mobile App Use Case -- The Runner's App Class or Data Model -- The Runner's App User Experience Requirements -- Design the App Structure -- The Runner's App System Activity Diagram -- Privacy Assessment Using a System Activity Diagram -- Develop the Runner's App Component Design -- Using the System Development Methodology -- Conclusion -- Chapter 9: Vacation Planner Application -- Requirements Definition -- Use Case Metadata for Hospitality Vacation Planner Enterprise Application. Develop Business Activity Diagrams -- Business Activity Diagram for Scenario 3: Vacation Planning -- Activity Diagram Used as a Part of Privacy Assessment -- Privacy Component Class and Data Model -- Vacation Planner User Interface Requirements -- Design the Vacation Planner Solution -- The Vacation Planner Solution Architecture -- The Vacation Planner Component Architecture Structure -- Develop System Activity Diagrams -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Using the System Development Methodology -- Conclusion -- Chapter 10: Privacy Engineering and Quality Assurance -- Quality Assurance -- Using Frameworks to Create a Privacy Quality Assurance Checklist -- Purpose -- Notice -- Choice or Consent -- Transfer -- Access, Correction, or Deletion -- Security -- Minimization -- Proportionality -- Retention -- Act Responsibly -- Privacy Concerns During Quality Assurance -- Vector 1: Managing Privacy During Quality Assurance -- Vector 2: Privacy Impact Assessment: A Validation Tool -- Who Is Usually Involved in a PIA? -- What Should a Privacy Impact Assessment Document Contain? -- Vector 3: The Importance and Value of Privacy Impact Assessment to Key Stakeholders -- Resources for Conducting Privacy Impact Assessments -- Conclusion -- Part3: Organizing for the Privacy Information Age -- Chapter 11: Engineering Your Organization to Be Privacy Ready -- Privacy Responsibilities in Different Parts of the Organization -- Privacy Awareness and Readiness Assessments -- Define Existing Systems and Processes -- Consider the Context -- Skills Assessment -- Building the Operational Plan for Privacy Awareness and Readiness -- Building a Communication and Training Plan for Privacy Awareness and Readiness -- Communicating -- Internal Communications -- External Communication -- A Word About What Are Usually Important, but Boring Words. Monitoring and Adapting the Strategy -- Conclusion -- Chapter 12: Organizational Design and Alignment -- Organizational Placement and Structure -- Horizontal Privacy Team: Pros -- Horizontal Privacy Teams: Cons -- Common Privacy Engineering Roles -- Challenges of Bringing Privacy Engineering to the Forefront -- Expanding Executive Management Support -- Spreading Awareness and Gaining Cultural Acceptance -- Extending Your Reach with Limited Resources -- Creating Alliances -- Expanding the Scope of Data Governance -- Remaining Productive Amid Competing Priorities and Demands -- Best Practices for Organizational Alignment -- Aligning with Information Technology and Information Security -- Aligning with Data Governance Functions -- Benefits of Data Governance -- Business Benefits of Alignment -- Other Benefits -- Conclusion -- Part4: Where Do We Go from Here? -- Chapter 13: Value and Metrics for Data Assets -- Finding Values for Data -- Valuation Models -- Model 1 -- Model 2 -- Model 3 -- Model 4 -- Model 5 -- Building the Business Case -- Turning Talk into Action -- Conclusion -- Chapter 14: A Vision of the Future: The Privacy Engineer's Manifesto -- Where the Future Doesn't Need Us -- Even Social Networks (and Their Leaders) Get Cranky When Their Privacy Is Compromised -- Let's Remember How We Got Here -- Privacy Is Not a One-Size-Fits-All Formula -- Innovation and Privacy -- Societal Pressures and Privacy -- It Still Comes Down to Trust and Value -- A New Building Code for Privacy -- Getting Started -- A Privacy Engineer's Manifesto -- Conclusion -- Appendix A: Use-Case Metadata -- Example Use-Case Format -- Appendix B: Meet the Contributors -- Index. |
isbn |
9781430263562 9781430263555 |
callnumber-first |
Q - Science |
callnumber-subject |
QA - Mathematics |
callnumber-label |
QA76 |
callnumber-sort |
QA 276.9 A25 |
genre |
Electronic books. |
genre_facet |
Electronic books. |
url |
https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422513 |
illustrated |
Not Illustrated |
oclc_num |
1231606322 |
work_keys_str_mv |
AT dennedymichelle theprivacyengineersmanifestogettingfrompolicytocodetoqatovalue AT foxjonathan theprivacyengineersmanifestogettingfrompolicytocodetoqatovalue AT finnerantom theprivacyengineersmanifestogettingfrompolicytocodetoqatovalue AT dennedymichelle privacyengineersmanifestogettingfrompolicytocodetoqatovalue AT foxjonathan privacyengineersmanifestogettingfrompolicytocodetoqatovalue AT finnerantom privacyengineersmanifestogettingfrompolicytocodetoqatovalue |
status_str |
n |
ids_txt_mv |
(MiAaPQ)5006422513 (Au-PeEL)EBL6422513 (OCoLC)1231606322 |
carrierType_str_mv |
cr |
is_hierarchy_title |
The Privacy Engineer's Manifesto : Getting from Policy to Code to QA to Value. |
author2_original_writing_str_mv |
noLinkedField noLinkedField |
marc_error |
Info : MARC8 translation shorter than ISO-8859-1, choosing MARC8. --- [ 856 : z ] |
_version_ |
1792331057648893952 |
fullrecord |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>10762nam a22004453i 4500</leader><controlfield tag="001">5006422513</controlfield><controlfield tag="003">MiAaPQ</controlfield><controlfield tag="005">20240229073837.0</controlfield><controlfield tag="006">m o d | </controlfield><controlfield tag="007">cr cnu||||||||</controlfield><controlfield tag="008">240229s2014 xx o ||||0 eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781430263562</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781430263555</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(MiAaPQ)5006422513</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(Au-PeEL)EBL6422513</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1231606322</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">MiAaPQ</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">MiAaPQ</subfield><subfield code="d">MiAaPQ</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.9.A25</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Dennedy, Michelle.</subfield></datafield><datafield tag="245" ind1="1" ind2="4"><subfield code="a">The Privacy Engineer's Manifesto :</subfield><subfield code="b">Getting from Policy to Code to QA to Value.</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">1st ed.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Berkeley, CA :</subfield><subfield code="b">Apress L. P.,</subfield><subfield code="c">2014.</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">©2014.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (386 pages)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Intro -- Contents at a Glance -- Contents -- About the Authors -- About the Technical Reviewers -- Acknowledgments -- Foreword, with the Zeal of a Convert -- Part1: Getting Your Head Around Privacy -- Chapter 1: Technology Evolution, People, and Privacy -- The Relationship Between Information Technology Innovation and Privacy -- The Information Age -- The Firewall Stage -- The Net Stage -- The Extranet Stage -- Access Stage -- The Intelligence Stage -- The Dawning of the Personal Information Service Economy -- Data-Centric and Person-Centric Processing -- Conclusion -- Chapter 2: Foundational Concepts and Frameworks -- What Is Privacy? -- Privacy Engineering -- Personal Information -- Privacy -- An Operational Definition of Privacy -- Processing of Personal Information -- Authorized -- Fair and Legitimate -- Fair Information Processing Principles and the OECD Guidelines -- Collection Limitation Principle -- Data Quality Principle -- Purpose Specification Principle -- Use Limitation Principle -- Security Safeguards Principle -- Openness Principle -- Individual Participation Principle -- Accountability Principle -- Other Governance Standards of which to be aware -- Privacy Is Not Confidentiality and Security Is Not Privacy -- Confidentiality ≠ Privacy -- Security ≠ Privacy -- The Overlaps -- The Disconnects -- Conclusion -- Chapter 3: Data and Privacy Governance Concepts -- Data Management: The Management of "Stuff" -- Data Governance -- Benefits of Data Governance -- The Privacy and Data Governance/Stewardship Connection -- Data Privacy Governance Frameworks -- Generally Accepted Privacy Principles (GAPP) -- Impact of Frameworks on the Privacy Engineer -- Frameworks Are Not the Same as Laws -- Privacy by Design -- How Privacy Engineering and Privacy by Design work Together -- Conclusion -- Part2: The Privacy Engineering Process.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Chapter 4: Developing Privacy Policies -- Elements of Privacy Engineering Development -- Privacy Policy Development -- What Is a Good Policy? -- Designing a Privacy Policy -- What Should Be Included in a Privacy Policy? -- General-Level Privacy Policy Development -- Enterprise-Specific Privacy Development -- Internal vs. External Policies -- Policies, Present, and Future -- Conclusion -- Chapter 5: Developing Privacy Engineering Requirements -- Three Example Scenarios -- Example Scenario 1: The Privacy Component -- Example Scenario 2: A Runner's App -- Example Scenario 3: Hospitality Vacation Planner -- Privacy Requirements Engineering -- Privacy Requirements Engineering -- Use Cases: A Tool for Requirements Gathering -- Use Cases within Privacy Engineering -- Privacy Requirements Derived from Privacy Frameworks -- Develop Privacy Requirement Use Cases -- Use Case Metadata -- Use Case Metadata Model -- The Privacy Engineer's Use of Use Case Metadata -- Determining Data Requirements -- How Does the Distribution Channel Impact Privacy Engineering Requirements? -- Cloud Privacy Requirements -- Conclusion -- Chapter 6: A Privacy Engineering Lifecycle Methodology -- Enterprise Architecture -- Architectural Views -- Solution Architecture -- Develop Procedures, Processes, and Mechanisms -- Methodology -- System Engineering Lifecycle -- The Use of Models within the Methodology -- Stage 1: Project Initiation and Scoping Workshop -- Project Initiation Defines Project Processes -- Requirements Definition Within the Scoping Workshop -- Scoping Deliverables -- Stage 2: Develop Use Cases and Class or Data Models -- Develop Business Activity Diagrams -- Using the Business Activity Diagram for Privacy Assessment -- Defining Business and Privacy Data Classes -- Using the Unified Modeling Language Class Model as a Data Model -- Example: Privacy Component Class Model.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Data Modeling Steps -- Stage 3: Design an Engineered Solution -- User Interface Design -- Basic User Interface Design Steps -- Mapping Business Class Objects to System and Technology Objects -- Prototyping Caveats -- User Interface Prototype -- Component Design -- What Is Component Architecture? -- Example: Privacy Component -- Privacy Rules -- Develop a System Activity Diagram -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Privacy Enabling Technologies -- Stage 4: Complete System Development -- Stages 5 and 6: Quality Assurance and Rollout -- Develop and Execute Test Cases -- Testing and Rollout Deliverables -- Knowledge Transfer -- Conclusion -- Chapter 7: The Privacy Component App -- Privacy Component Context Diagram -- Use Case Requirements to Build a "Privacy Component" -- The Privacy Component Class Model -- Developing the Unified Modeling Language Class Model -- Privacy Component User Interface Requirements -- Design the Privacy Component Solution -- The Privacy Component Solution Architecture -- The Privacy Component Class Structure -- Privacy Component System Activity Diagram -- Privacy Assessment Using the System Activity Diagram -- Develop the Privacy Component Design -- Using the System Development Methodology for the Privacy Component -- Conclusion -- Chapter 8: A Runner's Mobile App -- The Runner's Mobile App Use Case -- The Runner's App Class or Data Model -- The Runner's App User Experience Requirements -- Design the App Structure -- The Runner's App System Activity Diagram -- Privacy Assessment Using a System Activity Diagram -- Develop the Runner's App Component Design -- Using the System Development Methodology -- Conclusion -- Chapter 9: Vacation Planner Application -- Requirements Definition -- Use Case Metadata for Hospitality Vacation Planner Enterprise Application.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Develop Business Activity Diagrams -- Business Activity Diagram for Scenario 3: Vacation Planning -- Activity Diagram Used as a Part of Privacy Assessment -- Privacy Component Class and Data Model -- Vacation Planner User Interface Requirements -- Design the Vacation Planner Solution -- The Vacation Planner Solution Architecture -- The Vacation Planner Component Architecture Structure -- Develop System Activity Diagrams -- Dynamic Modeling -- Define Service Components and Supporting Metadata -- Using the System Development Methodology -- Conclusion -- Chapter 10: Privacy Engineering and Quality Assurance -- Quality Assurance -- Using Frameworks to Create a Privacy Quality Assurance Checklist -- Purpose -- Notice -- Choice or Consent -- Transfer -- Access, Correction, or Deletion -- Security -- Minimization -- Proportionality -- Retention -- Act Responsibly -- Privacy Concerns During Quality Assurance -- Vector 1: Managing Privacy During Quality Assurance -- Vector 2: Privacy Impact Assessment: A Validation Tool -- Who Is Usually Involved in a PIA? -- What Should a Privacy Impact Assessment Document Contain? -- Vector 3: The Importance and Value of Privacy Impact Assessment to Key Stakeholders -- Resources for Conducting Privacy Impact Assessments -- Conclusion -- Part3: Organizing for the Privacy Information Age -- Chapter 11: Engineering Your Organization to Be Privacy Ready -- Privacy Responsibilities in Different Parts of the Organization -- Privacy Awareness and Readiness Assessments -- Define Existing Systems and Processes -- Consider the Context -- Skills Assessment -- Building the Operational Plan for Privacy Awareness and Readiness -- Building a Communication and Training Plan for Privacy Awareness and Readiness -- Communicating -- Internal Communications -- External Communication -- A Word About What Are Usually Important, but Boring Words.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Monitoring and Adapting the Strategy -- Conclusion -- Chapter 12: Organizational Design and Alignment -- Organizational Placement and Structure -- Horizontal Privacy Team: Pros -- Horizontal Privacy Teams: Cons -- Common Privacy Engineering Roles -- Challenges of Bringing Privacy Engineering to the Forefront -- Expanding Executive Management Support -- Spreading Awareness and Gaining Cultural Acceptance -- Extending Your Reach with Limited Resources -- Creating Alliances -- Expanding the Scope of Data Governance -- Remaining Productive Amid Competing Priorities and Demands -- Best Practices for Organizational Alignment -- Aligning with Information Technology and Information Security -- Aligning with Data Governance Functions -- Benefits of Data Governance -- Business Benefits of Alignment -- Other Benefits -- Conclusion -- Part4: Where Do We Go from Here? -- Chapter 13: Value and Metrics for Data Assets -- Finding Values for Data -- Valuation Models -- Model 1 -- Model 2 -- Model 3 -- Model 4 -- Model 5 -- Building the Business Case -- Turning Talk into Action -- Conclusion -- Chapter 14: A Vision of the Future: The Privacy Engineer's Manifesto -- Where the Future Doesn't Need Us -- Even Social Networks (and Their Leaders) Get Cranky When Their Privacy Is Compromised -- Let's Remember How We Got Here -- Privacy Is Not a One-Size-Fits-All Formula -- Innovation and Privacy -- Societal Pressures and Privacy -- It Still Comes Down to Trust and Value -- A New Building Code for Privacy -- Getting Started -- A Privacy Engineer's Manifesto -- Conclusion -- Appendix A: Use-Case Metadata -- Example Use-Case Format -- Appendix B: Meet the Contributors -- Index.</subfield></datafield><datafield tag="588" ind1=" " ind2=" "><subfield code="a">Description based on publisher supplied metadata and other sources.</subfield></datafield><datafield tag="590" ind1=" " ind2=" "><subfield code="a">Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2024. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries. </subfield></datafield><datafield tag="655" ind1=" " ind2="4"><subfield code="a">Electronic books.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Fox, Jonathan.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Finneran, Tom.</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Dennedy, Michelle</subfield><subfield code="t">The Privacy Engineer's Manifesto</subfield><subfield code="d">Berkeley, CA : Apress L. P.,c2014</subfield><subfield code="z">9781430263555</subfield></datafield><datafield tag="797" ind1="2" ind2=" "><subfield code="a">ProQuest (Firm)</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://ebookcentral.proquest.com/lib/oeawat/detail.action?docID=6422513</subfield><subfield code="z">Click to View</subfield></datafield></record></collection> |