PII Audit Using CA TDM Portal

The different persona-based flow for PII Audit is as follows:
tdm46
HID_data_discovery_and_profiling
PII Audit provides a reliable solution to identify any Personally Identifiable Information (PII) data across multiple data sources in an environment. Once you have identified the PII data, you can make business decisions to secure, encrypt, archive, or delete the PII data. Compliance and adherence to regulations is a critical business requirement to help prevent data breaches and their consequences.
The different persona-based flow for PII Audit is as follows:
Data Profiling role-based scenario
Data Profiling role based scenario
A Test Data Engineer (TDE) performs PII data scan as follows:
  1. Log in to CA TDM Portal.
  2. Create Classifier Packs and import Classifiers into CA TDM Portal. For more information about creating and importing Classifiers, see Manage Data Classifiers.
  3. Select one or more Connection Profiles or an Environment.
    For more information about how to create a connection profile, see Create and edit Connection Profiles.
    For more information about how to create an environment, see Create an Environment.
  4. Select the appropriate Classifier Packs.
  5. Select the PII data scan level.
  6. Select Matched Samples option if you want to view matched samples for each column in a table.
  7. Include or exclude specific tables from the PII data scan.
  8. Perform a scan for PII data.
  9. Review scan results in the Heat Map to identify the potential risk from PII data that exists within the selected Environment.
  10. Review the results that are found for each scanned table, adjust the tags as required, and confirm the table.
  11. Confirm that all tables are reviewed. Preview the draft report and submit it for an Internal Data Controller to review and sign off.
    At any stage in the PII data scan process, you can go back to the initial scan configuration step and you can modify the scanning rules to perform a re-scan.
An Internal Data Controller reviews the findings as follows:
  1. Receive an email invitation to review the report.
  2. Log in to CA TDM Portal.
  3. Review the report and sign off.
    You can either sign off or reject the report. If you reject the PII Audit Report, it appears on the Ready for Review page with the "Sign Off Rejected" status. A TDE can make necessary changes for the scan report and can submit it again for Sign-Off.
  4. Download the signed-off reports as a PDF, with Executive Summary, Job Summary, and Audit Reports.
A Management user and an external auditor request an Audit Report from the TDE. An Internal Auditor logs in to CA TDM Portal to access the final signed-off report.
This section contains the following procedures:
API Reference material: