LogRhythm has adopted Consolidated Compliance Framework (CCF) approach to find common control approaches across various frameworks. This approach has been applied to the GDPR Compliance Automation Suite to help organization streamline compliance objectives. All objects associated with this module follow the ‘CCF: XXX’ naming convention and utilize a restricted view to only allow those appropriate individuals to be able to see GDPR specific content.
New profiles can be created for the Global Administrator, Global Analyst, Restricted Administrator, Restricted Analyst, and Web Service Administrator security roles. The security roles enable the administrator to assign access to specific objects within the Entity to individual users. For example, many Restricted Analysts can be given access to Entity A, but not access to the same Log Sources within Entity A. Restricted Analyst 1 can have access to Log Sources 1, 2, and 3 on Entity A, while Restricted Analyst 2 has access to Log Sources 4, 5, and 6 on Entity A. This allows the organization to limit access to data and compliance content on an as-needed basis according to compliance needs.
This GDPR User Guide contains information about the following components in this module: