DFD is to look at your critical business processes, which you should (hopefully) have identified as a part of your business impact analysis. Let’s take wire transfers as an example. It’s important to step through the flow of each process and identify where your customer information is being sent. There are typically numerous ways to initiate a wire transfer, whether it be in person, over the phone, via email or through a business online banking platform. Where does your customer information go after the request is initiated? Through which entity or vendor does it pass? Where does it end up? This line of questioning will lead you to the DFD answers you seek. Start by creating data flow diagram(s) that depict: • The actors involved at different steps in a critical business process, as identified in your business impact analysis (including people, technology and third parties) • Whether or not that actor stores, transmits or processes customer information • The points at which customer information enters or exits the network perimeter • How the information flows between each actor throughout the business process Following this model, your DFD(s) will: • Help you understand where your customer information flows across the perimeter to external parties. Notably absent here are network segment flows; feel free to add those if you’d like, but one could argue they are covered in network diagrams. • Identify to which external party’s customer information (the data set discussed above) is being transmitted • Identify applications, systems and vendors sharing your customer information There you have it! Data flow diagrams need not be difficult. For a sample DFD, see Figure 1. In fact, a good DFD should help your organization have a much better understanding of where your data is actually going once it leaves your network and who is touching it along the way. Be consistent in your approach and ensure it’s well grounded in solid risk assessment data (business impact analysis/IT risk assessment). Colorectal cancer is the third most common cancer among Nebraskans. Early detection saves lives, so doctors recently lowered the recommended screening age from 50 to 45. BCBSNE health benefits cover screenings and preventive treatments at no extra cost. OVER 45? GET SCREENED Visit NebraskaBlue.com to connect with a coach and schedule a screening today. An independent licensee of the Blue Cross and Blue Shield Association. LINCOLN BRUNING endacotttimmer.com 402-817-1000 Legal advice. Community banking experience. 21 Nebraska Banker
RkJQdWJsaXNoZXIy ODQxMjUw