mBank has been a synonym for innovative solutions in banking for years. It was the first fully internet-based bank in Poland, and today it sets the direction for the development of mobile and online banking. It is one of the strongest and fastest-growing financial brands in Poland, listed on the Warsaw Stock Exchange since 1992. It created the world’s most innovative electronic banking platform, recognized with prestigious international awards. We are one of the strongest and fastest-growing financial brands in Poland.
Facts and data
Full name
mBank
Industry
Banking
Products
- Retail banking,
- Investment banking,
- Solutions for entrepreneurs,
- Private banking services
What did the client expect?
mBank was looking for an experienced consulting firm to provide expert support in the area of personal data. The cooperation was to include expert consultations and the development of a methodology for automatically calculating the risk level of data protection impacts in personal data processing processes.
What did we do?
WE CONDUCTED ANALYSES
To propose the best methodologies, we analyzed mBank’s documents such as security policies and the personal data processing regulations to check their compliance with the EU General Data Protection Regulation 2016/679 and the ISO/IEC 29134 standard.
WE ANALYZED DATA IN THE RALPH APPLICATION
We analyzed the data collected in the bank’s IT GRC application (Ralph), including data related to personal data processing processes, “Privacy by Default” and “Privacy Impact Assessment” analyses, as well as organizational and infrastructure risk assessments. We evaluated the security classifications of IT products.
WE DEVELOPED METHODOLOGIES
We prepared methodologies for calculating the risk level of data protection impacts in personal data processing processes in Ralph.
WE DELIVERED THE REPORT
Finally, we provided a comprehensive and transparent report summarizing our work and describing the developed methodologies.
What were the results?
The result of the collaboration between mBank and PBSG was the development of at least two projects for automatically calculating the risk level of data protection impacts in personal data processing processes. This task was completed exemplary.
To develop the required methodologies, we analyzed key documents, as well as data and analysis results gathered in the bank’s Ralph application. We also assessed the processes executing the key service, along with the supporting IT products and services, solely to the extent necessary for the development of the risk analysis methodology project and under the supervision of an authorized employee. As a result, mBank could be confident that the prepared methodologies fully reflected the organization’s needs and were aligned with the specifics of its operations.
What did the client gain?
Ready methodologies for automatically calculating the risk level of data protection impacts in personal data processing processes.
Methodologies tailored to the organization’s specifics.
Increased awareness and knowledge of employees in the field of personal data protection.
