Abstract: In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for integrating third party computing system functionality into a first party computing system by providing a risk management and mitigation computing system configured to analyze a risk of integrating the functionality provided by the third party computing system and facilitating implementation of one or more data-related controls that include performing computer-specific operations to mitigate and/or eliminate the identified risks. For example, the risk management and mitigation computing system can access risk data in tenant computing systems to determine a risk score related to the integration of the third party computing system functionality based on risks determined during prior integrations of the third party computing system functionality by other tenant computing systems.

Abstract: Various embodiments provide methods, apparatus, systems, computing devices, computing entities, and/or the like for identifying targeted data for a data subject across a plurality of data objects in a data source. In accordance with one embodiment, a method is provided comprising: receiving a request to identify targeted data for a data subject; identifying a first data object using metadata for a data source that identifies the first data object as associated with a first targeted data type for a data portion from the request; identifying a first data field from a graph data structure of the first data object that identifies the first data field as used for storing data having the first targeted data type; and querying the first data object based on the first data field and the data for the first targeted data type to identify a first targeted data portion for the data subject.

Abstract: Various embodiments provide methods, apparatus, systems, computing devices, computing entities, and/or the like for identifying targeted data for a data subject across a plurality of data objects in a data source. In accordance with one embodiment, a method is provided comprising: receiving a request to identify targeted data for a data subject; identifying a first data object using metadata for a data source that identifies the first data object as associated with a first targeted data type for a data portion from the request; identifying a first data field from a graph data structure of the first data object that identifies the first data field as used for storing data having the first targeted data type; and querying the first data object based on the first data field and the data for the first targeted data type to identify a first targeted data portion for the data subject.

Abstract: In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for generating and managing custom workflows for domain objects defined within microservices. In accordance with various aspects, a method is that comprises: receiving an attribute value for a custom workflow to include in a microservice that corresponds to an attribute defined for a workflow component; accessing mapping data for an attribute; identifying, based on the mapping data, a corresponding field of a workflows table mapped to the attribute; storing a record in the workflows table for the custom workflow with the attribute value stored in the corresponding field for the record to persist the custom workflow in the microservice.

Abstract: A method, in various aspects, comprises: (1) receiving a query from a first party computing system related to integrating third party computing functionality into the first party computing system; (2) identifying a set of third party entities that provide the third party computing functionality; (3) accessing integration data; (4) identifying a set of reference entities, the set of reference entities including, for each respective third party entity, a respective reference entity that has previously integrated the third party computing into a respective reference entity computing system associated with the respective reference entity; (5) determining second integration data with respect to the set of reference entities integrating the third party computing functionality; (6) generating, based on the first integration data and the second integration data, data responsive to the query that is specific to the first party computing system; and (7) taking an action with respect to the data.

Abstract: In general, various aspects provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for performing data discovery on a target computing system. In various aspects, a third party computing connects, via a public data network, to an edge node of the target computing system and instructs the target computing system to execute jobs to discover target data stored in data repositories in a private data network in the target computing system. In some aspects, the third party computing system may schedule the jobs on the target computing system based on computing resource availability on the target computing system.

Abstract: In general, various aspects provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for performing data discovery on a target computing system. In various aspects, a third party computing connects, via a public data network, to an edge node of the target computing system and instructs the target computing system to execute jobs to discover target data stored in data repositories in a private data network in the target computing system. In some aspects, the third party computing system may schedule the jobs on the target computing system based on computing resource availability on the target computing system.

Abstract: In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for integrating third party computing system functionality into a first party computing system by providing a risk management and mitigation computing system configured to analyze a risk of integrating the functionality provided by the third party computing system and facilitating implementation of one or more data-related controls that include performing computer-specific operations to mitigate and/or eliminate the identified risks. For example, the risk management and mitigation computing system can access risk data in tenant computing systems to determine a risk score related to the integration of the third party computing system functionality based on risks determined during prior integrations of the third party computing system functionality by other tenant computing systems.

Abstract: A system includes persistent storage containing an archive, a first interface to a messaging system that includes a plurality of channels, a second interface to a machine learning system that includes a query detection model and a reply detection model, and a processor configured to perform operations including receiving, from the message system, messages that appeared in a particular channel of the plurality of channels. The operations also include providing, to the machine learning system, the messages, where reception of the messages causes the query detection model to detect a query within the messages and the reply detection model to detect, within the messages, replies to the query. The operations further include receiving, from the machine learning system, the query and the replies, and storing, in the archive, the query, the replies, and an indication that the replies relate to the query.

Abstract: In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for generating and managing custom attributes and corresponding values for domain objects defined within microservices. In accordance with various aspects, a method is provided that comprises: receiving a custom attribute request for a domain object defined in a microservice that comprises a domain object identifier, a custom attribute to add to the domain object, and a value type for the custom attribute; identifying, based on the domain object identifier and the value type, a custom value table for the domain object that comprises placeholder fields; identifying a placeholder field that is available in the custom value table; and storing a record in the attribute schema table for the domain object and the custom attribute comprising mapping data that maps the custom attribute to the placeholder field for the custom value table.

Abstract: In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for generating and managing custom workflows for domain objects defined within microservices. In accordance with various aspects, a method is that comprises: receiving an attribute value for a custom workflow to include in a microservice that corresponds to an attribute defined for a workflow component; accessing mapping data for an attribute; identifying, based on the mapping data, a corresponding field of a workflows table mapped to the attribute; storing a record in the workflows table for the custom workflow with the attribute value stored in the corresponding field for the record to persist the custom workflow in the microservice.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

Abstract: In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for integrating third party computing system functionality into a first party computing system by providing a risk management and mitigation computing system configured to analyze a risk of integrating the functionality provided by the third party computing system and facilitating implementation of one or more data-related controls that include performing computer-specific operations to mitigate and/or eliminate the identified risks. For example, the risk management and mitigation computing system can access risk data in tenant computing systems to determine a risk score related to the integration of the third party computing system functionality based on risks determined during prior integrations of the third party computing system functionality by other tenant computing systems.

Abstract: In general, various aspects of the present invention provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for generating and managing custom attributes and corresponding values for domain objects defined within microservices. In accordance with various aspects, a method is provided that comprises: receiving a custom attribute request for a domain object defined in a microservice that comprises a domain object identifier, a custom attribute to add to the domain object, and a value type for the custom attribute; identifying, based on the domain object identifier and the value type, a custom value table for the domain object that comprises placeholder fields; identifying a placeholder field that is available in the custom value table; and storing a record in the attribute schema table for the domain object and the custom attribute comprising mapping data that maps the custom attribute to the placeholder field for the custom value table.

Abstract: In general, various aspects provide methods, apparatuses, systems, computing devices, computing entities, and/or the like for performing data discovery on a target computing system. In various aspects, a third party computing connects, via a public data network, to an edge node of the target computing system and instructs the target computing system to execute jobs to discover target data stored in data repositories in a private data network in the target computing system. In some aspects, the third party computing system may schedule the jobs on the target computing system based on computing resource availability on the target computing system.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

Abstract: Data processing systems and methods, according to various embodiments, are adapted for automatically assessing the level of security and/or privacy risk associated with doing business with a particular vendor or other entity and for generating training material for such vendors. In various embodiments, the systems may automatically obtain and use any suitable information to assess such risk levels including, for example: (1) any security and/or privacy certifications held by the vendor; (2) the terms of one or more contracts between a particular entity and the vendor; (3) the results of one or more privacy impact assessments for the vendor; and/or (4) any other suitable data. The system may be configured to automatically approve or reject a particular vendor based on the assessed risk level associated with the vendor and this information may be automatically communicated to an entity considering doing business with the vendor and/or the vendor itself.

Abstract: Various embodiments provide methods, apparatus, systems, computing devices, computing entities, and/or the like for identifying targeted data for a data subject across a plurality of data objects in a data source. In accordance with one embodiment, a method is provided comprising: receiving a request to identify targeted data for a data subject; identifying a first data object using metadata for a data source that identifies the first data object as associated with a first targeted data type for a data portion from the request; identifying a first data field from a graph data structure of the first data object that identifies the first data field as used for storing data having the first targeted data type; and querying the first data object based on the first data field and the data for the first targeted data type to identify a first targeted data portion for the data subject.