{"id":5254,"date":"2024-09-26T06:05:00","date_gmt":"2024-09-26T12:05:00","guid":{"rendered":"https:\/\/trustarc.com\/?post_type=resource&#038;p=5254"},"modified":"2025-09-24T08:57:06","modified_gmt":"2025-09-24T13:57:06","slug":"building-data-inventory-mapping-ropa","status":"publish","type":"resource","link":"https:\/\/trustarc.com\/resource\/building-data-inventory-mapping-ropa\/","title":{"rendered":"Building a Data Inventory, Mapping, and Records of Processing Activities (ROPA)"},"content":{"rendered":"\t\t<section id=\"block_d6fcd08e87de9c57313787a7c772bf8a\" class=\"resource-intro intro-simple\">\n\t\t\t<div class=\"container\">\n\t\t\t\t\t\t\t\t\t<strong class=\"sub-title block uppercase\">article<\/strong>\n\t\t\t\t\t\t\t\t\t\t<h1>Building a Data Inventory, Mapping, and Records of Processing Activities (ROPA)<\/h1>\n\t\t\t\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\n\n\t<section id=\"block_06e2a54f8cacc4decf8146c9f893b293\" class=\"columns-content\">\n\t\t<div class=\"container\">\n\t\t\t<div class=\"left\">\n\t\t\t\t\t\t<div class=\"person-wrap\">\n\t\t\t<a href=\"https:\/\/trustarc.com\/people\/paul-iagnocco\/\">\t\t\t\t\t\t\t<div class=\"img-holder\">\n\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"110\" height=\"110\" src=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/03\/people-paul-iagnocco.png\" class=\"attachment-full size-full wp-post-image\" alt=\"\" \/>\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<div class=\"text-holder\">\n\t\t\t\t\t\t\t\t\t\t\t<strong class=\"block name\">Paul Iagnocco<\/strong>\n\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"block position\">Head, Customer Enablement &amp; Principal, Data Privacy, TrustArc<\/span>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t<\/a>\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t<div class=\"middle\">\n\t\t\t\t<div class=\"content\">\n\t\t\t\t\t<h2>Privacy PowerUp Series #3<\/h2>\n<p>Remember playing hide-and-seek as a kid? <a href=\"https:\/\/youtu.be\/MdnwQ33yTBg\" target=\"_blank\" rel=\"noopener\">Building a data inventory<\/a> is the adult version of that game. Think of the person hiding as an employee or perhaps yourself trying to locate all the hidden data within your organization.<\/p>\n<p>It might not be as much fun, but the goal is crucial\u2014finding all the personal data that your organization is processing. This includes what personal data your organization collects, uses, publishes, modifies, views, accesses, shares, stores, and, in some cases, sells.<\/p>\n<h2>Why create a data inventory?<\/h2>\n<p>Creating a data inventory has several benefits, including:<\/p>\n<p><strong>Identify data flows:<\/strong> Understand the personal data inflowing and outflowing from your organization.<\/p>\n<p><strong>Classify data:<\/strong> Determine the type, classification, and sensitivity of personal data being processed.<\/p>\n<p><strong>Assess risks:<\/strong> Provide critical data for your IT or InfoSec team to assess risks associated with the processing and potential exposure of these data.<\/p>\n<p><strong>Implement controls:<\/strong> Allow your IT and InfoSec teams to implement necessary measures to secure and protect these data throughout their lifecycle.<\/p>\n<p><strong>Ensure compliance:<\/strong> Comply with privacy laws or regulations such as <a href=\"\/resource\/gdpr-article-30-compliance\/\">EU GDPR Article 30<\/a> or <a href=\"\/regulations\/ccpa-cpra\/\">CCPA<\/a> Section 1798.130.<\/p>\n<p>Not all regulations require a data inventory, but understanding the types of personal data within your organization necessitates some form of it. Think of it as ensuring no one is left hiding in the game of compliance.<\/p>\n<h2>Building a data inventory<\/h2>\n<p>Here are the four steps to building a comprehensive data inventory:<\/p>\n<h3>Step 1: Stop and plan<\/h3>\n<p>Before jumping into data collection, take a moment to plan:<\/p>\n<ul>\n<li><strong>Define goals:<\/strong> Are you addressing data privacy needs or broader IT\/IS requirements?<\/li>\n<li><strong>Assess current state:<\/strong> What is the current state of maintaining personal data?<\/li>\n<li><strong>Leverage existing processes:<\/strong> Can existing processes be used, or will new ones need to be created?<\/li>\n<li><strong>Determine data ownership:<\/strong> Who owns the data, and who is responsible for maintaining it?<\/li>\n<li><strong>Sustainability:<\/strong> How will the organization keep the data inventory current? Is it sustainable?<\/li>\n<\/ul>\n<h3>Step 2: Build out<\/h3>\n<p>Once the planning is complete, start building out the data inventory:<\/p>\n<ul>\n<li><strong>Identify business activities:<\/strong> Recognize internal and external activities that process personal data.<\/li>\n<li><strong>Engage data owners and SMEs:<\/strong> Identify and collaborate with data owners or subject matter experts (SMEs).<\/li>\n<li><strong>Transparency and commitment:<\/strong> Be clear about time commitments and expectations with SMEs and their leadership.<\/li>\n<li><strong>Collect data:<\/strong>\n<ul>\n<li>Conduct interviews<\/li>\n<li>Distribute surveys<\/li>\n<li>Use automated <a href=\"https:\/\/trustarc.com\/resource\/webinar-unlock-the-power-of-code-based-data-discovery-with-trustarc-and-privya\/\" target=\"_blank\" rel=\"noopener\">data discovery<\/a> and scanning tools<\/li>\n<\/ul>\n<\/li>\n<li><strong>Review and approve:<\/strong> Ensure the completeness of business activities and personal data processing.<\/li>\n<li><strong>Validate and map:<\/strong> Validate content and develop optional data flow maps to visualize processing activities.<\/li>\n<\/ul>\n<h3>Step 3: Assess risk and remediate<\/h3>\n<p>With the data inventory in place, the next step is to assess the risk:<\/p>\n<ul>\n<li><strong>Risk assessment:<\/strong>\n<ul>\n<li>Identify high-risk business processes.<\/li>\n<li>Determine if personal data crosses international borders.<\/li>\n<li>Check for automated scoring or AI use.<\/li>\n<li>Identify special categories of data (e.g., ethnicity, religion, etc.).<\/li>\n<li>Assess medical data, including biometrics.<\/li>\n<\/ul>\n<\/li>\n<li><strong>Sort by risk:<\/strong>\n<ul>\n<li>Sort business processes by high to low risk using a risk-based model.<\/li>\n<li>Further assess high and medium-risk activities to reduce inherent risk and establish target residual risk.<\/li>\n<\/ul>\n<\/li>\n<li><strong>Complete PIAs:<\/strong>\n<ul>\n<li>Conduct Privacy Impact Assessments (PIAs) with SMEs and data owners.<\/li>\n<li>Identify compliance gaps and minimize risk areas.<\/li>\n<li>Document assessment activities and results for potential requests by authorities.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3>Step 4: Publish and demonstrate<\/h3>\n<p>The final step is to publish your data inventory:<\/p>\n<ul>\n<li><strong>Collate findings:<\/strong> Compile the inventory so it can be used organization-wide.<\/li>\n<li><strong>Software tools:<\/strong> For larger data inventories or dynamic data processing, consider leveraging software tools such as <a href=\"\/products\/privacy-data-governance\/data-inventory-mapping\/\">Data Mapping &amp; Risk Manager<\/a>.<\/li>\n<li><strong>Maintain accuracy:<\/strong> Ensure SMEs or business activity owners keep the content current and accurate, as it is important to continuously assess and monitor for privacy risks<\/li>\n<\/ul>\n<h2>Build a comprehensive data inventory for your organization<\/h2>\n<p>Building a data inventory is essential for ensuring data privacy, assessing risks, and complying with regulations. By following these steps, you can ensure that your organization\u2019s data is well-documented, secure, and compliant.<\/p>\n<p>When it comes to your data and vendor management for compliance, it is important to continuously assess and monitor for privacy risks. Use TrustArc\u2019s <a href=\"\/products\/privacy-data-governance\/data-inventory-mapping\/\">Data Mapping &amp; Risk Manager<\/a> to automate data mapping and risk management. Out-of-the-box templates and automated workflows help you continuously govern and generate ROPAs and Assessments to minimize your risk.<\/p>\n<h5>Continue mastering the privacy essentials by reviewing all the resources in the Privacy PowerUp series.<\/h5>\n\t\t\t\t\t\t\t\t\t<div class=\"question-box-multiple\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"question-box bg-dark\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"icon\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/02\/icon_Checklist_Small.svg\" class=\"attachment-full size-full\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<h4>Building a Data Inventory Infographic<\/h4>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<p>Access the four steps to building a comprehensive data inventory in an easy to view infographic.<\/p>\n<a href=\"\/resource\/building-data-inventory-mapping-ropa-infographic\/\" class=\"cta\">View now<\/a>\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"question-box bg-dark\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"icon\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/02\/icon_High-Performance_Small.svg\" class=\"attachment-full size-full\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<h4>PowerUp Your Privacy<\/h4>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<p>Watch all ten videos in the Privacy PowerUp series \u2013 designed to help professionals master the privacy essentials.<\/p>\n<a href=\"https:\/\/www.youtube.com\/playlist?list=PLr7xw10POYs4b4cpn1OPL0NN9BCURd5AZ\" target=\"_blank\" rel=\"noreferrer\" class=\"cta\">Watch now<\/a>\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<p>Read the next article in this series: #4 <em><a href=\"\/resource\/understanding-individual-rights\/\">Understanding Data Subject Rights (Individual Rights) and Their Importance<\/a>.<\/em><\/p>\n<p><strong>Read more from the Privacy PowerUp Series:<\/strong><\/p>\n<ol>\n<li><a href=\"https:\/\/trustarc.com\/resource\/getting-started-in-privacy\/\">Getting Started in Privacy<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/data-collection-minimization-retention-deletion-necessity\/\">Data Collection, Minimization, Retention, Deletion, and Necessity<\/a><\/li>\n<li><a href=\"\/resource\/building-data-inventory-mapping-ropa\/\">Building a Data Inventory, Mapping, and Records of Processing Activities (ROPA)<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/understanding-individual-rights\/\" target=\"_blank\" rel=\"noopener\">Understanding Data Subject Rights (Individual Rights) and Their Importance<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/privacy-contracting-foundations\/\" target=\"_blank\" rel=\"noopener\">The Foundations of Privacy Contracting<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/choice-consent-data-privacy\/\" target=\"_blank\" rel=\"noopener\">Choice and Consent: Key Strategies for Data Privacy<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/international-data-transfers-onward-transfers\/\" target=\"_blank\" rel=\"noopener\">Managing the Complexities of International Data Transfers and Onward Transfers<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/emerging-technologies-privacy-ai-machine-learning\/\" target=\"_blank\" rel=\"noopener\">Emerging Technologies in Privacy: AI and Machine Learning<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/privacy-program-management-buy-in-governance-hierarchy\/\" target=\"_blank\" rel=\"noopener\">Privacy Program Management: Buy-In, Governance, and Hierarchy<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/managing-privacy-across-organization\/\" target=\"_blank\" rel=\"noopener\">Managing Privacy Across the Organization<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/assess-the-risk-before-it-hits\/\" target=\"_blank\" rel=\"noopener\">Assess the Risk Before it Hits<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/contracts-that-count-data-processing-agreement\/\" target=\"_blank\" rel=\"noopener\">Contracts that Count: Mastering the 10 Most Negotiated Provisions in a Data Processing Agreement<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/selling-sharing-personal-information\/\" target=\"_blank\" rel=\"noopener\">Selling and Sharing Personal Information<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/privacy-approved-vendor-management-program\/\" target=\"_blank\" rel=\"noopener\">Building a Privacy-Approved Vendor Management Program<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/tracking-technologies-adtech-privacy-minefield\/\" target=\"_blank\" rel=\"noopener\">Tracking Technologies: The Hidden Backbone of AdTech and the Looming Privacy Minefield<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/data-inventory-next-level-classification\/\" target=\"_blank\" rel=\"noopener\">Data Inventory: Next-Level Classification for Privacy Professionals<\/a><\/li>\n<li><a href=\"https:\/\/trustarc.com\/resource\/incident-incoming-now-what\/\" target=\"_blank\" rel=\"noopener\">Incident Incoming\u2013Now What?<\/a><\/li>\n<\/ol>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t\t<div class=\"right sm\">\n\t\t\t\t<div class=\"share-it\">\n\t\t\t\t\t<strong class=\"title block uppercase\">Follow us<\/strong>\n\t\t\t\t\t<div class=\"soc-list\">\n\t\t\t\t\t\t<a href=\"https:\/\/www.linkedin.com\/company\/trustarc\/\" target=\"_blank\"><img decoding=\"async\" src=\"https:\/\/trustarc.com\/wp-content\/themes\/trustarc\/assets\/dist\/images\/li-dark.svg\" alt=\"\" \/><\/a>\n\t\t\t\t\t\t<a href=\"\nhttps:\/\/twitter.com\/TrustArc\" target=\"_blank\"><img decoding=\"async\" src=\"https:\/\/trustarc.com\/wp-content\/themes\/trustarc\/assets\/dist\/images\/tw-dark.svg\" alt=\"\" \/><\/a>\n\t\t\t\t\t\t<a href=\"javascript:;\" id=\"copy-url\"><img decoding=\"async\" src=\"https:\/\/trustarc.com\/wp-content\/themes\/trustarc\/assets\/dist\/images\/link-dark.svg\" alt=\"\" \/><\/a>\n\t\t\t\t\t\t<span class=\"copied\" style=\"display:none;\">Link Copied!<\/span>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t\t<div class=\"key-topics\">\n\t\t\t\t\t\t<strong class=\"title block uppercase\">Key Topics<\/strong>\n\t\t\t\t\t\t<ul>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a href=\"https:\/\/trustarc.com\/topic-resource\/data-inventory\/\" class=\"badge\">Data Inventory<\/a><\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a href=\"https:\/\/trustarc.com\/topic-resource\/data-mapping\/\" class=\"badge\">Data Mapping<\/a><\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<li><a href=\"https:\/\/trustarc.com\/topic-resource\/privacy-tips\/\" class=\"badge\">Privacy Tips<\/a><\/li>\n\t\t\t\t\t\t\t\t\t\t\t\t\t<\/ul>\n\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\t\t<div class=\"cta-area\">\n\t\t\t\t\t<p>Get the latest resources sent to your inbox<\/p>\n\t\t\t\t\t<a href=\"\/subscription-center\/\" class=\"cta\">Subscribe<\/a>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\t\t<\/div>\n\t<\/section>\n\t","protected":false},"excerpt":{"rendered":"<p>Learn the four steps to building a data inventory and mapping for your privacy program from the third article in the Privacy PowerUp series.<\/p>\n","protected":false},"featured_media":1263,"template":"","topic-resource":[78,79,52],"type-resource":[6],"class_list":["post-5254","resource","type-resource","status-publish","has-post-thumbnail","hentry","topic-resource-data-inventory","topic-resource-data-mapping","topic-resource-privacy-tips","type-resource-articles"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.4 (Yoast SEO v27.4) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Building a Data Inventory, Mapping, and Records of Processing Activities (ROPA) | TrustArc<\/title>\n<meta name=\"description\" content=\"Learn the four steps to building a data inventory and mapping for your privacy program from the third article in the Privacy PowerUp series.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/trustarc.com\/resource\/building-data-inventory-mapping-ropa\/\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/trustarc.com\\\/resource\\\/building-data-inventory-mapping-ropa\\\/\",\"url\":\"https:\\\/\\\/trustarc.com\\\/resource\\\/building-data-inventory-mapping-ropa\\\/\",\"name\":\"Building a Data Inventory, Mapping, and Records of Processing Activities (ROPA) | TrustArc\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/trustarc.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/trustarc.com\\\/resource\\\/building-data-inventory-mapping-ropa\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/trustarc.com\\\/resource\\\/building-data-inventory-mapping-ropa\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/trustarc.com\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/res-feat-woven-purple-test.png\",\"datePublished\":\"2024-09-26T12:05:00+00:00\",\"dateModified\":\"2025-09-24T13:57:06+00:00\",\"description\":\"Learn the four steps to building a data inventory and mapping for your privacy program from the third article in the Privacy PowerUp series.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/trustarc.com\\\/resource\\\/building-data-inventory-mapping-ropa\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/trustarc.com\\\/resource\\\/building-data-inventory-mapping-ropa\\\/#primaryimage\",\"url\":\"https:\\\/\\\/trustarc.com\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/res-feat-woven-purple-test.png\",\"contentUrl\":\"https:\\\/\\\/trustarc.com\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/res-feat-woven-purple-test.png\",\"width\":610,\"height\":152},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/trustarc.com\\\/#website\",\"url\":\"https:\\\/\\\/trustarc.com\\\/\",\"name\":\"TrustArc\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/trustarc.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Building a Data Inventory, Mapping, and Records of Processing Activities (ROPA) | TrustArc","description":"Learn the four steps to building a data inventory and mapping for your privacy program from the third article in the Privacy PowerUp series.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/trustarc.com\/resource\/building-data-inventory-mapping-ropa\/","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/trustarc.com\/resource\/building-data-inventory-mapping-ropa\/","url":"https:\/\/trustarc.com\/resource\/building-data-inventory-mapping-ropa\/","name":"Building a Data Inventory, Mapping, and Records of Processing Activities (ROPA) | TrustArc","isPartOf":{"@id":"https:\/\/trustarc.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/trustarc.com\/resource\/building-data-inventory-mapping-ropa\/#primaryimage"},"image":{"@id":"https:\/\/trustarc.com\/resource\/building-data-inventory-mapping-ropa\/#primaryimage"},"thumbnailUrl":"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/01\/res-feat-woven-purple-test.png","datePublished":"2024-09-26T12:05:00+00:00","dateModified":"2025-09-24T13:57:06+00:00","description":"Learn the four steps to building a data inventory and mapping for your privacy program from the third article in the Privacy PowerUp series.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/trustarc.com\/resource\/building-data-inventory-mapping-ropa\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/trustarc.com\/resource\/building-data-inventory-mapping-ropa\/#primaryimage","url":"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/01\/res-feat-woven-purple-test.png","contentUrl":"https:\/\/trustarc.com\/wp-content\/uploads\/2024\/01\/res-feat-woven-purple-test.png","width":610,"height":152},{"@type":"WebSite","@id":"https:\/\/trustarc.com\/#website","url":"https:\/\/trustarc.com\/","name":"TrustArc","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/trustarc.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/resource\/5254","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/resource"}],"about":[{"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/types\/resource"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/media\/1263"}],"wp:attachment":[{"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/media?parent=5254"}],"wp:term":[{"taxonomy":"topic-resource","embeddable":true,"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/topic-resource?post=5254"},{"taxonomy":"type-resource","embeddable":true,"href":"https:\/\/trustarc.com\/wp-json\/wp\/v2\/type-resource?post=5254"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}