Conference set to prepare IT governance, risk and compliance professionals for the coming changes
Rolling Meadows, IL, USA (4 April 2017) — As we approach the one-year GDPR countdown, ISACA’s European Computer Audit, Control and Security (EuroCACS) Conference, taking place on 29–31 May 2017 in Munich, Germany, is set to feature a number of sessions focused on preparing for the impact of General Data Protection Regulation (GDPR) on IT governance, risk and compliance.
Coming into force on May 25, 2018, the aim of GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world, vastly different from the time in which the previous 1995 directive was established. Attendees at EuroCACS will benefit from sessions that explain more about the regulation, its impact and how to prepare for it.
“We should not underestimate the impact that GDPR is going to have when it comes into force next year,” said Tim Clements, CIPP/E, CIPM, CIPT, CRISC, CGEIT, MBCS CITP, GDPR project manager and advisor. “It is set to fundamentally change and likely expand the roles of those working in governance, risk and compliance. Professionals working in these sectors will be looking for guidance as they prepare for the coming changes and this is why it is a major focus of the next EuroCACS conference as the countdown to GDPR begins.” Clements will be presenting a session and a workshop on GDPR at EuroCACS in Munich.
While the key principles remain true from that 1995 directive, many changes have been proposed to take the rules right up to date with modern business and personal trends in technology, with major updates including:
A Bigger Territory
One of the biggest changes that will come with GDPR is that it applies to all companies processing the personal data of citizens residing in the EU, regardless of the company’s location. With the online, global nature of digital business, the impact of GDPR is set to be felt much more widely than current regulations.
Coming Clean on Breaches
Serious breaches, which are likely to “result in a risk for the rights and freedoms of individuals,” must be reported within 72 hours. Those in breach can be fined up to 4% of annual global turnover, or €20 Million – whichever is greater.
No More Legalese When Asking for Consent
Those long, illegible terms and conditions full of legalese will be no more. Requests for consent must be given in an intelligible and easily accessible form using clear, plain language. It must also be as easy to withdraw consent, as to give it.
Right to Access and Right to be Forgotten
Citizens will be given much greater access to and control over their data. The data controller must be able to confirm whether or not personal data is being processed, where and for what purpose – also providing a copy without charge. It can also be requested that the data controller erase personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data too.
Beyond GDPR, the event will also cover tracks on Audit and Assurance, Cybersecurity, GRC/COBIT and Data Analytics & Information Management. Pre and post conference workshops will cover topics such as Cyber Security Fundamentals, COBIT 5, Governance of Enterprise IT (GEIT) and Cyber Security for Auditors.
Attendees will also hear opening and closing keynote addresses from Dan Cobley, former managing director of Google in the UK and Ireland, and Margaret Heffernan, CEO of five companies and prize-winning author of five books.
More information about the EuroCACS programme is available at: www.isaca.org/eucacs2017.
ISACA (isaca.org) helps professionals around the globe realize the positive potential of technology in an evolving digital world. By offering industry-leading knowledge, standards, credentialing and education, ISACA enables professionals to apply technology in ways that instill confidence, address threats, drive innovation and create positive momentum for their organizations. Established in 1969, ISACA is a global association with more than 140,000 members and certification holders in 187 countries. ISACA is the creator of the COBIT framework, which helps organizations effectively govern and manage their information and technology. Through its Cybersecurity Nexus (CSX), ISACA helps organizations develop skilled cyber workforces and enables individuals to grow and advance their cyber careers.
Joanne Duffer, +1.847.660.5564, firstname.lastname@example.org
John Julitz, +1.847.660.5769, email@example.com