Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Privacy/Data Protection

Welcome to the Privacy/Data Protection topic!

Collaborate, contribute, consume and create knowledge around topics such as privacy frameworks and governance (OECD), protection of data, data leaks and data communicated across borders

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

 
This Topic Has:
1267 Members
0 Online
12372 Visits

Community Leader

Amedeo808

Amedeo808

Badge: Social

Marc Vael

Marc Vael

Title: Chief Audit Executive

Badge: Influential

ShanShan

ShanShan

Badge: Social

 

NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 120 total

Must be a Topic member to contribute
View All »
Volume I is available http://www.isaca.org/Knowledge-Center/Research/ResearchDeliverables/Pages/ISACA-Privacy-Principles-and-Program-Management-Guide.aspx The ISACA Privacy Principles and Program Management Guide outlines core principles that individual...
yves_le_roux | 1/17/2017 4:02:01 AM | COMMENTS(0)
Hi All, Few days ago, a new proposal affecting the privacy field has been published by the European Commission. The title of the document is quite self explanatory: Proposal for a Regulation on Privacy and Electronic Communications and it can be consu...
Amedeo808 | 1/17/2017 3:54:06 AM | COMMENTS(0)
Hello All, I was asked a question by our senior counsel that has me running in circles: How do we limit/restrict what a 3rd Party can do with our data once we send it to them? Historically, they share documents with external partners and other law offices...
Kyle430 | 1/11/2017 10:30:40 AM | COMMENTS(7)
Recently the Spanish Data Protection Authority (AEPD) considerably boosted the Amazon IaaS services in Europe, by declaring “adequate” the guarantees provided by Mr. Bezos’s company for international personal data transfers from Europe to USA. From now on...
Amedeo808 | 12/29/2016 3:40:00 PM | COMMENTS(5)
We finally have the Guidelines on Data Protection Officers, BY Art. 29 WP (EU). Document here: http://ec.europa.eu/information_society/newsroom/image/document/2016-51/wp243_en_40855.pdf Suggestions and analysis are welcomed.
Amedeo808 | 12/20/2016 2:09:24 PM | COMMENTS(2)
Every now and then an event happens that provides a great example of how not to run a major government initiative when it comes to privacy and security. Australia has just had one of it's periodic census which is vital for future planning to meet the cur...
B Hunter | 8/30/2016 4:35:11 AM | COMMENTS(1)

Documents & Publications: 40 total

Must be a Topic member to contribute
View All »
Information Systems Assurance and Control Guideline for Verifing Compliance with Personal Data Protection Act [POLAND]
Posted by JoannaK 1083 days ago
Books
Posted by ISACA 369 days ago
Books
Posted by ISACA 422 days ago
Books
Posted by ISACA 715 days ago
In Google Spain v AEPD and Mario Costeja Gonzalez (C-131/12), the Court of Justice for the European Union (CJEU) ruled that Google must delete "inadequate, irrelevant or no longer relevant" data from its results when an individual requests it. This has generated a lot of discussion as the "right to be forgotte"n is a new right that is introduced in the Draft Proposal for a General Data Protection Regulation of 2012,
Posted by yves_le_roux 819 days ago

Events & Online Learning: 7 total

21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.
16 May 2016
ISACA International Event
Los Angeles, CA, USA
17 Oct 2016
ISACA International Event
Las Vegas, NV, US
15 May 2017
ISACA International Event
Philadelphia, PA, USA

Journal Articles: 79 total

Volume 6, 2016
by Eva Sweet, CISA, CISM
What are the benefits and impacts of the GDRP on enterprises that are in the EU and those that are outside of the EU and doing business with EU nations?
Volume 6, 2016
by Wanbil W. Lee, DBA, FBCS, FHKCS, FHKIE, FIMA, Wolfgang Zankl, Ph.D. and Henry Chang, CISM, CIPT, CISSP, DBA, FBCS
Privacy breaches disturb trust and run the risk of diluting or losing security; it is a show of disrespect to the law and a violation of ethical principles.
Volume 6, 2016
by Ilya Kabanov, Ph.D.
On 4 May 2016, after four years in the making, the European Union (EU) General Data Protection Regulation (GDPR) was published in the Official Journal of the European Union and officially set an application date.
Volume 6, 2016
by Craig Krivin, Sanjay Bhide, Sandeep Desai, Ravi Dhaval, Joe Norris, Amanthi D. Pendegraft, Susan E. Snow and Dan Wagner
The ISACA Phoenix (Arizona, USA) Chapter research committee set out to learn more about the wave of wearable devices and understand the ISACA community’s attitudes toward wearables’ potential risk and security impacts in the workplace.
Volume 5, 2016
by Tom Pendergast, Ph.D.
Despite a wealth of preventive measures, employees remain one of the costliest vectors in a number of data breaches and security incidents, which are increasing at an alarming rate.
Volume 5, 2016
by John W. Lainhart IV, CISA, CISM, CGEIT, CRISC, CIPP/G, CIPP/US, Zhiwei Fu, Ph.D., CISA, CGEIT, CRISC, CFE, CISSP, ITIL, PMP and Christopher M. Ballister, CISM, CGEIT, CRISC
Organizations need to move toward a more holistic and proactive approach to addressing security threats and managing compliance requirements in today’s information-driven economy.

Wikis: 2 total

Blog Posts: 25 total

Following BREXIT some may have thought we could avoid the upcoming EU General Data Protection Regulations (GDPR) but that is essentially not the case. If we want to continue with a close as possible business relationship with our EU friends then we nee...
Posted By : Adail703 | 0 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
Yesterday’s security technology will not keep your network safe today, nor will today’s solutions protect you tomorrow. Network security must evolve. And at a rate that keeps it always one step ahead of the threats. These could include factors such as you...
Posted By : rasoolirfan | 1 comments
11 Feb 2016
The Author of this blog is not a Lawyer, and even if he was, he is not YOUR lawyer. Nothing that is written here should be considered Legal advice or opinion. The information presented hereafter represents the author's personal opinion and current under...
Posted By : HPMahan | 0 comments
During an audit you may find that shell scripts are used to connect to your Oracle database (these are often scheduled jobs).  In many instances this represents a security risk as the Oracle database password is hardcoded into the script.  This means th...
Posted By : Ian Cooke | 1 comments
Data Privacy in today's world has crossed over from a requirement dependent on one agency or organization to be the global phenomenon.  Today the data traverses across the countries as well as continents at the speed unimaginable in past. In a flash of se...
Posted By : Mayank | 0 comments