The deadline for GDPR compliance is May 25—but companies still are not prepared. New global research conducted by ISACA in April 2018 finds that fewer than 1 in 3 organizations will be fully compliant by that date.
View the survey findings to learn about organizations’ biggest compliance challenges, the level of executive buy-in, the top benefits expected from GDPR compliance and more.Download Report
“Survey results indicate that data discovery and mapping is a top challenge for many organisations preparing for GDPR compliance. Many organisations have likely set up data mapping workflows in response to arbitrary compliance targets. It is doubtful, however, whether in the majority of cases, those workflows have been designed to outlive GDPR compliance programs and support more strategic, longer-term data governance activities. The enduring benefit to many organisations will not be the ability to simply present neat data flows in response to audit requests or as DPO artefacts. Rather, it will be the ability to embed and mature the data discovery and mapping process as good practice within the organisation. Like many other aspects of GDPR compliance, the real journey begins after 25 May, 2018."
“Training and education, at this point in time, is too low. Even if organizations haven’t met all other requirements, they still can, and should, provide general training about what GDPR is, how it impacts their organization at a high level, and then give notice to their employees that more specific training will be coming. Every organization needs to provide some level of training about GDPR; don’t wait until everything else has been done.”
View the news release highlighting key ISACA research findings on GDPR compliance.View News
A Key Challenge in Achieving GDPR Compliance
View ISACA resources for GDPR compliance, including a free self-assessment toolView Resources