Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

Privacy/Data Protection

Welcome to the Privacy/Data Protection topic!

Collaborate, contribute, consume and create knowledge around topics such as privacy frameworks and governance (OECD), protection of data, data leaks and data communicated across borders

ISACA members can participate by clicking on the “Join this Community” button. You must be signed into the site. Set your alerts to be notified of new discussion activity within this community. Not an ISACA member? Join now!

This Topic Has:
1352 Members
1 Online
13083 Visits

Community Leader



Badge: Social

Marc Vael

Marc Vael

Title: Chief Audit Executive

Badge: Energizer



Badge: Social


NEW! Activity Badges

Badges help others understand your level of community activity and your reputation as a contributor within the Knowledge Center. Learn More.

Discussions: 126 total

Must be a Topic member to contribute
View All »
Hi all, Could someone please share a template/inventory or an URL on interesting ressources to perform an inventory and prepare the Data Protection Impact analysis for the GDPR? Many thanks Laurent JANSSENSCIO a.i. Red Cross Belgium 
LJA-BE | 6/16/2017 9:01:33 PM | COMMENTS(4)
What is the impact of social media on data privacy in business organisations? Can organisations ban social media  due some risks of sensitive data being shared across?
PRECIOUS785 | 4/20/2017 4:21:29 AM | COMMENTS(5)
Google analytics is a helpfull tool for webdevelopers to evaluate the use of their application. Google is also known to gather information for its own use. As security officer I think that using Google Analytics for an Health Care application is risky. Fo...
Gilbert van Zeijl | 4/6/2017 7:18:20 AM | COMMENTS(3)
Hello All, I was asked a question by our senior counsel that has me running in circles: How do we limit/restrict what a 3rd Party can do with our data once we send it to them? Historically, they share documents with external partners and other law offices...
Kyle430 | 3/14/2017 3:18:12 AM | COMMENTS(10)
Hi All, I've been asked to come up with an outline scope/plan for an Encryption audit for my org. We've never done one before. They aren't sure what the scope should be yet, and I have so many avenues - data at rest vs. data in transit, VPN security, desk...
Jeff Murfin | 3/13/2017 12:51:53 PM | COMMENTS(2)
what is the information security perspective if the customers reported receiving SMS for transactions they had not performed where this transactions for others customers and sent to them by system error ?
Tarek EL-Sherif | 3/12/2017 5:14:20 AM | COMMENTS(0)

Documents & Publications: 39 total

Must be a Topic member to contribute
View All »
Information Systems Assurance and Control Guideline for Verifing Compliance with Personal Data Protection Act [POLAND]
Posted by JoannaK 1297 days ago
Posted by ISACA 583 days ago
Posted by ISACA 636 days ago
Posted by ISACA 929 days ago

Events & Online Learning: 19 total

21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.
16 May 2016
ISACA International Event
Los Angeles, CA, USA
17 Oct 2016
ISACA International Event
Las Vegas, NV, US

Journal Articles: 86 total

Volume 4, 2107
The root causes of privacy incidents include the outsourcing of data, malicious insiders, system glitches, cyberattacks, and the failure to shred or dispose of privacy data properly.
Volume 4, 2017
by Guy Ngambeket, CISA, CISM, CGEIT, ITIL v3 , PMP
Remote working has a lot of advantages, both for the company and the employees. In the past years, it has become increasingly used by companies as a perk.
Volume 3, 2017
by Hemant Patel, CISM, ITIL, PMP, TOGAF
Security needs to be addressed at all stages of the IoT system life cycle, including the design, installation, configuration and operational stages.
Volume 2, 2017
by Ed Moyle
To understand how the business side of any organization intersects with technology, ask an internal auditor. This might sound counterintuitive at first, but think about what auditors need to know to do their job...
Volume 2, 2017
by Kathleen Martin, CISA, CRISC
Owners of critical business data need to ensure that all application and database user entitlements and privileges are recertified on a periodic basis to make sure that only authorized individuals have access to the enterprise’s data.
Volume 1, 2017
by Rodney Piercy, CISSP, CEH
As enterprises become more dependent on technology and data, it becomes increasingly important to protect the data and ensure the security of the systems.

Wikis: 2 total

Blog Posts: 28 total

La demanda de servicios bancarios a través de Internet, producto del surgimiento de nuevas necesidades en los consumidores atraídos por el auge tecnológico, mantiene a las entidades financieras inmersas en una encrucijada en la cual deben equilibrar el ni...
Posted By : Gerardo Zuñiga | 1 comments
Senior Manager           ultimate responsibility Information security Officer          functional responsibility Security Analyst           Strategic, develops policies and guidelines Owner         - Responsible for asset         - Determine level of clas...
Posted By : Muhammad554 | 0 comments
'Data Privacy Day (known in Europe as Data Protection Day)  is an international holiday that occurs every 28 January.' [ ]   [ ]   ...
Posted By : Karoly Arnhoffer | 5 comments
Following BREXIT some may have thought we could avoid the upcoming EU General Data Protection Regulations (GDPR) but that is essentially not the case. If we want to continue with a close as possible business relationship with our EU friends then we nee...
Posted By : Adail703 | 0 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments
Yesterday’s security technology will not keep your network safe today, nor will today’s solutions protect you tomorrow. Network security must evolve. And at a rate that keeps it always one step ahead of the threats. These could include factors such as you...
Posted By : rasoolirfan | 1 comments