WHO: Enterprises that offer goods or services (regardless if payment is required) within the EU as well as enterprises that monitor EU subjects' behavior within the EU.
WHAT: New data privacy mandates have been issued by European Union regulation.
WHEN: GDPR compliance must be achieved by 25 May 2018.
WHERE: Includes any organization in the world if it retains or processes information on any citizen in the EU.
WHY: To better protect any individual's personal information, to secure rights for the individual over that collected information, and to force enterprises to follow a uniform scheme for data protection.
HOW: Follow ISACA's privacy guidance on how best for your enterprise and its staff to assess your unique data protection needs and meet the GDPR compliance standards set by the EU.
Sign up and learn with others in an interactive environment at international conferences or through online webinars. Reserve your spot today!
Generate a roadmap for GDPR implementation and compliance based on the answers to a series of questions/statements. The resulting customized assessment offers insights as to where your organization should focus its data protection efforts. Register now for complimentary access to this comprehensive online interface.
Data such as personally identifiable information free flows across organizations. Silo approach to privacy has proven short of addressing consumer's right to privacy. Building-in data protection safeguards should happen from the earliest stages.
The cloud "shared responsibility model" isn't new but defining these responsibilities and assigning accountability continues to evolve, including new compliance for GDPR mandates.
Offers six separate GDPR sessions, including—Tackling the GDPR: A Roadmap to Compliance; GDPR Pain Points; Protect Your Data Against Insider Threats; Privacy in a Contextual World; After the Enforcement - Journey to GDPR; So the GDPR is Here, Now What?
GDPR becomes enforceable on 25 May 2018. Organizations must ensure there is continued focus on data protection beyond May 2018 and not just from a GDPR perspective. A robust operational lifecycle and governance framework is a pre-requisite for ensuring ongoing compliance with applicable legislation.
The global privacy landscape has been rapidly evolving; new laws and advances in technology, both for hacking and securing personal data, appear regularly. Organizations must consider protecting people's privacy when they set up new business systems and review existing business processes or face legal scrutiny as well as reputational harm.
On 25 May 2018, GDPR goes into effect along with penalties for those who violate the EU’s demand for tighter data protection. GDPR provides an example of how countless security professionals can be led to anxiety and dread with a looming stack of regulations on fast approach. Put the fears to rest. In this webinar, we’ll show you the principles needed for GDPR success: risk-based data protection, measuring security effectiveness, monitoring data protection, and orchestrating persistent compliance.
Join fellow professionals across business and IS/IT for a dynamic discussion of critical issues affecting your organization’s data protection and stakeholder privacy. Attend ISACA’s FREE Virtual Summit—a half-day event featuring live presentations and opportunities to connect with peers around the world. Get ahead of the evolving regulatory and compliance environment of IT privacy and data protection. 4 CPEs.
The key to overcoming the initial hurdles of GDPR is for forward-thinking companies to build a defensible position. This will allow the organization to quickly, easily, and definitively prove to regulators that the most material compliance steps have been taken and that a concrete plan is in place to combat what is remaining.
This webinar briefly examines the importance of a sound Data Protection Strategy, the competencies and responsibilities needed in an organization to support the strategy, the key elements to establish in the operational life cycle, and the relevant standards to consider.
GDPR introduces complex regulatory requirements that can paralyze an unprepared company. The strategic opportunity is assessing the principles of GDPR to manage risks by implementing meaningful changes in how your business incorporates privacy protection into operations.
This webinar will offer practical advice on implementing the Regulation and provide a high-level view on how enterprises should approach the practical challenge of achieving an adequate level of GDPR compliance by the target date of May 2018.
Learn more about how cyberrisks can translate into non-compliance with laws and regulations. With its global impact and prescriptive nature, GDPR has been selected as the area of focus for this session.
A significant requirement of GDPR is for organizations to conduct data protection impact assessments (DPIAs) to identify and reduce the data protection risks within projects and systems, as well as reduce the likelihood of privacy harms to data subjects.
More than 50% of businesses today don't have a strategy to address GDPR, The European General Data Protection Regulation. For companies that fail to comply, the cost of non-compliance can be high—as much as 4% of annual turnover.
La digitalización de procesos avanza rápidamente llevando al mundo por un ejercicio de transformación soportado por un uso intenso de datos que en muchas ocasiones incluye el procesamiento de datos personales.
The General Data Protection Regulation (GDPR), taking effect in May of 2018, will reset best practices for data privacy and protection globally. Preparing for GDPR is no small task. This, in addition to the substantial penalties for non-compliance, has propelled data protection as a business risk directly into the boardroom.
With the deadline for organizations to become GDPR-compliant fast approaching, security and privacy professionals must act quickly. But where do you start to tackle what seems an overwhelming task? What should you include as part of your strategy?
As you develop a data protection strategy and plan for your enterprise, take advantage of the knowledge and thought leadership provided by ISACA's worldwide network of experts.
All ISACA Journal articles less than a year old are accessible by members only.
Not a member? Learn more about ISACA and member-only benefits.
Volume 6, 2017
Volume 6, 2017
Volume 6, 2016
Volume 6, 2016
Volume 4, 2015
COBIT Focus newsletter
COBIT Focus newsletter
COBIT Focus newsletter
Stay on top of the latest news and current events about GDPR, and see what ISACA thought leaders have to say about the importance of complying with this new regulatory development and the strategic opportunities it affords forward-thinking enterprises.
ISACA is already acknowledged as a global thought leader in the information risk, governance and security space, providing relevant guidance and internationally recognized certifications. This, together with ISACA's strong European presence, means that ISACA is ideally positioned to provide practical and pragmatic guidance to assist organizations to prepare for the requirements of GDPR, particularly in the areas of privacy by design, appropriate security protection and the role of the Data Protection Officer.
International Data Privacy Day is a global celebration observed annually on 28 January. As an International Data Privacy Day champion, ISACA recognizes and supports the ideal that individuals, organizations, businesses and government all share the responsibility to be aware of privacy challenges and encourages everyone to bring information privacy into their daily thoughts, conversations and actions.