WHO: Any enterprise that conducts business and retains personal information on just one citizen in the EU.
WHAT: New data privacy mandates have been issued by European Union regulation.
WHEN: GDPR compliance must be achieved by 25 May 2018.
WHERE: Includes any organization anywhere in the world…if it retains information on any citizen in the EU.
WHY: To better protect any individual's personal information, to secure rights for the individual over that collected information, and to force enterprises to follow a uniform scheme for data protection.
HOW: Follow ISACA's privacy guidance on how best for your enterprise and its staff to assess your unique data protection needs and meet the GDPR compliance standards set by the EU.
Sign up and learn with others in an interactive environment at international conferences or through online webinars. Reserve your spot today!
Data such as personally identifiable information free flows across organizations. Silo approach to privacy has proven short of addressing consumer's right to privacy. Building-in data protection safeguards should happen from the earliest stages.
The cloud "shared responsibility model" isn't new but defining these responsibilities and assigning accountability continues to evolve, including new compliance for GDPR mandates.
Offers six separate GDPR sessions, including—Tackling the GDPR: A Roadmap to Compliance; GDPR Pain Points; Protect Your Data Against Insider Threats; Privacy in a Contextual World; After the Enforcement - Journey to GDPR; So the GDPR is Here, Now What?
GDPR becomes enforceable on 25 May 2018. Organizations must ensure there is continued focus on data protection beyond May 2018 and not just from a GDPR perspective. A robust operational lifecycle and governance framework is a pre-requisite for ensuring ongoing compliance with applicable legislation.
The global privacy landscape has been rapidly evolving; new laws and advances in technology, both for hacking and securing personal data, appear regularly. Organizations must consider protecting people's privacy when they set up new business systems and review existing business processes or face legal scrutiny as well as reputational harm.
Learn more about how cyberrisks can translate into non-compliance with laws and regulations. With its global impact and prescriptive nature, GDPR has been selected as the area of focus for this session.
This webinar will offer practical advice on implementing the Regulation and provide a high-level view on how enterprises should approach the practical challenge of achieving an adequate level of GDPR compliance by the target date of May 2018.
GDPR introduces complex regulatory requirements that can paralyze an unprepared company. The strategic opportunity is assessing the principles of GDPR to manage risks by implementing meaningful changes in how your business incorporates privacy protection into operations.
This webinar briefly examines the importance of a sound Data Protection Strategy, the competencies and responsibilities needed in an organization to support the strategy, the key elements to establish in the operational life cycle, and the relevant standards to consider.
A significant requirement of GDPR is for organizations to conduct data protection impact assessments (DPIAs) to identify and reduce the data protection risks within projects and systems, as well as reduce the likelihood of privacy harms to data subjects.
More than 50% of businesses today don't have a strategy to address GDPR, The European General Data Protection Regulation. For companies that fail to comply, the cost of non-compliance can be high—as much as 4% of annual turnover.
La digitalización de procesos avanza rápidamente llevando al mundo por un ejercicio de transformación soportado por un uso intenso de datos que en muchas ocasiones incluye el procesamiento de datos personales.
The General Data Protection Regulation (GDPR), taking effect in May of 2018, will reset best practices for data privacy and protection globally. Preparing for GDPR is no small task. This, in addition to the substantial penalties for non-compliance, has propelled data protection as a business risk directly into the boardroom.
With the deadline for organizations to become GDPR-compliant fast approaching, security and privacy professionals must act quickly. But where do you start to tackle what seems an overwhelming task? What should you include as part of your strategy?
As you develop a data protection strategy and plan for your enterprise, take advantage of the knowledge and thought leadership provided by ISACA's worldwide network of experts.
All ISACA Journal articles less than a year old are accessible by members only.
Not a member? Learn more about ISACA and member-only benefits.
Volume 6, 2017
Volume 6, 2017
Volume 6, 2016
Volume 6, 2016
Volume 4, 2015
COBIT Focus newsletter
COBIT Focus newsletter
Stay on top of the latest news and current events about GDPR, and see what ISACA thought leaders have to say about the importance of complying with this new regulatory development and the strategic opportunities it affords forward-thinking enterprises.
ISACA is already acknowledged as a global thought leader in the information risk, governance and security space, providing relevant guidance and internationally recognized certifications. This, together with ISACA's strong European presence, means that ISACA is ideally positioned to provide practical and pragmatic guidance to assist organizations to prepare for the requirements of GDPR, particularly in the areas of privacy by design, appropriate security protection and the role of the Data Protection Officer.
International Data Privacy Day is a global celebration observed annually on 28 January. As an International Data Privacy Day champion, ISACA recognizes and supports the ideal that individuals, organizations, businesses and government all share the responsibility to be aware of privacy challenges and encourages everyone to bring information privacy into their daily thoughts, conversations and actions.