The clock is ticking to organizations around the world that deal with European personal data, starting with the approval of the General Data Protection Regulation (GDPR), which requires implementation by May 25, 2018. GDPR confirms privacy as a fundamental right. Enterprises face various practical challenges in the implementation of GDPR within a short timeframe, given the broad scope of the new regulation. Rescue with practical guidance is the latest publication of ISACA, Implementing the General Data Protection Regulation.
The publication provides a practical picture of how organizations should address the challenge of achieving GDPR compliance by the May deadline. The guideline defines what a GDPR program entails - including identifying and classifying personal data, risk management, governance, internal controls and assurance, security and the management of data leaks. Furthermore, the guide provides insights on how the first GDPR program of an organization can be transferred to a complete data protection management system (DPMS).
"GDPR not only affects European organizations, but all organizations that deal with European data," says Matt Loeb, CEO of ISACA. "Companies with a solid governance structure will benefit from the implementation of the regulation, while others may find it more difficult to achieve compliance, regardless of where your organization stands, ISACA offers numerous tools to guide organizations in adapting to these high-impact regulations. "
ISACA recommends the COBIT® 5 framework to maximize effectiveness and efficiency when implementing GDPR. This framework is a proven basis for GDPR projects in both commercial and non-profit companies.
In the coming months, ISACA will provide additional resources to assist its global professional community in preparing for GDPR, including a set of free GDPR-focused webinars:
20 February 2018 - Where do cyber risks and GDPR compliance meet?
21 February 2018 - Implementation of GDPR
February 27, 2018 - GDPR - What you do not know can hurt you
Members can earn one CPE by going to each webinar. More information and full webinar lists can be found at www.isaca.org/webinars.
The latest book is available to members for $ 25 / $ 50 for non-members and can be purchased at www.isaca.org/implementing-gdpr.
For additional guidelines on privacy and GDPR, ISACA recommends:
Impact assessments of GDPR data protection
Approval of GDPR with COBIT 5
Implementation of a privacy protection program: use of COBIT 5 enablers with the ISACA privacy principles:
ISACA Privacy Principles and Program Management Guide .
No comments:
Post a Comment
Note: only a member of this blog may post a comment.