Complete guide to GDPR compliance
The clock is ticking for organisations all over the globe dealing with European personal data to begin adopting the General Data Protection Regulation (GDPR), which requires implementation by 25 May 2018.
GDPR firmly establishes privacy as a fundamental right. Enterprises face several practical challenges in implementing GDPR within a short timeframe, given the wide scope of the new regulation.
To the rescue with practical guidance is the latest publication from ISACA, Implementing the General Data Protection Regulation.
The publication provides a hands-on view of how organisations should approach the challenge of reaching GDPR compliance by the May deadline.
The guidance defines what goes into a GDPR program, including identifying and classifying personal data, risk management, governance, internal controls and assurance, security and managing data breaches.
Furthermore, the guide provides insights on how to transition an organisation’s initial GDPR program to a full data protection management system (DPMS).
“GDPR not only affects European organisations, but all organisations that deal with any European data,” said Matt Loeb, CEO of ISACA.
“Enterprises with a solid governance structure will have an advantage in implementing the regulation, while others might find achieving compliance to be more difficult.”
ISACA recommends the COBIT 5 framework to maximise effectiveness and efficiency while implementing GDPR. This framework is a proven foundation for GDPR projects in commercial and not-for-profit enterprises alike.
In the following months, ISACA will provide additional resources to help its global professional community prepare for GDPR, including a series of free webinars:
- 20 February 2018: Where Do Cyber-Risks and GDPR Compliance Meet?
- 21 February 2018: Implementing GDPR
- 27 February 2018: GDPR — What You Don’t Know Can Hurt You
Implementing the General Data Protection Regulation is available for ISACA members at US$25 (US$50 for non-members) and can be ordered at www.isaca.org/implementing-gdpr.
Microsoft patched four critical RCE vulnerabilities in the remote desktop services component of...
Mimecast dug through over 67 billion emails rejected as spam, opportunistic and targeted attacks...
Cyber attackers are turning their focus to SMBs as larger corporations tighten their security,...