Main Promo Images
A framework to initiate and control the implementation of information security
Respect for human rights while enabling the free flow of information
Process capability assessment and impovement
Performance measurement and compliance monitoring for IT governance.
A framework for the Governance and Management of IT
Leaders in COBIT 5 implementation and assessments
Global leaders in the design and implementation of IT governance frameworks and mechanisms.
Experienced, skilled and practical assistance in building capability and improving performance.
Quick and effective value delivery and the governance of risk management.
One of the key requirements of the General Data Protection Regulation (GDPR) is that in certain circumstances data controllers and processors must designate a Data Protection Officer (the DPO) as part of the accountability framework. The role of a DPO is to be the central point of contact for data controllers or processors and their employees to receive advice on their obligations with the GDPR and act as the contact person for supervisory authorities and data subjects with information requests or lodging complaints.
The main tasks of the DPO are:
DPOs do not have to be lawyers but need to be suitably qualified, with expert knowledge of data protection law and practices. From a practical perspective, DPOs must have a good understanding of the organisation’s data processing arrangements, be familiar with its information and technology infrastructure and be prepared to respond to requests from individuals who want to exercise their rights about the processing of their personal data.
A well designed governance and management system can assist data controllers and operators institutionalise the enablers of GDPR compliance and provide greater visibility, flexibility and efficiency in managing data protection. Business environments are constantly evolving and require ongoing changes to technology, information and risk requirements. Built upon 20+ years of privacy experience and a unique combination of technology, methodology and expertise, a GDPR governance and management system offers a comprehensive solution to managing the full data protection life cycle.
One of the most important aspects of the General Data Protection Regulation is the principle of accountability. It requires that those processing personal data have to take full responsibility for their actions and must be able to demonstrate that they did all what is necessary in order to comply with their data protection obligations. Since the processing of personal data is ubiquitous, ensuring adherence to the many stringent rules of the GDPR will be challenging for most data controllers.
The European Commission’s General Data Protection Regulation (GDPR) has many stringent rules regarding the collection and processing of personal data for the purpose of protecting fundamental rights and freedoms of natural persons. Non-compliant data controllers and processors face significant fines and penalties once the GDPR comes into force in May 2018. A governance and management system will institutionalise the enablers of data protection and manage GDPR compliance.
Building on 20+ years of experience with fulfilling the extensive requirements for data protection in Germany, this GDPR Programme Management System is a unique combination of technology, processes and expertise to offer a comprehensive solution to manage the full GDPR programme, from planning, through implementation, GDPR compliant business operations, monitoring and continuous improvement in a cost effective way. It also provides DPO’s with workflow management to handle data subject and regulator requests, respond to incidents and provide breach notifications promptly.