• A framework to initiate and control the implementation of information security

    A framework to initiate and control the implementation of information security

  • Respect for human rights while enabling the free flow of information

    Respect for human rights while enabling the free flow of information

  • Process capability assessment and impovement

    Process capability assessment and impovement

  • Performance measurement and compliance monitoring for IT governance.

    Performance measurement and compliance monitoring for IT governance.

  • A framework for the Governance and Management of IT

    A framework for the Governance and Management of IT

  • Leaders in COBIT 5 implementation and assessments

    Leaders in COBIT 5 implementation and assessments

Main Promo Images

Why choose the IT Governance Network?

Global leaders in the design and implementation of IT governance frameworks and mechanisms.

Experienced, skilled and practical assistance in building capability and improving performance.

Quick and effective value delivery and the governance of risk management.

  • Home
×

Message

EU e-Privacy Directive

This website uses cookies to manage authentication, navigation, and other functions. By using our website, you agree that we can place these types of cookies on your device.

View e-Privacy Directive Documents

You have declined cookies. This decision can be reversed.

Continuous Monitoring of the status of compliance with the GDPR

Approaches to GDPR compliance based on checklists are pervasive. So too is the knowledge that a checklist based approach does not accomplish much. They are superficial and ineffective in fulfilling the obligations of the GDPR. Enormous amounts of time are often spent preparing for and conducting “gap analyses” by answering standard questions when in the blink of an eye compliance becomes non-compliance. Continuous monitoring has a role to play.

Demonstrating compliance with the GDPR

Not only do organisations have to comply with the GDPR, they also have to be able to demonstrate compliance. The GDPR focuses on the concept of accountability whereby establishments have to "demonstrate" compliance with the principles relating to the processing of personal data. This will involve implementing more demonstrable processes and maintaining a proactive approach to creating history logs and retaining evidence.

Would a Governance and Management System help with GDPR compliance?

The European Commission’s General Data Protection Regulation (GDPR) has many stringent rules regarding the collection and processing of personal data for the purpose of protecting fundamental rights and freedoms of natural persons. Non-compliant data controllers and processors face significant fines and penalties once the GDPR comes into force in May 2018. A governance and management system will institutionalise the enablers of data protection and manage GDPR compliance.

Tools that will assist the Data Protection Officer

One of the key requirements of the General Data Protection Regulation (GDPR) is that in certain circumstances data controllers and processors must designate a Data Protection Officer (the DPO) as part of the accountability framework. The role of a DPO is to be the central point of contact for data controllers or processors and their employees to receive advice on their obligations with the GDPR and act as the contact person for supervisory authorities and data subjects with information requests or lodging complaints. 

Overcoming the Challenges of GDPR Compliance

One of the most important aspects of the General Data Protection Regulation is the principle of accountability. It requires that those processing personal data have to take full responsibility for their actions and must be able to demonstrate that they did all what is necessary in order to comply with their data protection obligations. Since the processing of personal data is ubiquitous, ensuring adherence to the many stringent rules of the GDPR will be challenging for most data controllers.

Solutions for managing a GDPR Compliance Programme

A well designed governance and management system can assist data controllers and operators institutionalise the enablers of GDPR compliance and provide greater visibility, flexibility and efficiency in managing data protection. Business environments are constantly evolving and require ongoing changes to technology, information and risk requirements. Built upon 20+ years of privacy experience and a unique combination of technology, methodology and expertise, a GDPR governance and management system offers a comprehensive solution to managing the full data protection life cycle.

GDPR Programme Management

Building on 20+ years of experience with fulfilling the extensive requirements for data protection in Germany, this GDPR Programme Management System is a unique combination of technology, processes and expertise to offer a comprehensive solution to manage the full GDPR programme, from planning, through implementation, GDPR compliant business operations, monitoring and continuous improvement in a cost effective way. It also provides DPO’s with workflow management to handle data subject and regulator requests, respond to incidents and provide breach notifications promptly.

Capability Assessment & Improvement

COBIT 5 capability assessments can be highly subjective and depend on the assessor's IT knowledge and experience. The ITGN has the skill, experience and tools needed to ensure reliable results.

Learn more...

COBIT Management System

Improve your IT organisation's efficiency and effectiveness with a management system to coordinate and continuously improve the operational practices.

Read more...

Go to top