Download presentation
Presentation is loading. Please wait.
Published byCandice Chapman Modified over 5 years ago
1
Automating the Monitoring & Management of GDPR Compliance
By Paul O’Brien 6th March 2019
2
Introduction Experienced Risk & Compliance Professionals
Members of IRM, IOB, ACOI, ACCA, ISI... Involved in the Development of Standards We supply a Governance, Risk & Compliance Software Solution called CalQRisk CalQRisk is used by 170+ regulated firms Including Brokers, Financial Advisors, Fund Management Companies, Fund Administrators, Credit Unions, Solicitors, Hotels, Charities and Local Authorities
3
Agenda Introduction What to monitor Case Study
Automating the Management of GDPR Effective and Meaningful Monitoring Using the inputs to improve the outcomes
4
What to monitor and how often?
Compliance with internal policies and procedures Use of personal data Imparting of information Data retention and deletion Response to Data Subject requests Facilitating DS exercise of rights Does every Process have an owner?
5
Why Monitor?
6
Case Study A Large Hotel Chain 75 entities world wide
Different National Cultures Standardisation of Processes Confirmation of Application of Corporate Standard Processes Daily / Weekly / Monthly / Quarterly / Annually Supported by appropriate Audit
7
Automate the Risk Assessment Process
8
Typical Monitoring Question Set
9
Automate the Input Gathering
Risk assessments Incident and near-miss reports Complaints Data subject requests Audit findings Breach reports Etc.
10
Data Subject Requests
11
Use the Inputs to Improve the Outcomes
Monitoring makes the vulnerabilities apparent Prioritise issues and concentrate resources where they are most needed Find common control weaknesses and redesign process to get better results Modify the monitoring frequency in response to the input
12
Make Monitoring Easy and Meaningful
Leadership needs confirmation that the procedures are being followed by all those responsible all the time Those responsible, need to be able to attest to the effectiveness of the processes Only ask monitoring questions that are meaningful If the monitoring tells you the process is not working – Change the Process
13
Monitor Compliance
14
Thank You
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.