Presentation is loading. Please wait.

Presentation is loading. Please wait.

Automating the Monitoring & Management of GDPR Compliance

Published byCandice Chapman Modified over 6 years ago

Similar presentations

Presentation on theme: "Automating the Monitoring & Management of GDPR Compliance"— Presentation transcript:

1 Automating the Monitoring & Management of GDPR Compliance
By Paul O’Brien 6th March 2019

2 Introduction Experienced Risk & Compliance Professionals
Members of IRM, IOB, ACOI, ACCA, ISI... Involved in the Development of Standards We supply a Governance, Risk & Compliance Software Solution called CalQRisk CalQRisk is used by 170+ regulated firms Including Brokers, Financial Advisors, Fund Management Companies, Fund Administrators, Credit Unions, Solicitors, Hotels, Charities and Local Authorities

3 Agenda Introduction What to monitor Case Study
Automating the Management of GDPR Effective and Meaningful Monitoring Using the inputs to improve the outcomes

4 What to monitor and how often?
Compliance with internal policies and procedures Use of personal data Imparting of information Data retention and deletion Response to Data Subject requests Facilitating DS exercise of rights Does every Process have an owner?

5 Why Monitor?

6 Case Study A Large Hotel Chain 75 entities world wide
Different National Cultures Standardisation of Processes Confirmation of Application of Corporate Standard Processes Daily / Weekly / Monthly / Quarterly / Annually Supported by appropriate Audit

7 Automate the Risk Assessment Process

8 Typical Monitoring Question Set

9 Automate the Input Gathering
Risk assessments Incident and near-miss reports Complaints Data subject requests Audit findings Breach reports Etc.

10 Data Subject Requests

11 Use the Inputs to Improve the Outcomes
Monitoring makes the vulnerabilities apparent Prioritise issues and concentrate resources where they are most needed Find common control weaknesses and redesign process to get better results Modify the monitoring frequency in response to the input

12 Make Monitoring Easy and Meaningful
Leadership needs confirmation that the procedures are being followed by all those responsible all the time Those responsible, need to be able to attest to the effectiveness of the processes Only ask monitoring questions that are meaningful If the monitoring tells you the process is not working – Change the Process

13 Monitor Compliance

14 Thank You

Download ppt "Automating the Monitoring & Management of GDPR Compliance"

Similar presentations

Confidential & Proprietary to Cooper Compliance Corporation Revised September 8, 2014 AUDiT-READY TM.

Confidential & Proprietary to Cooper Compliance Corporation Revised September 8, 2014 AUDiT-READY TM.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Central Piedmont Community College Internal Audit _____________________________ What to Expect When You Are Audited November 2014.

Central Piedmont Community College Internal Audit _____________________________ What to Expect When You Are Audited November 2014.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
1 6c: IA/PF - The Compliance Program and Modern Technology (Part 1 - Workshop) October 22, 2014 Mitch Kraskin - CEO, Compliance Science, Inc. Peter Mafteiu.

1 6c: IA/PF - The Compliance Program and Modern Technology (Part 1 - Workshop) October 22, 2014 Mitch Kraskin - CEO, Compliance Science, Inc. Peter Mafteiu.
Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.

Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.
Service Provider Examinations What You Need to Know

Service Provider Examinations What You Need to Know
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Cyber Security: Now and.
Our Changing Future Unit Linked Fund Governance George McCutcheon FIA MSc– Director, Financial Risk Solutions 18 Sep 2013.

Our Changing Future Unit Linked Fund Governance George McCutcheon FIA MSc– Director, Financial Risk Solutions 18 Sep 2013.
CCAB Training Providers Event 17 November 2008 Reviews Required by QAC Heather Briers Director Chartered Accountants Regulatory Board.

CCAB Training Providers Event 17 November 2008 Reviews Required by QAC Heather Briers Director Chartered Accountants Regulatory Board.
© Securities Commission, Malaysia 1 What the Audit Oversight Board will do ICAA-MICPA Audit Forum 3 August 2010.

© Securities Commission, Malaysia 1 What the Audit Oversight Board will do ICAA-MICPA Audit Forum 3 August 2010.
Advanced Program in Auditing and Accounting Regulation Module 12 Enhancing Statutory Audit Quality from a Financial Regulator’s Perspective Presenter:

Advanced Program in Auditing and Accounting Regulation Module 12 Enhancing Statutory Audit Quality from a Financial Regulator’s Perspective Presenter:
Copyright Security-Assessment.com 2004 Vulnerability Management Explained By Peter Benson.

Copyright Security-Assessment.com 2004 Vulnerability Management Explained By Peter Benson.
November 29, 20051 The Implementation of the 8th Directive Public Oversight in Hungary Katalin Fekete Vice President Hungarian Chamber of Auditors.

November 29, The Implementation of the 8th Directive Public Oversight in Hungary Katalin Fekete Vice President Hungarian Chamber of Auditors.
The Petroleum Oil and Gas Corporation of South Africa (SOC) Ltd Reg. No. 1970/008130/07 Board Audit and Risk Committee presentation to the Parliament Portfolio.

The Petroleum Oil and Gas Corporation of South Africa (SOC) Ltd Reg. No. 1970/008130/07 Board Audit and Risk Committee presentation to the Parliament Portfolio.
V.Jawahar B.Com(Hons); FCA; Grad.CWA; ISA CISA; CISSP; CISM.

V.Jawahar B.Com(Hons); FCA; Grad.CWA; ISA CISA; CISSP; CISM.
Pro-active Security Measures

Pro-active Security Measures
CHO Code of Practice Alternative Dispute Resolution.

CHO Code of Practice Alternative Dispute Resolution.
On Demand Travel Spend Management Solutions ATRIIS Travel & Expense Management Solutions June 2011.

On Demand Travel Spend Management Solutions ATRIIS Travel & Expense Management Solutions June 2011.
Audit Committee Presentation Annual Audit Plan

Audit Committee Presentation Annual Audit Plan

Similar presentations

Ads by Google