Compliance with the General Data Protection Regulation (GDPR) begins on the 25th May 2018, giving us almost six months to finalize GDPR preparations. Doing nothing is not an option.
The exact number of days left can be found HERE . We provide an overview of what GDPR means for people, roles, responsibilities and IT systems, read the blog: An approach to GDPR
In conjunction with GDPR is the need for strong data and cybersecurity. COBIT® 5 will help you prepare. ISACA has a useful guide in the public domain that provides all the mappings HERE.
True readiness covers understanding, preparing for and testing out the basic concepts, the legal requirements and the contents of the GDPR preparedness plan.
Things that validate basic understanding are:
There are two useful sites people can refer to. This one for the UK and this for parts of the EU
Whilst two of several sources, they are a good place to start understanding the demands and complexities of 28 nations domestically enacting one regulation.
Another law firm, Norton Rose Fullbright, has a checklist that decodes the legal aspects into business language, offering a different perspective to ISACA’s guidance. Download the PDF HERE. Understanding both will aid organizations’ ability to apply GDPR successfully.
In summary, the key aspects are: