Professor & Academic Director, Solvay Brussels School
Beyond the legal concerns related to defining the compliance requirements for organisations to implement GDPR, five domains of skills and expertise are identified to ensure a successful outcome. professor Georges Ataya shall describe those domains referring them to existing standards, professional certifications schemes, and bodies of knowledge.
- LEGAL AND MANAGEMENT REQUIREMENTS: Applicable regulations are weighted against Business objectives to define the milestones and phases for Data Protection requirements.
- RISK AND IMPACT ASSESSMENT: Risk Assessment and Data Protection Impact Assessment exercises shape the transformation activity.
- COMPLIANCE TRANSFORMATION: Transformation includes program and project management, process improvement and the implementation of adequate enablers to target protection levels. Agile development, maturity tracking and step based milestones are good practices.
- INFORMATION SECURITY AND PRIVACY: Build the secure platform within several architectural layers.
- RESPONSE & BREACH MANAGEMENT: Response management and breach handling activities require due care and adequate preparation.
Speech: "The five knowledge domains for a successful GDPR implementation"