Today is Data Privacy Day, which brings heightened awareness and education around the importance of recognizing and managing data privacy issues. Privacy laws and technology continue to evolve since the launch of this awareness day in 2008 to now—especially with the introduction of key privacy laws such as the California Consumer Privacy Act and emerging technologies such as robotic process automation, Internet of Things (IoT) and artificial intelligence (AI).

To help professionals navigate these changes and stay in compliance with data privacy regulations, ISACA, in partnership with ACL, has released a new complimentary white paper, Enforcing Data Privacy in the Digital World.

This resource arms enterprises with knowledge about privacy and security controls in the data life cycle, the evolution of global data privacy laws, and the impact of incorrect and/or missing data privacy controls—citing recent major data breaches at Marriott International Inc. and Uber. Enforcing Data Privacy in the Digital World then provides professionals with information to act on, including top data compliance challenges and solutions, tips for building a strong data governance program and an approach to manage enterprise data life cycle compliance needs.

The white paper also outlines several ways that enterprises can mitigate risk, including:

  • Conduct a privacy impact assessment (PIA) to identify technology, process or people, that currently use data files.
  • Assess the latest frameworks, standards, and industry best practices to implement a strong governance framework, such as COBIT 2019.
  • Implement IT governance best practices to ensure proper access and stop personal and sensitive data from being accessed by unauthorized individuals.

“Controlling risk is not only essential from the perspective of maintaining data security, business continuity, and enterprise reputation, but it is also important from a regulatory compliance standpoint with the evolution of data privacy laws,” said Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, Director of Information Security and IT Assurance at BRM Holdich and chair, ISACA Women’s Leadership Council. “There are so many factors that enterprises need to keep in mind and plans they should be implementing; this resource is here to help simplify these elements and provide a measured and informed approach to preparing for, monitoring, and mitigating risk to data privacy.”

In addition to this white paper, professionals can learn more by attending the free one-hour webinar from ISACA and ACL, Enforcing Data Privacy in the New Digital World, on Thursday, 7 February, at 11 a.m. CST. Phil Shomura, Senior Product Manager at ACL, will discuss how to build a strong regulatory data governance model to ensure organizations remain compliant and explain the technologies, frameworks, and standards that can assist in this.

For more guidance and information around GDPR and privacy, including interactive learning options, resources and news, please visit www.isaca.org/gdpr.

About ISACA

Now in its 50th anniversary year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 460,000 engaged professionals—including 140,000 members—in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including more than 220 chapters worldwide and offices in both the United States and China.