SlideShare a Scribd company logo

EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture

M
Michele Collu

You can view webinar recording here: https://vimeo.com/282545375

Education
1 of 40
Download to read offline
Implementing a Competitive GDPR Compliance Posture July 26, 2018
2 Your Presenters Patricia Brady Change Management Lead SEI – Chicago Preston Clark, J.D. President, Conduct and Culture EVERFI Tom Cantwell Transformation Lead SEI – Boston Matt Conner Compliance Lead SEI – Washington, DC
GDPR Overview1 Implementation Cycle2 3 4 5 Assess Current State and Remediate Develop the Future State Maintain Compliance Implementing a Competitive GDPR Compliance Posture 6 Change Management and Training Themes and Keys to Success 7
LMS Integration HRIS Integration Single Sign On (SSO) Shibboleth About EVERFI 1,500+ 20 Languages
GDPR Overview and Implementation Cycle
6 ATLANTA | BOSTON | CHICAGO | CINCINNATI | DALLAS | MIAMI | NEW YORK | PHOENIX | WASHINGTON D.C. About our partner SEI, System Evolution Inc. For over 25 years, SEI has delivered unparalleled service and proven results through our unique combination of local expertise and nationwide collaboration. We are an employee owned, business and technology management consulting firm focused on implementing tailored solutions. With more than 280 consultants in 9 offices across the country, SEI is as invested in the success of our clients as we are in the growth and development of our neighborhoods.
A (very) Brief Review of the Law • GDPR is intended to protect all EU citizens from privacy and data breaches and includes the following key points: – Increased territorial scope – Stiff penalties including fines up to 4% of annual turnover or about $24 million, whichever is greater – Strengthened requirements for consent • GDPR data subject rights include: – Breach notification – Right to access – Right to be forgotten – Data portability – Ability to contact a company’s data protection officer 7
Poll #1 How confident are you that your company’s data procedures are robust enough to be considered compliant? 8
9 Just 26% of respondents said they felt ‘very confident’ that their data governance procedures were robust enough to be classified as compliant by the looming 25 May deadline.” 61%of marketers said that they would apply for an extension on the target date if there was an option to do so, with less than one month to go until the Information Commissioners Office (ICO) starts enforcing the rules in the UK.” -Ensighten, survey of 150 UK brand and agency-side marketing decision makers 45%of UK marketers have said their business is setting money aside to cover any potential fines issued by regulators.” GDPR Readiness Statistics
GDPR Implementation Cycle 10 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Incorporate lessons learned and audit results back into business processes, strategy, and training Update strategy, align business processes, update systems, and train employees Conduct discovery, legal review, assess findings, and remediate discrepancies
Poll #2 What phase of GDPR implementation best describes your organization? 11
Assess Current State and Remediate
Assess Current State and Remediate 13 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Change Managemen t and Training
Understand Where You Process Personal Information 14 IT, business divisions, and third parties are critical areas to investigate to ensure a comprehensive GDPR program IT Systems • Usually centralized • Understand how personal data flows across systems • Where are your data centers? Third Parties • Also usually centralized • Understand who you are sharing personal data with and why • Where are they located? Business Processes • Ensure organizational coverage • This is your data registry – start with the end in mind • Uncover your ”shadow IT” Business Processes Third Parties IT Systems
Current State Assessment and Remediation 15 As with any compliance program, a risk-based iterative approach can help you achieve quick wins early Identify where personal data is processed Assess through a GDPR / data privacy lens Prioritize using risk- based criteria Remediate in an iterative approach Organizational Change
Streamline Your Efforts 16 • Don’t rush the start of your identification process and work with the end in mind • Properly documenting your current state will help you streamline and centralize efforts across many common aspects of GDPR, saving you time and money Notice Consent Data Protection Impact Assessments (DPIA) Contracts Technical and Organizational Measures Policies and Procedures
Develop Future State
Develop Future State 18 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Change Managemen t and Training
GDPR – Future State Getting to May 25th is only the first part of the GDPR journey. Many global firms will face follow-up work to improve on initial solutions, proactively measure current controls, and confirm the competitive position of their offerings. Continuous Improvement Privacy by Design (PbD)Competitive Strategy Enduring Processes Culture | Communications | Training • Many initial GDPR solutions are manual and labor intensive • Technology and process investments can reduce the cost of compliance, improve the customer experience, and foster confidence with trade partners • Address revenue stream impacts with privacy capabilities • Identify alternative methods to achieve meaningful digital marketing 19 • Privacy by default • Inclusion of data protection during system and process design • Data minimization • Limited access • Data profitability strategy • Aligned to strategy and driven by PbD requirements • Adaptable to continuous improvement and new legislation other than GDPR • Cost and resource effective and efficient
Competitive Strategy Threats Opportunities Revenue Streams for Data Controllers: • Consent opt-in results will reduce opportunities to market consumer data • Data minimization requirements will reduce the scope of data collected for marketing Opportunities to Improve Customer Retention: • Invest in strong user experience and content design to build customer trust • Invest and market data privacy as a strength Marketing Challenges: • B2C companies that rely on targeted digital advertising will need alternative methods to make up gaps in digital advertising Marketing Alternatives: • Increased use of contextual advertising based on content being viewed (e.g., advertisements for tickets when viewing a sports page) • Replace data stores with real-time calls for dynamic advertising Revenue Streams Marketing GDPR introduces challenges that will force some businesses to revisit their revenue model. With careful planning, these challenges can be mitigated and potentially even be turned into advantages.
Continuous Improvement • Introduce back-end automation to execute on consent choices • Implement advanced analytics to understand consent elasticity opportunities • Implement MDM solutions to streamline request fulfillment • Improve intake and tracking mechanisms • Implement data mapping tools to improve visibility into processing activities, and improve governance for system changes • Introduce improved controls to reduce the risk of data breach • Design and implement improvements to ensure 72 hour reporting compliance 1 Consent Management Individual Rights2 Record of Processing 3 Security4 Many firms turned to tactical methods to ensure compliance for May 25th. Opportunities remain to improve business performance through selective investment in continuous improvements. 21
• Developing new and redesigning existing processes must be aligned to the corporate strategy, be adaptable to continuous improvement, and be rooted in the Privacy by Design requirements in GDPR • Critical to implement controls to trigger data privacy considerations prior to approval/implementation of new processing activities, projects, products, and IT systems • Build in processes and procedures to efficiently address the data privacy considerations on an enduring cost and resource effective basis • Consider IT solutions but only if it makes the process more efficient and cost effective • Educate and train employees Privacy by Design (PbD) and Developing Enduring Processes 22 In order for PbD to be effective, it must be incorporated deeply into an organization’s culture, policies, procedures, and business processes
Acculturating Privacy - Change Management and Training
Acculturating Privacy – Change Management and Training 24 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Change Managemen t and Training
Change Management – Key Success Factors 25 Key success factors to effectively manage change programs ADOPTION Change Execution ADVOCACY Institutionalize ACCEPTANCE Change Strategy AWARENESS Change Readiness § Leadership aligned and engaged § Stakeholder impacts identified § Barriers to change identified § Drivers of change understood § Desired outcomes articulated § Change roadmap developed § Risk mitigation plan defined § Communications plan designed § Change agents prepared to champion the change § Communications disseminated § People trained on desired behaviors and ways of working § Ongoing execution of alignment activities § Governance established § Benefits measurement underway
Change Management – Best Practices Best practices to effectively manage and drive adoption in GDPR change programs Advocacy AdoptionAwareness Acceptance § GDPR impacts a broad range of stakeholders, create segments for each stakeholder group § Engage leadership early on to ensure buy-in and facilitate decision-making § Conduct an organizational impact assessment (e.g., adding a data privacy officer (DPO), adding new responsibilities to existing roles) § Plan to ensure that privacy is both a successful cultural shift and role based change § Establish adoption criteria for what each group needs to do differently to be GDPR compliant § Create targeted messaging and engagements to guide individuals through the required change § Identify, train, and support your advocates to continuously champion data privacy § Outline and measure the activities necessary for achieving the benefits of GDPR compliance
Maintain
Maintain 28 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Change Managemen t and Training
Maintaining Compliance 29 Organizational Measures • Continuous and proactive efforts to maintain compliance will save time and money in the long run • GDPR compliance is a continuous effort and must become “business as usual” within the organization, not a one-time project • Be able to demonstrate to regulators that your GDPR compliance initiative has not gone stale – Mock Audits – Regular internal reviews – Continued reminders (training, education, communications) • Provide mechanism and resources to support grassroots privacy efforts – “Now that I have learned so much about GDPR, I realize we might be doing something incorrectly. Who do I go to?”
Maintaining Compliance 30 Leveraging Tools and Automation *Research courtesy of NG Data
Planning Infrastructure Example Intake Data Example: Subject Access Requests
Poll #3 How do you feel about your company’s infrastructure for handling subject access requests (SARs) e.g., IT systems, personnel resources, processes, call centers, etc.? 32
Themes and Key Takeaways
GDPR Post May 25th Operational Focus Areas PRIVACY BY DESIGN DATA GOVERNANCE TRACEABILITY & ASSURANCE TECHNOLOGY Ø Privacy as a central component to new product development Ø Data profitability strategy within confines of regulatory compliance Ø Data privacy as a competitive advantage Ø Cultural shift to Privacy by Default Ø Social, Mobile, Analytics, and Cloud (SMAC) evolving privacy strategy Ø Enabling business agility through appropriate standards and resources Ø Constant systematic monitoring and reporting –compliance is only a snapshot in time Ø Crucial for right to erasure, significant area of weakness for most large organizations Ø Data Subject Access Requests (DSAR) Ø Internal/external data protection auditing as a routine business practice Ø Need for more pointed Identity and Access Management (IAM) solutions to better manage “need-to-know” Ø Automating anonymization so critical business intelligence activities are not affected Ø Flexible architecture, allowing for low cost adaptability to future regulatory demands vLeverage GDPR practices and experience to get ahead of future regulatory changes beyond the EU
Keys to Success • Current state assessment and remediation will only get you to compliance at a point in time – establishment of enduring programs is critical • Include GDPR and data privacy into corporate strategy • Implement a comprehensive change management and ongoing training effort • Develop enduring processes rooted in Privacy by Design that are efficient, scalable, and adaptable • Maintain programs through regular internal reviews/mock audits, then incorporate lessons learned back into strategy and processes • With the global focus on data privacy and protection, it’s a matter of when, not if, new laws and regulations will impact your business – prepare now 35
Next Steps
37 Your Presenters Patricia Brady Change Management Lead SEI – Chicago Preston Clark, J.D. President, Conduct and Culture EVERFI Tom Cantwell Transformation Lead SEI – Boston Matt Conner Compliance Lead SEI – Washington, DC
GDPR ● Course Length: 10 minutes ● Languages: 20 ● Key Topics: ○ What is GDPR ○ When and Where GDPR Applies ○ Staffing Implications ○ Reporting Requirements ○ Data Ownership
Poll #4 How can we support you further? 39
Thank You!

Recommended

Internal Audit’s Evolving Role in Corporate GRC Strategy
Internal Audit’s Evolving Role in Corporate GRC StrategyInternal Audit’s Evolving Role in Corporate GRC Strategy
Internal Audit’s Evolving Role in Corporate GRC StrategyDavid Fernandes
 
Data Management Strategy
Data Management StrategyData Management Strategy
Data Management StrategyAxis Technology, LLC
 
Architecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk ManagementArchitecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk Managementjadams6
 
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .jadams6
 
Axis Consulting Case Studies
Axis Consulting Case StudiesAxis Consulting Case Studies
Axis Consulting Case StudiesAxis Technology, LLC
 
7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)GBBLUME
 
Enterprise Data World Webinars: Information Management Principles
Enterprise Data World Webinars: Information Management PrinciplesEnterprise Data World Webinars: Information Management Principles
Enterprise Data World Webinars: Information Management PrinciplesDATAVERSITY
 
Ross Aymami Strategic Work
Ross Aymami Strategic WorkRoss Aymami Strategic Work
Ross Aymami Strategic WorkRoss Aymamí
 

Recommended

Internal Audit’s Evolving Role in Corporate GRC Strategy
Internal Audit’s Evolving Role in Corporate GRC StrategyInternal Audit’s Evolving Role in Corporate GRC Strategy
Internal Audit’s Evolving Role in Corporate GRC StrategyDavid Fernandes
 
Data Management Strategy
Data Management StrategyData Management Strategy
Data Management StrategyAxis Technology, LLC
 
Architecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk ManagementArchitecting the Framework for Compliance & Risk Management
Architecting the Framework for Compliance & Risk Managementjadams6
 
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .
A Lawyer, a Salesperson and the Operations Guy Walk into a Bar . . .jadams6
 
Axis Consulting Case Studies
Axis Consulting Case StudiesAxis Consulting Case Studies
Axis Consulting Case StudiesAxis Technology, LLC
 
7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)7 Grc Myths Webinar 20110127 Final (2)
7 Grc Myths Webinar 20110127 Final (2)GBBLUME
 
Enterprise Data World Webinars: Information Management Principles
Enterprise Data World Webinars: Information Management PrinciplesEnterprise Data World Webinars: Information Management Principles
Enterprise Data World Webinars: Information Management PrinciplesDATAVERSITY
 
Ross Aymami Strategic Work
Ross Aymami Strategic WorkRoss Aymami Strategic Work
Ross Aymami Strategic WorkRoss Aymamí
 
Getting started with decision discovery
Getting started with decision discoveryGetting started with decision discovery
Getting started with decision discoveryDecision Management Solutions
 
High Performance Enterprise
High Performance EnterpriseHigh Performance Enterprise
High Performance Enterpriseguest5cc0d7
 
Masterclass Performance Measurement Framework
Masterclass Performance Measurement FrameworkMasterclass Performance Measurement Framework
Masterclass Performance Measurement FrameworkSeas of Change
 
The Decision Management Manifesto Explained
The Decision Management Manifesto ExplainedThe Decision Management Manifesto Explained
The Decision Management Manifesto ExplainedDecision Management Solutions
 
Enterprise information flow and data management
Enterprise information flow and data managementEnterprise information flow and data management
Enterprise information flow and data managementKaye Homam
 
bu
bubu
buEduardo Alvarez
 
Building a Business Case for Strategic Meetings Management Technology
Building a Business Case for Strategic Meetings Management TechnologyBuilding a Business Case for Strategic Meetings Management Technology
Building a Business Case for Strategic Meetings Management TechnologySignUp4
 
Vodafone Business Performance Measures
Vodafone Business Performance MeasuresVodafone Business Performance Measures
Vodafone Business Performance MeasuresToru Sekiguchi
 
Healthcare Client Balanced Scorecard
Healthcare Client Balanced ScorecardHealthcare Client Balanced Scorecard
Healthcare Client Balanced ScorecardGlen Alleman
 
Applying Marketing Operations Best Practice Framework
Applying Marketing Operations Best Practice FrameworkApplying Marketing Operations Best Practice Framework
Applying Marketing Operations Best Practice FrameworkClearAction Continuum
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...
Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...
Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...Decision Management Solutions
 
Corporate Performance Management
Corporate Performance ManagementCorporate Performance Management
Corporate Performance ManagementTamer Gouda
 
The Distinction Between Business Intelligence (BI) and Corporate Performance ...
The Distinction Between Business Intelligence (BI) and Corporate Performance ...The Distinction Between Business Intelligence (BI) and Corporate Performance ...
The Distinction Between Business Intelligence (BI) and Corporate Performance ...Mika Aho
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Kpi in telecommunication
Kpi in telecommunicationKpi in telecommunication
Kpi in telecommunicationbaluiabrows
 
Charting your path to delivering world class procurement
Charting your path to delivering world class procurementCharting your path to delivering world class procurement
Charting your path to delivering world class procurementProcurement For Housing
 
Corporate performance analysis
Corporate performance analysisCorporate performance analysis
Corporate performance analysisSofttech Engineers Pvt. Ltd.,Pune India (www.softtech-engr.com)
 
Balanced scorecard
Balanced scorecardBalanced scorecard
Balanced scorecardКатя Крючкова
 
Enterprise Performance Management
Enterprise Performance ManagementEnterprise Performance Management
Enterprise Performance ManagementSundarrajan Mungunthan
 
Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsGoutama Bachtiar
 
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DATUM LLC
 

More Related Content

What's hot

High Performance Enterprise
High Performance EnterpriseHigh Performance Enterprise
High Performance Enterpriseguest5cc0d7
 
Masterclass Performance Measurement Framework
Masterclass Performance Measurement FrameworkMasterclass Performance Measurement Framework
Masterclass Performance Measurement FrameworkSeas of Change
 
Enterprise information flow and data management
Enterprise information flow and data managementEnterprise information flow and data management
Enterprise information flow and data managementKaye Homam
 
Building a Business Case for Strategic Meetings Management Technology
Building a Business Case for Strategic Meetings Management TechnologyBuilding a Business Case for Strategic Meetings Management Technology
Building a Business Case for Strategic Meetings Management TechnologySignUp4
 
Vodafone Business Performance Measures
Vodafone Business Performance MeasuresVodafone Business Performance Measures
Vodafone Business Performance MeasuresToru Sekiguchi
 
Healthcare Client Balanced Scorecard
Healthcare Client Balanced ScorecardHealthcare Client Balanced Scorecard
Healthcare Client Balanced ScorecardGlen Alleman
 
Applying Marketing Operations Best Practice Framework
Applying Marketing Operations Best Practice FrameworkApplying Marketing Operations Best Practice Framework
Applying Marketing Operations Best Practice FrameworkClearAction Continuum
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014Paul Simidi
 
Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...
Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...
Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...Decision Management Solutions
 
Corporate Performance Management
Corporate Performance ManagementCorporate Performance Management
Corporate Performance ManagementTamer Gouda
 
The Distinction Between Business Intelligence (BI) and Corporate Performance ...
The Distinction Between Business Intelligence (BI) and Corporate Performance ...The Distinction Between Business Intelligence (BI) and Corporate Performance ...
The Distinction Between Business Intelligence (BI) and Corporate Performance ...Mika Aho
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Kpi in telecommunication
Kpi in telecommunicationKpi in telecommunication
Kpi in telecommunicationbaluiabrows
 
Charting your path to delivering world class procurement
Charting your path to delivering world class procurementCharting your path to delivering world class procurement
Charting your path to delivering world class procurementProcurement For Housing
 

What's hot (20)

Getting started with decision discovery
Getting started with decision discoveryGetting started with decision discovery
Getting started with decision discovery
 
High Performance Enterprise
High Performance EnterpriseHigh Performance Enterprise
High Performance Enterprise
 
Masterclass Performance Measurement Framework
Masterclass Performance Measurement FrameworkMasterclass Performance Measurement Framework
Masterclass Performance Measurement Framework
 
The Decision Management Manifesto Explained
The Decision Management Manifesto ExplainedThe Decision Management Manifesto Explained
The Decision Management Manifesto Explained
 
Enterprise information flow and data management
Enterprise information flow and data managementEnterprise information flow and data management
Enterprise information flow and data management
 
bu
bubu
bu
 
Building a Business Case for Strategic Meetings Management Technology
Building a Business Case for Strategic Meetings Management TechnologyBuilding a Business Case for Strategic Meetings Management Technology
Building a Business Case for Strategic Meetings Management Technology
 
Vodafone Business Performance Measures
Vodafone Business Performance MeasuresVodafone Business Performance Measures
Vodafone Business Performance Measures
 
Healthcare Client Balanced Scorecard
Healthcare Client Balanced ScorecardHealthcare Client Balanced Scorecard
Healthcare Client Balanced Scorecard
 
Applying Marketing Operations Best Practice Framework
Applying Marketing Operations Best Practice FrameworkApplying Marketing Operations Best Practice Framework
Applying Marketing Operations Best Practice Framework
 
GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014GRC - Isaca Training 16.9.2014
GRC - Isaca Training 16.9.2014
 
Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...
Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...
Agile and Cost Effective Compliance: Going Beyond Business Rules with Decisio...
 
Corporate Performance Management
Corporate Performance ManagementCorporate Performance Management
Corporate Performance Management
 
The Distinction Between Business Intelligence (BI) and Corporate Performance ...
The Distinction Between Business Intelligence (BI) and Corporate Performance ...The Distinction Between Business Intelligence (BI) and Corporate Performance ...
The Distinction Between Business Intelligence (BI) and Corporate Performance ...
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance Services
 
Kpi in telecommunication
Kpi in telecommunicationKpi in telecommunication
Kpi in telecommunication
 
Charting your path to delivering world class procurement
Charting your path to delivering world class procurementCharting your path to delivering world class procurement
Charting your path to delivering world class procurement
 
Corporate performance analysis
Corporate performance analysisCorporate performance analysis
Corporate performance analysis
 
Balanced scorecard
Balanced scorecardBalanced scorecard
Balanced scorecard
 
Enterprise Performance Management
Enterprise Performance ManagementEnterprise Performance Management
Enterprise Performance Management
 

Similar to EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture

Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsGoutama Bachtiar
 
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DATUM LLC
 
Data Governance And Culture
Data Governance And CultureData Governance And Culture
Data Governance And Culturennorthrup
 
CPC - Process Transformation
CPC - Process TransformationCPC - Process Transformation
CPC - Process TransformationTed Haenlein
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field Resolver Inc.
 
Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?Community IT Innovators
 
WorldAtWorkConfernce_USBank_OS FINAL (no notes)
WorldAtWorkConfernce_USBank_OS FINAL (no notes)WorldAtWorkConfernce_USBank_OS FINAL (no notes)
WorldAtWorkConfernce_USBank_OS FINAL (no notes)Laura Roach
 
Creating a Business Case for Big Data
Creating a Business Case for Big DataCreating a Business Case for Big Data
Creating a Business Case for Big DataPerficient, Inc.
 
B P G005 Johnson 091807
B P G005 Johnson 091807B P G005 Johnson 091807
B P G005 Johnson 091807Dreamforce07
 
Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...
Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...
Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...Precisely
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-managementAmit Bhargava
 
How to Bring About Finance Transformation on Your Own Terms
How to Bring About Finance Transformation on Your Own TermsHow to Bring About Finance Transformation on Your Own Terms
How to Bring About Finance Transformation on Your Own TermsWorkday, Inc.
 
The New Reality for Business Planning and Analysis
The New Reality for Business Planning and AnalysisThe New Reality for Business Planning and Analysis
The New Reality for Business Planning and AnalysisWorkday, Inc.
 
Selling MDM to Leadership: Defining the Why
Selling MDM to Leadership: Defining the WhySelling MDM to Leadership: Defining the Why
Selling MDM to Leadership: Defining the WhyProfisee
 
Business strategy defined
Business strategy definedBusiness strategy defined
Business strategy definedAnthony Mirza
 
Building the Tax Team of the Future to Navigate the Storm of Regulatory Change
Building the Tax Team of the Future to Navigate the Storm of Regulatory Change Building the Tax Team of the Future to Navigate the Storm of Regulatory Change
Building the Tax Team of the Future to Navigate the Storm of Regulatory Change Sovos
 
Integrated Performance Management
Integrated Performance ManagementIntegrated Performance Management
Integrated Performance ManagementGlen Alleman
 
6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectiveness6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectivenessRavi Tirumalai
 

Similar to EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture (20)

Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor Relationships
 
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
DGIQ 2018 Presentation: A Lawyer, a Salesperson and the Operations Guy Walk ...
 
Data Governance And Culture
Data Governance And CultureData Governance And Culture
Data Governance And Culture
 
CPC - Process Transformation
CPC - Process TransformationCPC - Process Transformation
CPC - Process Transformation
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field
 
Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?
 
Create a Winning BPI Playbook
Create a Winning BPI PlaybookCreate a Winning BPI Playbook
Create a Winning BPI Playbook
 
WorldAtWorkConfernce_USBank_OS FINAL (no notes)
WorldAtWorkConfernce_USBank_OS FINAL (no notes)WorldAtWorkConfernce_USBank_OS FINAL (no notes)
WorldAtWorkConfernce_USBank_OS FINAL (no notes)
 
Creating a Business Case for Big Data
Creating a Business Case for Big DataCreating a Business Case for Big Data
Creating a Business Case for Big Data
 
B P G005 Johnson 091807
B P G005 Johnson 091807B P G005 Johnson 091807
B P G005 Johnson 091807
 
Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...
Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...
Maximize ROI of Insurance Digital Transformation Initiatives with Proven Data...
 
CQE Preparation | The Quality Management System
CQE Preparation | The Quality Management SystemCQE Preparation | The Quality Management System
CQE Preparation | The Quality Management System
 
Enterprise policy-management
Enterprise policy-managementEnterprise policy-management
Enterprise policy-management
 
How to Bring About Finance Transformation on Your Own Terms
How to Bring About Finance Transformation on Your Own TermsHow to Bring About Finance Transformation on Your Own Terms
How to Bring About Finance Transformation on Your Own Terms
 
The New Reality for Business Planning and Analysis
The New Reality for Business Planning and AnalysisThe New Reality for Business Planning and Analysis
The New Reality for Business Planning and Analysis
 
Selling MDM to Leadership: Defining the Why
Selling MDM to Leadership: Defining the WhySelling MDM to Leadership: Defining the Why
Selling MDM to Leadership: Defining the Why
 
Business strategy defined
Business strategy definedBusiness strategy defined
Business strategy defined
 
Building the Tax Team of the Future to Navigate the Storm of Regulatory Change
Building the Tax Team of the Future to Navigate the Storm of Regulatory Change Building the Tax Team of the Future to Navigate the Storm of Regulatory Change
Building the Tax Team of the Future to Navigate the Storm of Regulatory Change
 
Integrated Performance Management
Integrated Performance ManagementIntegrated Performance Management
Integrated Performance Management
 
6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectiveness6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectiveness
 

More from Michele Collu

EVERFI: How To Build a Global Harassment Prevention Strategy
EVERFI: How To Build a Global Harassment Prevention StrategyEVERFI: How To Build a Global Harassment Prevention Strategy
EVERFI: How To Build a Global Harassment Prevention StrategyMichele Collu
 
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...Michele Collu
 
Webinar: Voices of courage-- college students speak from the frontlines of se...
Webinar: Voices of courage-- college students speak from the frontlines of se...Webinar: Voices of courage-- college students speak from the frontlines of se...
Webinar: Voices of courage-- college students speak from the frontlines of se...Michele Collu
 
EVERFI/JL Webinar: New Sexual Harassment Training Mandates in New York
EVERFI/JL Webinar: New Sexual Harassment Training Mandates in New YorkEVERFI/JL Webinar: New Sexual Harassment Training Mandates in New York
EVERFI/JL Webinar: New Sexual Harassment Training Mandates in New YorkMichele Collu
 
EVERFI Webinar: Ten years of impact engaging undergraduates in sexual assaul...
EVERFI Webinar: Ten years of impact engaging undergraduates in sexual assaul...EVERFI Webinar: Ten years of impact engaging undergraduates in sexual assaul...
EVERFI Webinar: Ten years of impact engaging undergraduates in sexual assaul...Michele Collu
 
EVERFI/Jackson Lewis: NCAA Compliance: Raising the Bar to Prevent Sexual Assault
EVERFI/Jackson Lewis: NCAA Compliance: Raising the Bar to Prevent Sexual AssaultEVERFI/Jackson Lewis: NCAA Compliance: Raising the Bar to Prevent Sexual Assault
EVERFI/Jackson Lewis: NCAA Compliance: Raising the Bar to Prevent Sexual AssaultMichele Collu
 
EVERFI: Ongoing Alcohol Prevention Education
EVERFI: Ongoing Alcohol Prevention EducationEVERFI: Ongoing Alcohol Prevention Education
EVERFI: Ongoing Alcohol Prevention EducationMichele Collu
 
EVERFI: The Future of Workplace Harassment Prevention
EVERFI: The Future of Workplace Harassment PreventionEVERFI: The Future of Workplace Harassment Prevention
EVERFI: The Future of Workplace Harassment PreventionMichele Collu
 
EVERFI: The Future of Harassment Prevention in Higher Ed
EVERFI: The Future of Harassment Prevention in Higher EdEVERFI: The Future of Harassment Prevention in Higher Ed
EVERFI: The Future of Harassment Prevention in Higher EdMichele Collu
 
EVERFI: Beyond Freshman Year: Engaging Students in Ongoing Sexual Violence Pr...
EVERFI: Beyond Freshman Year: Engaging Students in Ongoing Sexual Violence Pr...EVERFI: Beyond Freshman Year: Engaging Students in Ongoing Sexual Violence Pr...
EVERFI: Beyond Freshman Year: Engaging Students in Ongoing Sexual Violence Pr...Michele Collu
 
EVERFI: Understanding the Impact of State Marijuana Laws on Campus Prevention
EVERFI: Understanding the Impact of State Marijuana Laws on Campus PreventionEVERFI: Understanding the Impact of State Marijuana Laws on Campus Prevention
EVERFI: Understanding the Impact of State Marijuana Laws on Campus PreventionMichele Collu
 
EVERFI: Addressing Dating & Domestic Violence in the Digital Age
EVERFI: Addressing Dating & Domestic Violence in the Digital AgeEVERFI: Addressing Dating & Domestic Violence in the Digital Age
EVERFI: Addressing Dating & Domestic Violence in the Digital AgeMichele Collu
 
EVERFI Webinar: NCAA Policy (Replay)
EVERFI Webinar: NCAA Policy (Replay)EVERFI Webinar: NCAA Policy (Replay)
EVERFI Webinar: NCAA Policy (Replay)Michele Collu
 
How to Comply with the NCAA's New Sexual Assault Training Policy
How to Comply with the NCAA's New Sexual Assault Training PolicyHow to Comply with the NCAA's New Sexual Assault Training Policy
How to Comply with the NCAA's New Sexual Assault Training PolicyMichele Collu
 
EVERFI Webinar: Adapting sexual assault prevention to reach diverse students
EVERFI Webinar: Adapting sexual assault prevention to reach diverse studentsEVERFI Webinar: Adapting sexual assault prevention to reach diverse students
EVERFI Webinar: Adapting sexual assault prevention to reach diverse studentsMichele Collu
 
EVERFI Webinar: Evidence Based Prescription Drugs Program
EVERFI Webinar: Evidence Based Prescription Drugs ProgramEVERFI Webinar: Evidence Based Prescription Drugs Program
EVERFI Webinar: Evidence Based Prescription Drugs ProgramMichele Collu
 
EVERFI Webinar: Are We in Oz?
EVERFI Webinar: Are We in Oz? EVERFI Webinar: Are We in Oz?
EVERFI Webinar: Are We in Oz? Michele Collu
 
EVERFI webinar: Why We Need a Paradigm Shift in the College Student Drinking ...
EVERFI webinar: Why We Need a Paradigm Shift in the College Student Drinking ...EVERFI webinar: Why We Need a Paradigm Shift in the College Student Drinking ...
EVERFI webinar: Why We Need a Paradigm Shift in the College Student Drinking ...Michele Collu
 
EVERFI Webinar: From Paper to Action: Using a Code of Conduct Effectively
EVERFI Webinar: From Paper to Action: Using a Code of Conduct EffectivelyEVERFI Webinar: From Paper to Action: Using a Code of Conduct Effectively
EVERFI Webinar: From Paper to Action: Using a Code of Conduct EffectivelyMichele Collu
 
EVERFI Webinar: The Dear Colleague Letter Si Years Hence
EVERFI Webinar: The Dear Colleague Letter Si Years HenceEVERFI Webinar: The Dear Colleague Letter Si Years Hence
EVERFI Webinar: The Dear Colleague Letter Si Years HenceMichele Collu
 

More from Michele Collu (20)

EVERFI: How To Build a Global Harassment Prevention Strategy
EVERFI: How To Build a Global Harassment Prevention StrategyEVERFI: How To Build a Global Harassment Prevention Strategy
EVERFI: How To Build a Global Harassment Prevention Strategy
 
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
EVERFI/Jackson Lewis: How to Comply with GDPR Requirements: What every U.S. C...
 
Webinar: Voices of courage-- college students speak from the frontlines of se...
Webinar: Voices of courage-- college students speak from the frontlines of se...Webinar: Voices of courage-- college students speak from the frontlines of se...
Webinar: Voices of courage-- college students speak from the frontlines of se...
 
EVERFI/JL Webinar: New Sexual Harassment Training Mandates in New York
EVERFI/JL Webinar: New Sexual Harassment Training Mandates in New YorkEVERFI/JL Webinar: New Sexual Harassment Training Mandates in New York
EVERFI/JL Webinar: New Sexual Harassment Training Mandates in New York
 
EVERFI Webinar: Ten years of impact engaging undergraduates in sexual assaul...
EVERFI Webinar: Ten years of impact engaging undergraduates in sexual assaul...EVERFI Webinar: Ten years of impact engaging undergraduates in sexual assaul...
EVERFI Webinar: Ten years of impact engaging undergraduates in sexual assaul...
 
EVERFI/Jackson Lewis: NCAA Compliance: Raising the Bar to Prevent Sexual Assault
EVERFI/Jackson Lewis: NCAA Compliance: Raising the Bar to Prevent Sexual AssaultEVERFI/Jackson Lewis: NCAA Compliance: Raising the Bar to Prevent Sexual Assault
EVERFI/Jackson Lewis: NCAA Compliance: Raising the Bar to Prevent Sexual Assault
 
EVERFI: Ongoing Alcohol Prevention Education
EVERFI: Ongoing Alcohol Prevention EducationEVERFI: Ongoing Alcohol Prevention Education
EVERFI: Ongoing Alcohol Prevention Education
 
EVERFI: The Future of Workplace Harassment Prevention
EVERFI: The Future of Workplace Harassment PreventionEVERFI: The Future of Workplace Harassment Prevention
EVERFI: The Future of Workplace Harassment Prevention
 
EVERFI: The Future of Harassment Prevention in Higher Ed
EVERFI: The Future of Harassment Prevention in Higher EdEVERFI: The Future of Harassment Prevention in Higher Ed
EVERFI: The Future of Harassment Prevention in Higher Ed
 
EVERFI: Beyond Freshman Year: Engaging Students in Ongoing Sexual Violence Pr...
EVERFI: Beyond Freshman Year: Engaging Students in Ongoing Sexual Violence Pr...EVERFI: Beyond Freshman Year: Engaging Students in Ongoing Sexual Violence Pr...
EVERFI: Beyond Freshman Year: Engaging Students in Ongoing Sexual Violence Pr...
 
EVERFI: Understanding the Impact of State Marijuana Laws on Campus Prevention
EVERFI: Understanding the Impact of State Marijuana Laws on Campus PreventionEVERFI: Understanding the Impact of State Marijuana Laws on Campus Prevention
EVERFI: Understanding the Impact of State Marijuana Laws on Campus Prevention
 
EVERFI: Addressing Dating & Domestic Violence in the Digital Age
EVERFI: Addressing Dating & Domestic Violence in the Digital AgeEVERFI: Addressing Dating & Domestic Violence in the Digital Age
EVERFI: Addressing Dating & Domestic Violence in the Digital Age
 
EVERFI Webinar: NCAA Policy (Replay)
EVERFI Webinar: NCAA Policy (Replay)EVERFI Webinar: NCAA Policy (Replay)
EVERFI Webinar: NCAA Policy (Replay)
 
How to Comply with the NCAA's New Sexual Assault Training Policy
How to Comply with the NCAA's New Sexual Assault Training PolicyHow to Comply with the NCAA's New Sexual Assault Training Policy
How to Comply with the NCAA's New Sexual Assault Training Policy
 
EVERFI Webinar: Adapting sexual assault prevention to reach diverse students
EVERFI Webinar: Adapting sexual assault prevention to reach diverse studentsEVERFI Webinar: Adapting sexual assault prevention to reach diverse students
EVERFI Webinar: Adapting sexual assault prevention to reach diverse students
 
EVERFI Webinar: Evidence Based Prescription Drugs Program
EVERFI Webinar: Evidence Based Prescription Drugs ProgramEVERFI Webinar: Evidence Based Prescription Drugs Program
EVERFI Webinar: Evidence Based Prescription Drugs Program
 
EVERFI Webinar: Are We in Oz?
EVERFI Webinar: Are We in Oz? EVERFI Webinar: Are We in Oz?
EVERFI Webinar: Are We in Oz?
 
EVERFI webinar: Why We Need a Paradigm Shift in the College Student Drinking ...
EVERFI webinar: Why We Need a Paradigm Shift in the College Student Drinking ...EVERFI webinar: Why We Need a Paradigm Shift in the College Student Drinking ...
EVERFI webinar: Why We Need a Paradigm Shift in the College Student Drinking ...
 
EVERFI Webinar: From Paper to Action: Using a Code of Conduct Effectively
EVERFI Webinar: From Paper to Action: Using a Code of Conduct EffectivelyEVERFI Webinar: From Paper to Action: Using a Code of Conduct Effectively
EVERFI Webinar: From Paper to Action: Using a Code of Conduct Effectively
 
EVERFI Webinar: The Dear Colleague Letter Si Years Hence
EVERFI Webinar: The Dear Colleague Letter Si Years HenceEVERFI Webinar: The Dear Colleague Letter Si Years Hence
EVERFI Webinar: The Dear Colleague Letter Si Years Hence
 

Recently uploaded

Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesCeline George
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterMateoGardella
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 

Recently uploaded (20)

Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 

EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture

  • 1. Implementing a Competitive GDPR Compliance Posture July 26, 2018
  • 2. 2 Your Presenters Patricia Brady Change Management Lead SEI – Chicago Preston Clark, J.D. President, Conduct and Culture EVERFI Tom Cantwell Transformation Lead SEI – Boston Matt Conner Compliance Lead SEI – Washington, DC
  • 3. GDPR Overview1 Implementation Cycle2 3 4 5 Assess Current State and Remediate Develop the Future State Maintain Compliance Implementing a Competitive GDPR Compliance Posture 6 Change Management and Training Themes and Keys to Success 7
  • 5. GDPR Overview and Implementation Cycle
  • 6. 6 ATLANTA | BOSTON | CHICAGO | CINCINNATI | DALLAS | MIAMI | NEW YORK | PHOENIX | WASHINGTON D.C. About our partner SEI, System Evolution Inc. For over 25 years, SEI has delivered unparalleled service and proven results through our unique combination of local expertise and nationwide collaboration. We are an employee owned, business and technology management consulting firm focused on implementing tailored solutions. With more than 280 consultants in 9 offices across the country, SEI is as invested in the success of our clients as we are in the growth and development of our neighborhoods.
  • 7. A (very) Brief Review of the Law • GDPR is intended to protect all EU citizens from privacy and data breaches and includes the following key points: – Increased territorial scope – Stiff penalties including fines up to 4% of annual turnover or about $24 million, whichever is greater – Strengthened requirements for consent • GDPR data subject rights include: – Breach notification – Right to access – Right to be forgotten – Data portability – Ability to contact a company’s data protection officer 7
  • 8. Poll #1 How confident are you that your company’s data procedures are robust enough to be considered compliant? 8
  • 9. 9 Just 26% of respondents said they felt ‘very confident’ that their data governance procedures were robust enough to be classified as compliant by the looming 25 May deadline.” 61%of marketers said that they would apply for an extension on the target date if there was an option to do so, with less than one month to go until the Information Commissioners Office (ICO) starts enforcing the rules in the UK.” -Ensighten, survey of 150 UK brand and agency-side marketing decision makers 45%of UK marketers have said their business is setting money aside to cover any potential fines issued by regulators.” GDPR Readiness Statistics
  • 10. GDPR Implementation Cycle 10 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Incorporate lessons learned and audit results back into business processes, strategy, and training Update strategy, align business processes, update systems, and train employees Conduct discovery, legal review, assess findings, and remediate discrepancies
  • 11. Poll #2 What phase of GDPR implementation best describes your organization? 11
  • 12. Assess Current State and Remediate
  • 13. Assess Current State and Remediate 13 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Change Managemen t and Training
  • 14. Understand Where You Process Personal Information 14 IT, business divisions, and third parties are critical areas to investigate to ensure a comprehensive GDPR program IT Systems • Usually centralized • Understand how personal data flows across systems • Where are your data centers? Third Parties • Also usually centralized • Understand who you are sharing personal data with and why • Where are they located? Business Processes • Ensure organizational coverage • This is your data registry – start with the end in mind • Uncover your ”shadow IT” Business Processes Third Parties IT Systems
  • 15. Current State Assessment and Remediation 15 As with any compliance program, a risk-based iterative approach can help you achieve quick wins early Identify where personal data is processed Assess through a GDPR / data privacy lens Prioritize using risk- based criteria Remediate in an iterative approach Organizational Change
  • 16. Streamline Your Efforts 16 • Don’t rush the start of your identification process and work with the end in mind • Properly documenting your current state will help you streamline and centralize efforts across many common aspects of GDPR, saving you time and money Notice Consent Data Protection Impact Assessments (DPIA) Contracts Technical and Organizational Measures Policies and Procedures
  • 18. Develop Future State 18 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Change Managemen t and Training
  • 19. GDPR – Future State Getting to May 25th is only the first part of the GDPR journey. Many global firms will face follow-up work to improve on initial solutions, proactively measure current controls, and confirm the competitive position of their offerings. Continuous Improvement Privacy by Design (PbD)Competitive Strategy Enduring Processes Culture | Communications | Training • Many initial GDPR solutions are manual and labor intensive • Technology and process investments can reduce the cost of compliance, improve the customer experience, and foster confidence with trade partners • Address revenue stream impacts with privacy capabilities • Identify alternative methods to achieve meaningful digital marketing 19 • Privacy by default • Inclusion of data protection during system and process design • Data minimization • Limited access • Data profitability strategy • Aligned to strategy and driven by PbD requirements • Adaptable to continuous improvement and new legislation other than GDPR • Cost and resource effective and efficient
  • 20. Competitive Strategy Threats Opportunities Revenue Streams for Data Controllers: • Consent opt-in results will reduce opportunities to market consumer data • Data minimization requirements will reduce the scope of data collected for marketing Opportunities to Improve Customer Retention: • Invest in strong user experience and content design to build customer trust • Invest and market data privacy as a strength Marketing Challenges: • B2C companies that rely on targeted digital advertising will need alternative methods to make up gaps in digital advertising Marketing Alternatives: • Increased use of contextual advertising based on content being viewed (e.g., advertisements for tickets when viewing a sports page) • Replace data stores with real-time calls for dynamic advertising Revenue Streams Marketing GDPR introduces challenges that will force some businesses to revisit their revenue model. With careful planning, these challenges can be mitigated and potentially even be turned into advantages.
  • 21. Continuous Improvement • Introduce back-end automation to execute on consent choices • Implement advanced analytics to understand consent elasticity opportunities • Implement MDM solutions to streamline request fulfillment • Improve intake and tracking mechanisms • Implement data mapping tools to improve visibility into processing activities, and improve governance for system changes • Introduce improved controls to reduce the risk of data breach • Design and implement improvements to ensure 72 hour reporting compliance 1 Consent Management Individual Rights2 Record of Processing 3 Security4 Many firms turned to tactical methods to ensure compliance for May 25th. Opportunities remain to improve business performance through selective investment in continuous improvements. 21
  • 22. • Developing new and redesigning existing processes must be aligned to the corporate strategy, be adaptable to continuous improvement, and be rooted in the Privacy by Design requirements in GDPR • Critical to implement controls to trigger data privacy considerations prior to approval/implementation of new processing activities, projects, products, and IT systems • Build in processes and procedures to efficiently address the data privacy considerations on an enduring cost and resource effective basis • Consider IT solutions but only if it makes the process more efficient and cost effective • Educate and train employees Privacy by Design (PbD) and Developing Enduring Processes 22 In order for PbD to be effective, it must be incorporated deeply into an organization’s culture, policies, procedures, and business processes
  • 23. Acculturating Privacy - Change Management and Training
  • 24. Acculturating Privacy – Change Management and Training 24 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Change Managemen t and Training
  • 25. Change Management – Key Success Factors 25 Key success factors to effectively manage change programs ADOPTION Change Execution ADVOCACY Institutionalize ACCEPTANCE Change Strategy AWARENESS Change Readiness § Leadership aligned and engaged § Stakeholder impacts identified § Barriers to change identified § Drivers of change understood § Desired outcomes articulated § Change roadmap developed § Risk mitigation plan defined § Communications plan designed § Change agents prepared to champion the change § Communications disseminated § People trained on desired behaviors and ways of working § Ongoing execution of alignment activities § Governance established § Benefits measurement underway
  • 26. Change Management – Best Practices Best practices to effectively manage and drive adoption in GDPR change programs Advocacy AdoptionAwareness Acceptance § GDPR impacts a broad range of stakeholders, create segments for each stakeholder group § Engage leadership early on to ensure buy-in and facilitate decision-making § Conduct an organizational impact assessment (e.g., adding a data privacy officer (DPO), adding new responsibilities to existing roles) § Plan to ensure that privacy is both a successful cultural shift and role based change § Establish adoption criteria for what each group needs to do differently to be GDPR compliant § Create targeted messaging and engagements to guide individuals through the required change § Identify, train, and support your advocates to continuously champion data privacy § Outline and measure the activities necessary for achieving the benefits of GDPR compliance
  • 28. Maintain 28 Maintain Develop Future State Assess Current State and Remediate May 25th (or upon completion) Change Managemen t and Training
  • 29. Maintaining Compliance 29 Organizational Measures • Continuous and proactive efforts to maintain compliance will save time and money in the long run • GDPR compliance is a continuous effort and must become “business as usual” within the organization, not a one-time project • Be able to demonstrate to regulators that your GDPR compliance initiative has not gone stale – Mock Audits – Regular internal reviews – Continued reminders (training, education, communications) • Provide mechanism and resources to support grassroots privacy efforts – “Now that I have learned so much about GDPR, I realize we might be doing something incorrectly. Who do I go to?”
  • 30. Maintaining Compliance 30 Leveraging Tools and Automation *Research courtesy of NG Data
  • 31. Planning Infrastructure Example Intake Data Example: Subject Access Requests
  • 32. Poll #3 How do you feel about your company’s infrastructure for handling subject access requests (SARs) e.g., IT systems, personnel resources, processes, call centers, etc.? 32
  • 33. Themes and Key Takeaways
  • 34. GDPR Post May 25th Operational Focus Areas PRIVACY BY DESIGN DATA GOVERNANCE TRACEABILITY & ASSURANCE TECHNOLOGY Ø Privacy as a central component to new product development Ø Data profitability strategy within confines of regulatory compliance Ø Data privacy as a competitive advantage Ø Cultural shift to Privacy by Default Ø Social, Mobile, Analytics, and Cloud (SMAC) evolving privacy strategy Ø Enabling business agility through appropriate standards and resources Ø Constant systematic monitoring and reporting –compliance is only a snapshot in time Ø Crucial for right to erasure, significant area of weakness for most large organizations Ø Data Subject Access Requests (DSAR) Ø Internal/external data protection auditing as a routine business practice Ø Need for more pointed Identity and Access Management (IAM) solutions to better manage “need-to-know” Ø Automating anonymization so critical business intelligence activities are not affected Ø Flexible architecture, allowing for low cost adaptability to future regulatory demands vLeverage GDPR practices and experience to get ahead of future regulatory changes beyond the EU
  • 35. Keys to Success • Current state assessment and remediation will only get you to compliance at a point in time – establishment of enduring programs is critical • Include GDPR and data privacy into corporate strategy • Implement a comprehensive change management and ongoing training effort • Develop enduring processes rooted in Privacy by Design that are efficient, scalable, and adaptable • Maintain programs through regular internal reviews/mock audits, then incorporate lessons learned back into strategy and processes • With the global focus on data privacy and protection, it’s a matter of when, not if, new laws and regulations will impact your business – prepare now 35
  • 37. 37 Your Presenters Patricia Brady Change Management Lead SEI – Chicago Preston Clark, J.D. President, Conduct and Culture EVERFI Tom Cantwell Transformation Lead SEI – Boston Matt Conner Compliance Lead SEI – Washington, DC
  • 38. GDPR ● Course Length: 10 minutes ● Languages: 20 ● Key Topics: ○ What is GDPR ○ When and Where GDPR Applies ○ Staffing Implications ○ Reporting Requirements ○ Data Ownership
  • 39. Poll #4 How can we support you further? 39