SlideShare a Scribd company logo

Dimitris Mouzakitis

Alma Total Solutions
Alma Total Solutions

The Role Of Internal Audit in the Implementation of the GDPR

Education
1 of 10
The Role of Internal Audit in the Implementation of the GDPR Dimitris Mouzakitis – Manager of Governance, Compliance and Risk Management CISM, CRISC, PCI QSA, ISO 27001 Lead Auditor May 25th, 2017
WWW.ODYSSEYCS.COM Overview of the GDPR • The General Data Protection Regulation (GDPR) was approved by the European Parliament on April 2016 • Will apply to all EU member states from May 25th, 2018 • Its primary purpose is to protect and provide rights to EU citizens whose data is being collected and/or processed by organizations
WWW.ODYSSEYCS.COM Overview of the GDPR - Definitions Personal Data: Any data identifying a living person (directly or indirectly) Applicability: Globally – as long as EU citizens’ data is collected/ processed Breach Notification: Notify the Supervisory Authority up to 72 hrs after being aware of it Opt-in Consent: Shall be clear and personal data shall only be used as agreed Joint Liability: Data Controllers & Processors
WWW.ODYSSEYCS.COM Overview of the GDPR Data Subjects (owners of data) may demand: • To know how data was initially sourced • Their data to be updated or even deleted • Right to object to direct marketing • Compensation for damage if data is lost • The Regulator to investigate a concern
WWW.ODYSSEYCS.COM Overview of the GDPR Fines for Non-Compliance Up to €20 Million or 4% of annual global turnover (whichever is higher) Fines are likely to be based on: • The volume of data lost • Policies, Procedures and technology in place to reduce risk • Level of Employee awareness Fines are officially published by the Regulator when imposed
WWW.ODYSSEYCS.COM The Role of Internal Audit in the Implementation of the GDPR An effective Internal Audit function has the enterprise-wide perspective to help organizations realize and address the needs of the Regulation. In addition, as an independent assurance provider, IA can deliver experience, skills, and knowledge needed to recognize the organization’s security strengths and weaknesses and to test and improve compliance capabilities.
WWW.ODYSSEYCS.COM The Role of Internal Audit in the Implementation of the GDPR Internal Audit is not only Auditing… is performing Consulting activities as well • Could identify Risks • Propose better ways and best practices • Offer suggestions for improvement • Co-operate with other Functions/ Departments to find solutions • Elevate issues to a level where they can be corrected
WWW.ODYSSEYCS.COM Internal Audit can be involved in the following major tasks towards GDPR compliance: • Work with Management to understand their objectives • Help Management to provide a framework for making appropriate risk-mitigation decisions and building organization resilience • Perform Gap Analysis against GDPR requirements to identify areas for improvement • Perform full/ partial compliance assessment(s) acting as the Regulator The Role of Internal Audit in the Implementation of the GDPR
WWW.ODYSSEYCS.COM THANK YOU
HEADQUARTERS CYPRUS 1 Lefkos Anastasiades str., 2012 Strovolos, Nicosia Tel.: +357 22463600 Fax: +357 22463563 OFFICES GREECE | SERBIA | DUBAI | USA | SOUTH AFRICA

Recommended

Angela Witzany
Angela WitzanyAngela Witzany
Angela WitzanyAlma Total Solutions
 
Atila Kas
Atila KasAtila Kas
Atila KasAlma Total Solutions
 
Melvyn Neate
Melvyn NeateMelvyn Neate
Melvyn NeateAlma Total Solutions
 
Setting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineSetting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineFraudBusters
 
Chief Compliance Officer: What does it take to do the job? The Organization's...
Chief Compliance Officer: What does it take to do the job? The Organization's...Chief Compliance Officer: What does it take to do the job? The Organization's...
Chief Compliance Officer: What does it take to do the job? The Organization's...OnlineCompliance Panel
 
The Evolving Role of the Chief Compliance Officer
The Evolving Role of the Chief Compliance OfficerThe Evolving Role of the Chief Compliance Officer
The Evolving Role of the Chief Compliance OfficerConvercent
 
Busines Continuity And Compliance
Busines Continuity And ComplianceBusines Continuity And Compliance
Busines Continuity And Compliancesalamali
 
Third Party Risk Assessment Due Diligence - Managed Service as Best Practice
Third Party Risk Assessment Due Diligence - Managed Service as Best PracticeThird Party Risk Assessment Due Diligence - Managed Service as Best Practice
Third Party Risk Assessment Due Diligence - Managed Service as Best PracticeDVV Solutions Third Party Risk Management
 

Recommended

Angela Witzany
Angela WitzanyAngela Witzany
Angela WitzanyAlma Total Solutions
 
Atila Kas
Atila KasAtila Kas
Atila KasAlma Total Solutions
 
Melvyn Neate
Melvyn NeateMelvyn Neate
Melvyn NeateAlma Total Solutions
 
Setting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineSetting Up and Managing an Anonymous Fraud Hotline
Setting Up and Managing an Anonymous Fraud HotlineFraudBusters
 
Chief Compliance Officer: What does it take to do the job? The Organization's...
Chief Compliance Officer: What does it take to do the job? The Organization's...Chief Compliance Officer: What does it take to do the job? The Organization's...
Chief Compliance Officer: What does it take to do the job? The Organization's...OnlineCompliance Panel
 
The Evolving Role of the Chief Compliance Officer
The Evolving Role of the Chief Compliance OfficerThe Evolving Role of the Chief Compliance Officer
The Evolving Role of the Chief Compliance OfficerConvercent
 
Busines Continuity And Compliance
Busines Continuity And ComplianceBusines Continuity And Compliance
Busines Continuity And Compliancesalamali
 
Third Party Risk Assessment Due Diligence - Managed Service as Best Practice
Third Party Risk Assessment Due Diligence - Managed Service as Best PracticeThird Party Risk Assessment Due Diligence - Managed Service as Best Practice
Third Party Risk Assessment Due Diligence - Managed Service as Best PracticeDVV Solutions Third Party Risk Management
 
Best Practices in Internal Audit - Iyad Mourtada
Best Practices in Internal Audit - Iyad MourtadaBest Practices in Internal Audit - Iyad Mourtada
Best Practices in Internal Audit - Iyad MourtadaIyad Mourtada, CMA, CIA, CFE, CCSA, CRMA, CPLP
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCBill Graham CP.APMP
 
Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...
Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...
Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...Edunomica
 
Risk Technology Strategy, Selection and Implementation
Risk Technology Strategy, Selection and ImplementationRisk Technology Strategy, Selection and Implementation
Risk Technology Strategy, Selection and ImplementationRisk Management Institution of Australasia
 
Data analytics for auditors Using the Analysis
Data analytics for auditors Using the AnalysisData analytics for auditors Using the Analysis
Data analytics for auditors Using the AnalysisJim Kaplan CIA CFE
 
KRI Consulting Solutions LLC
KRI Consulting Solutions LLCKRI Consulting Solutions LLC
KRI Consulting Solutions LLCkrh96011
 
Governance, Risk Management, and Internal Control
Governance, Risk Management, and Internal ControlGovernance, Risk Management, and Internal Control
Governance, Risk Management, and Internal ControlInternational Federation of Accountants
 
Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Deloitte UK
 
Data analytics 2 analytics in the audit slides
Data analytics 2 analytics in the audit slides Data analytics 2 analytics in the audit slides
Data analytics 2 analytics in the audit slides Jim Kaplan CIA CFE
 
South African Integrity Assessment
South African Integrity AssessmentSouth African Integrity Assessment
South African Integrity AssessmentJohann L Botha
 
IT Outsourcing Risks In Financial Sector
IT Outsourcing Risks In Financial SectorIT Outsourcing Risks In Financial Sector
IT Outsourcing Risks In Financial SectorUKNGroupLtd
 
2015 IA survey - Protiviti
2015 IA survey - Protiviti2015 IA survey - Protiviti
2015 IA survey - ProtivitiSimone Luca Giargia
 
Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Risk Management Institution of Australasia
 
Exploring Common Paths in Risk Management by Jan Mattingly
Exploring Common Paths in Risk Management by Jan MattinglyExploring Common Paths in Risk Management by Jan Mattingly
Exploring Common Paths in Risk Management by Jan MattinglyInternational Federation of Accountants
 
How Risk Management Can Improve Governance And Increase Shareholder Value
How Risk Management Can Improve Governance And Increase Shareholder ValueHow Risk Management Can Improve Governance And Increase Shareholder Value
How Risk Management Can Improve Governance And Increase Shareholder ValueRon Harasym
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk ManagementEC-Council
 
Introducing KRI model know your customers
Introducing KRI model know your customersIntroducing KRI model know your customers
Introducing KRI model know your customersBaby Sirota
 
Compliance as Culture Strategy
Compliance as Culture StrategyCompliance as Culture Strategy
Compliance as Culture StrategyCornerstone OnDemand
 
Enterprise Data World 2018
Enterprise Data World 2018Enterprise Data World 2018
Enterprise Data World 2018jadams6
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data GovernanceDATUM LLC
 
Why GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkWhy GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkPECB
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...DATUM LLC
 

More Related Content

What's hot

Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCBill Graham CP.APMP
 
Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...
Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...
Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...Edunomica
 
Data analytics for auditors Using the Analysis
Data analytics for auditors Using the AnalysisData analytics for auditors Using the Analysis
Data analytics for auditors Using the AnalysisJim Kaplan CIA CFE
 
KRI Consulting Solutions LLC
KRI Consulting Solutions LLCKRI Consulting Solutions LLC
KRI Consulting Solutions LLCkrh96011
 
Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Deloitte UK
 
Data analytics 2 analytics in the audit slides
Data analytics 2 analytics in the audit slides Data analytics 2 analytics in the audit slides
Data analytics 2 analytics in the audit slides Jim Kaplan CIA CFE
 
South African Integrity Assessment
South African Integrity AssessmentSouth African Integrity Assessment
South African Integrity AssessmentJohann L Botha
 
IT Outsourcing Risks In Financial Sector
IT Outsourcing Risks In Financial SectorIT Outsourcing Risks In Financial Sector
IT Outsourcing Risks In Financial SectorUKNGroupLtd
 
How Risk Management Can Improve Governance And Increase Shareholder Value
How Risk Management Can Improve Governance And Increase Shareholder ValueHow Risk Management Can Improve Governance And Increase Shareholder Value
How Risk Management Can Improve Governance And Increase Shareholder ValueRon Harasym
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk ManagementEC-Council
 
Introducing KRI model know your customers
Introducing KRI model know your customersIntroducing KRI model know your customers
Introducing KRI model know your customersBaby Sirota
 

What's hot (18)

Best Practices in Internal Audit - Iyad Mourtada
Best Practices in Internal Audit - Iyad MourtadaBest Practices in Internal Audit - Iyad Mourtada
Best Practices in Internal Audit - Iyad Mourtada
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRC
 
Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...
Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...
Jeremy Adamson: Minding the Machines: Building and Leading Analytics Data Sci...
 
Risk Technology Strategy, Selection and Implementation
Risk Technology Strategy, Selection and ImplementationRisk Technology Strategy, Selection and Implementation
Risk Technology Strategy, Selection and Implementation
 
Data analytics for auditors Using the Analysis
Data analytics for auditors Using the AnalysisData analytics for auditors Using the Analysis
Data analytics for auditors Using the Analysis
 
KRI Consulting Solutions LLC
KRI Consulting Solutions LLCKRI Consulting Solutions LLC
KRI Consulting Solutions LLC
 
Governance, Risk Management, and Internal Control
Governance, Risk Management, and Internal ControlGovernance, Risk Management, and Internal Control
Governance, Risk Management, and Internal Control
 
Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018Third-party Governance and Risk Management - 2018
Third-party Governance and Risk Management - 2018
 
Data analytics 2 analytics in the audit slides
Data analytics 2 analytics in the audit slides Data analytics 2 analytics in the audit slides
Data analytics 2 analytics in the audit slides
 
South African Integrity Assessment
South African Integrity AssessmentSouth African Integrity Assessment
South African Integrity Assessment
 
IT Outsourcing Risks In Financial Sector
IT Outsourcing Risks In Financial SectorIT Outsourcing Risks In Financial Sector
IT Outsourcing Risks In Financial Sector
 
2015 IA survey - Protiviti
2015 IA survey - Protiviti2015 IA survey - Protiviti
2015 IA survey - Protiviti
 
Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management Creating Value Through Enterprise Risk Management
Creating Value Through Enterprise Risk Management
 
Exploring Common Paths in Risk Management by Jan Mattingly
Exploring Common Paths in Risk Management by Jan MattinglyExploring Common Paths in Risk Management by Jan Mattingly
Exploring Common Paths in Risk Management by Jan Mattingly
 
How Risk Management Can Improve Governance And Increase Shareholder Value
How Risk Management Can Improve Governance And Increase Shareholder ValueHow Risk Management Can Improve Governance And Increase Shareholder Value
How Risk Management Can Improve Governance And Increase Shareholder Value
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
 
Introducing KRI model know your customers
Introducing KRI model know your customersIntroducing KRI model know your customers
Introducing KRI model know your customers
 
Compliance as Culture Strategy
Compliance as Culture StrategyCompliance as Culture Strategy
Compliance as Culture Strategy
 

Similar to Dimitris Mouzakitis

Enterprise Data World 2018
Enterprise Data World 2018Enterprise Data World 2018
Enterprise Data World 2018jadams6
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data GovernanceDATUM LLC
 
Why GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkWhy GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkPECB
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...DATUM LLC
 
GDPR Compliance with Microsoft 365
GDPR Compliance with Microsoft 365 GDPR Compliance with Microsoft 365
GDPR Compliance with Microsoft 365 ayeshaurooj104
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firmsaccenture
 
Using GDPR to Transform Customer Experience
Using GDPR to Transform Customer ExperienceUsing GDPR to Transform Customer Experience
Using GDPR to Transform Customer ExperienceMongoDB
 
GDPRIBMWhitePaper
GDPRIBMWhitePaperGDPRIBMWhitePaper
GDPRIBMWhitePaperJim Wilson
 
A Brief Overview on GDPR
A Brief Overview on GDPRA Brief Overview on GDPR
A Brief Overview on GDPRNeha Patel
 
What's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesWhat's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesOgilvy Consulting
 
MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017Match-Maker Ventures
 
GDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your businessGDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your businessOlivier BARROT
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesDimitri Sirota
 
The first steps towards GDPR compliance 
The first steps towards GDPR compliance The first steps towards GDPR compliance 
The first steps towards GDPR compliance IT Governance Ltd
 
GDPR for Security Professionals
GDPR for Security ProfessionalsGDPR for Security Professionals
GDPR for Security ProfessionalsSaumya Vishnoi
 
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessGeneral Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessOmo Osagiede
 

Similar to Dimitris Mouzakitis (20)

Enterprise Data World 2018
Enterprise Data World 2018Enterprise Data World 2018
Enterprise Data World 2018
 
7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance7 Key GDPR Requirements & the Role of Data Governance
7 Key GDPR Requirements & the Role of Data Governance
 
Why GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC FrameworkWhy GDPR Must Be an Integral Part of Your GRC Framework
Why GDPR Must Be an Integral Part of Your GRC Framework
 
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
Six Steps to Addressing Data Governance under GDPR and US Privacy Shield Regu...
 
GDPR Compliance with Microsoft 365
GDPR Compliance with Microsoft 365 GDPR Compliance with Microsoft 365
GDPR Compliance with Microsoft 365
 
General Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian FirmsGeneral Data Protection Regulation (GDPR) Implications for Canadian Firms
General Data Protection Regulation (GDPR) Implications for Canadian Firms
 
Using GDPR to Transform Customer Experience
Using GDPR to Transform Customer ExperienceUsing GDPR to Transform Customer Experience
Using GDPR to Transform Customer Experience
 
GDPRIBMWhitePaper
GDPRIBMWhitePaperGDPRIBMWhitePaper
GDPRIBMWhitePaper
 
A Brief Overview on GDPR
A Brief Overview on GDPRA Brief Overview on GDPR
A Brief Overview on GDPR
 
What's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) ChangesWhat's Next - General Data Protection Regulation (GDPR) Changes
What's Next - General Data Protection Regulation (GDPR) Changes
 
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
 
MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017MMV Webinar 1. GDPR Perspectives. November 2017
MMV Webinar 1. GDPR Perspectives. November 2017
 
GDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your businessGDPR what you should know and how to minimize impact on your business
GDPR what you should know and how to minimize impact on your business
 
BigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar SlidesBigID GDPR Compliance Automation Webinar Slides
BigID GDPR Compliance Automation Webinar Slides
 
GDPR for your Payroll Bureau
GDPR for your Payroll BureauGDPR for your Payroll Bureau
GDPR for your Payroll Bureau
 
The first steps towards GDPR compliance 
The first steps towards GDPR compliance The first steps towards GDPR compliance 
The first steps towards GDPR compliance 
 
Gdpr action plan
Gdpr action plan Gdpr action plan
Gdpr action plan
 
GDPR for Security Professionals
GDPR for Security ProfessionalsGDPR for Security Professionals
GDPR for Security Professionals
 
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readinessGeneral Data Protection Regulation (GDPR) - Moving from confusion to readiness
General Data Protection Regulation (GDPR) - Moving from confusion to readiness
 
GDPR Seminar Slides
GDPR Seminar SlidesGDPR Seminar Slides
GDPR Seminar Slides
 

Recently uploaded

18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceSamikshaHamane
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxthorishapillay1
 

Recently uploaded (20)

18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
Roles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in PharmacovigilanceRoles & Responsibilities in Pharmacovigilance
Roles & Responsibilities in Pharmacovigilance
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
Proudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptxProudly South Africa powerpoint Thorisha.pptx
Proudly South Africa powerpoint Thorisha.pptx
 

Dimitris Mouzakitis

  • 1. The Role of Internal Audit in the Implementation of the GDPR Dimitris Mouzakitis – Manager of Governance, Compliance and Risk Management CISM, CRISC, PCI QSA, ISO 27001 Lead Auditor May 25th, 2017
  • 2. WWW.ODYSSEYCS.COM Overview of the GDPR • The General Data Protection Regulation (GDPR) was approved by the European Parliament on April 2016 • Will apply to all EU member states from May 25th, 2018 • Its primary purpose is to protect and provide rights to EU citizens whose data is being collected and/or processed by organizations
  • 3. WWW.ODYSSEYCS.COM Overview of the GDPR - Definitions Personal Data: Any data identifying a living person (directly or indirectly) Applicability: Globally – as long as EU citizens’ data is collected/ processed Breach Notification: Notify the Supervisory Authority up to 72 hrs after being aware of it Opt-in Consent: Shall be clear and personal data shall only be used as agreed Joint Liability: Data Controllers & Processors
  • 4. WWW.ODYSSEYCS.COM Overview of the GDPR Data Subjects (owners of data) may demand: • To know how data was initially sourced • Their data to be updated or even deleted • Right to object to direct marketing • Compensation for damage if data is lost • The Regulator to investigate a concern
  • 5. WWW.ODYSSEYCS.COM Overview of the GDPR Fines for Non-Compliance Up to €20 Million or 4% of annual global turnover (whichever is higher) Fines are likely to be based on: • The volume of data lost • Policies, Procedures and technology in place to reduce risk • Level of Employee awareness Fines are officially published by the Regulator when imposed
  • 6. WWW.ODYSSEYCS.COM The Role of Internal Audit in the Implementation of the GDPR An effective Internal Audit function has the enterprise-wide perspective to help organizations realize and address the needs of the Regulation. In addition, as an independent assurance provider, IA can deliver experience, skills, and knowledge needed to recognize the organization’s security strengths and weaknesses and to test and improve compliance capabilities.
  • 7. WWW.ODYSSEYCS.COM The Role of Internal Audit in the Implementation of the GDPR Internal Audit is not only Auditing… is performing Consulting activities as well • Could identify Risks • Propose better ways and best practices • Offer suggestions for improvement • Co-operate with other Functions/ Departments to find solutions • Elevate issues to a level where they can be corrected
  • 8. WWW.ODYSSEYCS.COM Internal Audit can be involved in the following major tasks towards GDPR compliance: • Work with Management to understand their objectives • Help Management to provide a framework for making appropriate risk-mitigation decisions and building organization resilience • Perform Gap Analysis against GDPR requirements to identify areas for improvement • Perform full/ partial compliance assessment(s) acting as the Regulator The Role of Internal Audit in the Implementation of the GDPR
  • 10. HEADQUARTERS CYPRUS 1 Lefkos Anastasiades str., 2012 Strovolos, Nicosia Tel.: +357 22463600 Fax: +357 22463563 OFFICES GREECE | SERBIA | DUBAI | USA | SOUTH AFRICA