The (ISC)² EMEA Advisory Council GDPR Task Force has published an overview of the basics that can be used as a tool to help everyone understand and communicate the scope of what is required.
This document was prepared by members of the (ISC)2 EMEA Advisory Council GDPR Task Force. Lead Contributors: Yves Le Roux, CISSP, CISM; Paul Lanois, CCSK, CIPM, CIPT, CIPP (A, E, US and C), FIP, CISMP and LLM.
Reviewed by Dr. Adrian Davis, MBA, FBCS CITP, CISSP; Sam Berger, CISSP; Michael Christensen, CISSP, CSSLP, CISM, CRISC, CIS LI, EU-GDPR-P; CCM, CCSK, CPSA, ISTQB, PRINCE2, ITIL, COBIT5; Ramon Codina, CISSP; Santosh Krishna Putchala, CISSP
This is great.
May I ask if you know how I could get involved and be on the, "(ISC)2 EMEA Advisory Council GDPR Task Force"?
I am based in Hong Kong and GDPR is one of the key focus areas of my current work (as well as China Cyber Security Law) and it is impacting many international organizations around the world. I have also presented this topic and cyber security at ISACA's Chapter, and hosted several GDPR events with the company I work for.
Would love to hear from you, to see how I could contribute / assist from an "Asia Pacific" perspective.
CISSP, CGEIT, CRISC, CISM, CISA, CEH, CNDA, CSM, ITIL
This is a really good, punchy paper that lays out the implications of the GDPR very nicely. It's also helpful that it comes with the (ISC)2 imprimatur rather than that of an organisation that has a related product or service to sell. Thank you - I shall be putting it to use.
Consent is required for the likes of Google Analytics but this is under the e-Privacy directive. With cookies I think this directive takes precedence over the Electronic Communications Directive. The e-Privacy directive will be a regulation roughly at the same time as the GDPR if the EU has its way...
I also echo jasonlau88's request to see if I could be added to the "(ISC)2 EMEA Advisory Council GDPR Task Force" or participate in discussions. I work for a global cloud-based company that is working to comply with the GDPR as well and would love to work with the group to determine how to approach this regulation.
As a service to the Dutch and Flemish communities I prepared a Dutch translation, which I gladly will post wherever the authors feel it is appropriate. Authors, please contact me for further details so we can make arrangements.
If you quoted the origin, the GDPR Task Force has decided to authorize any use of this paper for (ISC)² chapters. Consequently, any translation will be apprciated...
It may be interesting to have an open discussion upon GDPR Implementations in this community....