Conducted last month and published on May 16, ISACA’s GDPR Readiness Survey provides a near-real-time look at readiness levels, top compliance barriers and expected readiness timeframes.
Not only are most unprepared for the deadline, but only around half of the companies surveyed (52 percent) expect to be compliant by end-of-year 2018, and 31 percent do not know when they will be fully compliant.
According to ISACA’s research, the top five challenges related to GDPR compliance are:
- Data discovery and mapping (59 percent)
- Prioritizing GDPR compliance among other business priorities (47 percent)
- Organizational education and change programs (45 percent)
- Ensuring cross-departmental collaboration and buy-in (42 percent)
- Preparation for data subject access or deletion requests (37 percent)
Cost was the seventh-highest concern, at 32 percent. About 27 percent say it will cost under US $1 million to become GDPR compliant, with 15 percent spending $1 million or more. More than half of the business technology professionals surveyed were unsure how much their organizations would be spending.
Organizations also expect to achieve significant benefits from GDPR compliance. The top three anticipated positive outcomes are:
- Greater data security (60 percent)
- Improved business reputation (49 percent)
- Marrying data security best practices with corporate culture (43 percent)