Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.
  • 6 February 2018 10:32

ISACA Releases Guide to GDPR Implementation as May Deadline Approaches

Publication provides practical advice on adopting and managing GDPR

Sydney, Australia (6 February 2018) — The clock is ticking for organisations all over the globe dealing with European personal data, to begin adopting the General Data Protection Regulation (GDPR), which requires implementation by 25 May 2018. GDPR firmly establishes privacy as a fundamental right. Enterprises face several practical challenges in implementing GDPR within a short timeframe given the wide scope of the new Regulation. To the rescue with practical guidance is the latest publication from ISACA, Implementing the General Data Protection Regulation.

The publication provides a hands-on view of how organisations should approach the challenge of reaching GDPR compliance by the May deadline. The guidance defines what goes into a GDPR program – including identifying and classifying personal data, risk management, governance, internal controls and assurance, security and managing data breaches. Furthermore, the guide provides insights on how to transition an organisation’s initial GDPR program to a full data protection management system (DPMS).

“GDPR not only affects European organisations, but all organisations that deal with any European data,” said Matt Loeb, CEO of ISACA. “Enterprises with a solid governance structure will have an advantage in implementing the regulation, while others might find achieving compliance to be more difficult. No matter where your organisation stands in the process, ISACA offers numerous resources to guide organisations as they adjust to this high-impact regulation.”

ISACA recommends the COBIT® 5 framework to maximise effectiveness and efficiency while implementing GDPR. This framework is a proven foundation for GDPR projects in commercial and not-for-profit enterprises alike.

In the following months, ISACA will provide additional resources to help its global professional community prepare for GDPR, including a series of free GDPR-focused webinars:

• 20 February 2018 – Where Do Cyber-Risks and GDPR Compliance Meet? • 21 February 2018 – Implementing GDPR • 27 February 2018 – GDPR – What You Don’t Know Can Hurt You

Members can earn one CPE by attending each webinar. More information and full webinar listings can be found at

The latest book is available for members at US$25/$50 for non-members and can be purchased at

For additional guidance on privacy and GDPR, ISACA recommends:

• GDPR Data Protection Impact Assessments • Adopting GDPR Using COBIT 5 • Implementing a Privacy Protection Program: Using COBIT 5 Enablers With the ISACA Privacy Principles : • ISACA Privacy Principles and Program Management Guide

### About ISACA Nearing its 50th year, ISACA® ( is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organisations. ISACA leverages the expertise of its 450,000 engaged professionals in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including more than 215 chapters worldwide and offices in both the United States and China.

Twitter: LinkedIn: Facebook: Instagram:

Contact: Julie Fenwick, 0468 901 655, Harriet Hall, 0401 068 041,

Submit a media release