GDPR, CCPA and the Impact of Evolving Global Data Privacy Regulations on Internal Audit
August 20, 2019
1:00–2:00 p.m. ET
Emerging global data privacy regulations such as the GDPR, CCPA, and LGPD constitute a “third wave” of corporate security and privacy risk that most companies don’t fully appreciate yet. With penalties potentially ranging into the billions of dollars for non-compliance with privacy regulations, even when no data breach is involved, privacy is rapidly becoming a Board-level issue that Internal Audit must assess. In this session, we will cover the latest updates and emerging trends in this emerging regulatory landscape, and present practical approaches for Internal Audit to consider.
This webcast will enable participants to:
- Explain the risk posed by these new privacy regulations
- Effectively audit compliance and assess risk
- Navigate available resources to stay up to date in this evolving field.
Topics/Key Words will include:
Course Duration: 1 hour
CPEs Available: 1
Knowledge Level: Basic
Field of Study: Specialized Knowledge
Advance Preparation: None
Delivery Method: Group Internet Based
Charles Barley, Jr.
Principal, Risk Consulting, RSM
Charles is responsible for the delivery of governance, risk and compliance (GRC) services. He has over 16 years of consulting experience and has served several multinational financial services and public sector organizations. Charles also focuses on leading practices as they relate to information technology- (IT-) enabled internal audit services, enterprise risk management, internal controls design, information security governance, enterprise architecture, application controls reviews, business intelligence and GRC solution implementations. Charles has led a number of data protection assessments and policy development engagements, which focused on security governance, data privacy, information classification and handling and overall data protection processes. He also serves as the Mid-Atlantic IT risk leader, where he facilitates clients’ development and implementation of effective enterprise IT risk management practices across the greater Washington market.
Prior to RSM, Charles served as the global director of IT audit with a major hotel franchise, where he was responsible for establishing and leading the global IT risk and audit function for the organization and supporting the initial public offering (IPO) and Sarbanes-Oxley (SOX) readiness activities. Prior to that, Charles was with a Big Four, where he served as the east central IT audit solution leader and the data privacy champion. He was responsible for developing an integrated go-to-market strategy for both service lines across global organizations.
Director, Risk Consulting, RSM
Alain provides security and privacy consulting to clients in a broad spectrum of domains, including privacy governance, security assessments, risk management, penetration testing, compliance frameworks and strategic advisory services. He serves as national lead for data privacy consulting services, supporting client teams with a wide range of compliance program matters for GDPR, CCPA, and other privacy regulations. He has also led large-scale engagements to design and develop the security programs for some of the country’s largest corporations, developing cost-effective security program road maps that demonstrably improve the organization’s maturity. He has also led major litigation support security engagements following some of the most visible data security breaches, supporting legal counsel with comprehensive assessments leading to dismissal of class and regulatory actions. He focuses primarily on retail, health care and financial organizations. Alain has 30 years of experience in a wide array of information systems, information security, and data privacy disciplines.
Alain leads RSM’s security and privacy risk consulting practice in New England and RSM US’s data privacy service offerings nationally. He is a frequent presenter at a variety of industry organizations, panels and webcasts, as well as a frequent contributor to various publications.