REGULATION READY? Auditors can help their organization navigate the European Union's General Data Protection Regulation, coming in May, says Donna Gracey, data protection officer and internal auditor for the U.K.'s Punch Taverns.

Position::Practices/Update - Brief article

How can internal audit help the organization understand the requirements of the General Data Protection Regulation (GDPR)?

The most important part auditors can play is to offer expertise, where possible. In my company, I am responsible for internal audit and data protection; therefore, it was important that I understood GDPR as much as possible and how it would affect the way we do things. I then raised awareness across the business to help each department understand what it needed to do to be fully compliant with the new regulations.

Another important part was to make people comfortable enough to share any concerns they had with existing procedures so we could correct those while working toward...

To continue reading