Practical Steps to Conducting an ISO 27701 Gap Analysis

Why Should You Attend:

Data breaches have been skyrocketing and concurrently diminishing privacy trust. Personal identity information is among the most valuable intangible assets individuals ever own. Yet, technological manipulation constantly enables privacy invasions. While some privacy invasions are unintentional, and others are intentional but well-meaning, they diminish individuality and threaten inalienable rights established in most democratic governments. Entities utilize gap analysis to achieve specific objectives; while inscribing best-practice solutions to reduce the risk of inappropriate responses to environmental conditions.

Under current business environment conditions, an imperative is to achieve internal and external process integration alignment with appropriate information security controls. Legally, within an entity’s information security control system, explicitly or implicitly, management as a fiduciary agent is responsible and accountable for deploying controls that prevent, deter, detect, and correct privacy breaches as mandated by laws and regulations. Practical privacy protection gap analyzes can illuminate necessary controls and potential government sanctioning as well as deployment weaknesses.

Creating value from intellectual and knowledge-based assets frequently encompasses systematizing what employees, partners, and customers know, then sharing the resulting information to devise or engage best privacy protection practices. In planning best practices, a gap analysis should be a core privacy protection component. An IT privacy protection gap analysis is a method of assessing the differences in performance between an organization’s information systems or software applications to determine whether they meet business environment requirements. If the IT privacy protection does not meet expectations, management must decide what steps are necessary to ensure successful deployments.

Join us as Dr. Davis covers what privacy gap analysis is, whom it affects, and what fundamental obligations it places on enterprises. Additionally, Dr. Davis will help you assess your organization’s privacy protection readiness under the ISO/IEC 27701:2019 and determine the most suitable strategies to minimize risk exposure.

Areas Covered in the Webinar:

• An overview of personally identifiable information
• How an ISO/IEC 27701:2019-aligned ISMS can support privacy protection
• The primary risks associated with privacy data breaches
• Critical actions in the event of a privacy data breach
• The technical requirements to achieve ISO/IEC 27701:2019 integration
• The organizational necessities to achieve ISO/IEC 27701:2019 integration
• The benefits of implementing an ISMS
• Practical advice on how to improve your ISMS deployment congruent with the ISO/IEC 27701:2019 standards

Who Will Benefit:

• Chief information security officers
• Information security directors
• Data governance and management professionals
• Staff attorneys
• Privacy and compliance professionals
• Human resources professionals
• Risk management professionals and auditors tasked with compliance and risk transfer
• Data protection officers
• Chief information officers
• Chief technology officers
• Internal audit managers and staff
• IT security officers
• IT personnel, data consultants, and project managers involved in data protection, information security, or cybersecurity issues

Robert E. Davis
Professor, Temple and West Chester University

Dr. Robert E. Davis obtained a Bachelor of Business Administration in Accounting and Business Law, a Master of Business Administration in Management Information Systems, and a Doctor of Business Administration in Information Systems Management from Temple, West Chester, and Walden University; respectively. Moreover, during his twenty years of involvement in education, Dr. Davis acquired Postgraduate and Professional Technical licenses in Computer Science and Computer Systems Technology.

Dr. Davis also obtained the Certified Information Systems Auditor (CISA) certificate — after passing the 1988 Information Systems Audit and Control Association’s rigorous three hundred and fifty multiple-choice questions examination; and was conferred the Certified Internal Controls Auditor (CICA) certificate by the Institute for Internal Controls.

Since starting his career as an information system auditor, Robert has provided data security consulting and IS auditing services to corporations as well as other organizations; in staff through management positions. Before engaging in the practice of IS auditing and information security consulting; Robert (as a corporate employee) provided inventory as well as general accounting services to Philip Morris, USA, and general accounting services to Philadelphia National Bank (Wells Fargo). Furthermore, he has prior experience as a freelance writer of IT audit and information security training material.

Dr. Davis received recognition as an accomplished, energetic auditor, author, and speaker with a sound mix of experience and skills in monitoring and evaluating controls. Based on his accomplishments, Temple University's Fox School of Business and Management Alumni Newsletter, as well as The Institute for Internal Controls e-newsletter featured Dr. Davis. Furthermore, he is an Advisory Board Member of The Institute for Internal Controls, the first and inaugural Temple University CISA in Residence and a founding Temple University Master of Science in IT Auditing and Cyber-Security Advisory Councilmen. Last, he accepted invitations to join Delta Mu Delta International Honor Society, the Golden Key International Honour Society, the Thomson Reuters' Expert Witness List, the IT Governance LTD expert panel, as well as the International Association of IT Governance Standards honorary membership group.

Follow us :