Jeff Sanchez, Protiviti Managing Director, Technology Consulting and Andrew Struthers-Kennedy, Protiviti Managing Director, IT Audit Global Leader
It is estimated that companies in Europe will hire 28,000 data protection officers (DPOs) to comply with the General Data Protection Regulation (GDPR); and that’s just one of the changes companies will have to make. The cost of complying is estimated at more than $1 million for 17 percent of U.S. companies.
This article focuses on GDPR’s implication for internal audit specifically. The internal audit function, by virtue of its deep departmental access, compliance and risk knowledge, and board-level credibility, can play a significant role in both preparing for the change and monitoring compliance after the law is enforced, beginning May 25, 2018.