ISACA Ireland is delighted to be working with NICVA (Northern Ireland Council for Voluntary Action) & Give01Day to encourage our members and other GRC professionals to Give01Day of their time to help a local charity protect their information. As the umbrella body for the voluntary and community sector in Northern Ireland, NICVA will be encouraging as charities to attend this event so they can discuss their challenges and hopefully be matched up with an experienced volunteer.
The Data Protection Act – What you need to Know
Shauna Dunlop - NI Group Manager, Information Commissioner’s Office
Hear from the Information Commissioner’s Office (the ICO), the independent UK Regulator for the Data Protection Act 1998 (the DPA) about what charities and organisations in the community sector need to know about the legislation. The DPA gives individuals a right to privacy as well as provides organisations with a set of principles for how personal data must be looked after. This session will explain what personal data is as defined within the law and outline how an organisation is expected to look after it. Failure to understand and comply with the DPA may result in enforcement action being taken by the ICO, which includes in very serious cases, a civil monetary penalty of up to £500,000. This session will also provide an update on what is happening with Data Protection Reform and provide information on the laws relating to direct marketing which are regulated by the ICO.
How Charities can use Volunteers to Protect Data and their Reputation
Amar Singh - Founder, GiveADay
Charities hold extensive personal and sensitive information about their clients, supporters as well as employees, but frequently lack the resource expertise to adequately protect this information. In trying to maximise their support reach for front-line clients, they are vulnerable to trust and reputation in cases of cyber-attacks as well as legal damages (in cases privacy and data protection insufficiencies). The primary goal of which is start a conversation which will ultimately result in matching local charities up with local experienced professionals willing to volunteer one day of their time to help / advise them. Information Security, Cyber, Incident response, Governance Risk and Compliance (GRC), Assurance, Data Privacy etc professionals have the potential to make a real difference by helping charities plan and respond to cyber threats.
Shauna Dunlop is the Group Manager (Policy and Practice) with the Information Commissioner’s Office (ICO) in Northern Ireland. The ICO is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. The ICO office in Belfast, which has a dedicated helpline deals with enquiries and issues raised at a local level as well as advising on policy and practice matters relating to information rights within the Data Protection Act 1998 and the Freedom of Information Act 2000. Shauna, who has joined the ICO recently, has over 15 years senior management experience in many sectors both in a Northern Ireland and UK wide context including education, transport and the community and voluntary sector and has worked within legislative and policy environments for over a decade.
Amar Singh is an Information Security GRC Expert, founder of GiveADay and the Cyber Executive Bootcamp Series. Chair of ISACA's Security Advisory Group and is regularly quoted in the media. He is sought after to speak and share his insights by some of the largest and most respected organisations in the world. A business focused, sector independent, trusted advisor and consultant, Amar Singh has more than 16 years experience in information & cyber security, data privacy, project delivery, policy and operations. Amar is engaged as a trusted advisor and interim C level executive by organisations to help reduce their risk exposure, deploy post incident remediation, build security teams, increase cyber resiliency and mature their information security and data privacy posture. Amar's client profile includes News International (now News UK), Siemens, the BBC, Reuters, BP, ATOS, Gala Coral, Cable & Wireless, SABMiller and other big names.
When & Where
ISACA Ireland provides regular seminars & workshops to support Information Security, Audit, Control, Data Privacy, Governance, Risk & Compliance (GRC) practitioners. Events are primarily organised for members along with guests, but non-members are generally welcome provided they do not engage in any overt marketing activities.
ISACA and the Local Chapter (ISACA Ireland) are vendor neutral organisations which do not endorse specific vendors. As an independent, nonprofit, global association, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.