Organizations often struggle to manage the data collected and processed by them; and thereby fail short of setting-up a repeatable data retention and destruction hygiene.
Data is doubling in size every two years and the digital universe is getting bigger like never before. On one end of the spectrum, the fading organizational boundaries, persistent online lifestyle, and comingling of social and business data, are shaping the new norm of life, by which, organizations are transformed into refineries of data; whereas on the other end, there are data retention and disposition obligations across jurisdictions which organizations need to comply to. Organizations often struggle to better govern and manage the structured and unstructured data stored and processed by their operations; and thereby fail short of setting-up a data retention and destruction hygiene.
Lack of defensible data destruction or excessively long retention of records is in conflict with the information governance practices and risks the organizations’ ability to fulfill legal, regulatory or business obligations. A defensible data retention and destruction capability is key to demonstrate compliance with regulations such as General Data Protection Regulation (GDPR) and the California Consumer Privacy Act. Additionally, from a risk perspective, the data processed on defenseless information systems are data waiting to be stolen by an emerging class of crime groups. The session provides practical approach for modelling and implementing a defensible data destruction strategy for structured and unstructured data.
- Interpret the key building blocks of defensible data minimization program and the art of possibilities in modelling a data retention and deletion strategy
- Describe the data retention and deletion workflow from a governance, process and technology standpoint and associated operating model for sustaining data minimization strategy
- Demonstrate compliance with legal, regulatory obligations such as General Data Protection Regulation (GDPR) and the California Consumer Privacy Act of 2018
- Review real life scenarios on executing data retention and destruction, including common pitfalls and the learning from trenches
Principal, Cyber Risk
Grant Thornton LLP
Sudhakar Sathiyamurthy, CISA, CGEIT, CRISC
Senior Manager, Cyber Risk
Grant Thornton LLP
Recommended Field of Study: Business Management and Organization
Program Level: Overview
Delivery Method: Group - Internet
If you have any questions or encounter any difficulties while enrolling, please contact technical support via phone at +1 877 398 9939, via email at GTWebcast@centurylink.com
, or visit our webcasting frequently asked questions page
If you have any questions regarding CPE credit, please contact CPE support via phone at +1 630 396 5831, via email at CPEEvents@us.gt.com
, or visit our webcast CPE information page