On demand webinars

Boost Operational Efficiency via a Privacy Risk Management Framework

Description

Establishing a privacy risk management framework will enable you to accurately report on the state of your privacy program, pinpoint needed program enhancements or instances of noncompliance, and manage your internal governance in a structured and operationally efficient way. The structure needed within the framework includes aligning 1) the risks your company faces, 2) the controls that mitigate those risks, 3) the laws you are required to comply with, and 4) your own internal policies. This session will provide an orientation to privacy risk management framework use cases and share some considerations for establishing one within your GRC tool.

About the speakers

Michael Lucas is a principal leading Crowe's privacy practice within the Consulting group, with over 17 years of experience serving global clients. Michael has spent his career solving cybersecurity, privacy, and data protection challenges for clients in regulated industries. Michael specifically focuses on the “second line of defense” within organizations — notably CISOs and risk management teams. He has led numerous projects helping clients assess, design, and optimize components of their organization’s cybersecurity, privacy, and data protection programs. Michael's efforts have helped his clients reduce their overall technology risks and better meet their regulatory compliance obligations.

Kristen Rohrer is an experienced manager in Crowe’s Consulting group, specializing in privacy, data protection, and operational process improvement for global clients in regulated industries, particularly the life sciences sector. With over seven years of experience, she adeptly oversees the execution of diverse privacy projects for a range of clients from private companies to large, multinational corporations. Holding certifications as a Certified Internal Auditor (CIA) and a Certified Information Privacy Manager (CIPM), Kristen has found a specialty of assessing companies' compliance with privacy regulations using a comprehensive privacy framework. From these assessments, she assists companies in identifying gaps and crafts strategic next steps to enhance the maturity of their privacy programs. Her proactive approach helps clients not only meet regulatory requirements but also advance their data protection practices. At Crowe, Kristen has played a pivotal role in developing and enhancing privacy control frameworks to ensure compliance with stringent regulations such as GDPR, CPRA, PIPL, and LGPD. Her leadership was influential in mapping global privacy regulations to develop an inventory of Crowe privacy controls, enabling their concise and effective application. A strategic thinker and trusted advisor, Kristen continues to drive value for her clients by seamlessly integrating privacy and data protection principles into their operational frameworks, ensuring both regulatory compliance and operational excellence.

Loading form...