Mini Conference 2021

Mini ISACA Ireland Virtual Conference 2021

Title - Privacy and Data – Minding it and Finding it

24th March 10am 

Welcome and Introduction - 10am 

Martin Davies - 10:15am

Jan 2019 to Present - Chief Risk Officer (PCF-14) for PGIM Private Capital (Ireland) Ltd., a Central Bank of Ireland (CBI) approved Alternative Investment Fund Manager (AIFM). CBI Designated Person (DP) with responsibility for the dual roles of Operational Risk (PCF-39) and Fund Risk (PCF-39) management. Responsibilities include Annex IV & ICAAP reporting, privacy, business continuity, third-party risk, vendor due-diligence and quarterly DP updates to the board of directors.

Topic - Privacy by Design

An introduction to privacy-by-design principals, focusing on practical steps or advice on how to apply these principals to the real-world of today’s privacy regulated environment.

Herman Errico - 10:45am

Herman is a dynamic Practice Manager with a multidisciplinary background in Engineering, Law and Business, working in the field of cybersecurity consultancy. Strategy, automation, and service line development are my main interests, together with a strong passion for business improvement. Herman is currently working as practice manager for EMEA at BSI consulting services in the Cyber, Risk and Advisory team and sitting on the ISACA Ireland Chapter Board as a member.

Topic - Data Protection and “appropriate” information security
The complexity of the current cyber threat landscape is requiring additional focus from organizations to ensure that their cyber security posture has the right maturity to manage cyber risk. In this context it is most relevant to understand what good practice may be used to increase maturity and dynamically manage risk. This presentation aims at covering the current practices in the information security, cybersecurity and data protection space.

Lorna Madden - 11:15am 

Lorna Madden is a barrister practicing in Cork and specialises in employment law and data protection law. She has published articles concerning data protection law and has given several talks on the topic.

Topic - eDiscovery… are you litigation ready 

My talk will address Data Subject Access Requests. In particular I will address the legal obligations when complying with a DSAR, the information involved, the extent of the obligation on the data holder, and exceptions

Daniele Gianni - 11:45am

Daniele Gianni is a business educated versatile computer engineer who works at the intersection of IT and management, introducing novel IT tools and model-based design methods to solve new problems in various domains, such as space, banking, biomedical engineering. Gianni has worked for prestigious institutions in Europe and US, initially in research and more recently in IT management roles. Gianni holds a MS and PhD in Computer Engineering from the University of Rome TorVergata (Italy) and a MBA from Frankfurt School of Finance and Management (Germany). Currently, he is business systems analyst for an EU authority. 

https://www.linkedin.com/in/danielegianni/

Topic -Data Management 
External stakeholders may not only constrain the use of their data to our enterprise, but they also may require essential pre-conditions to be fulfilled for sharing their own data in the first place. For information-intensive enterprises, which heavily depend on other’s data, fulfilling this trust need is a matter of survival for the enterprise itself. Consequently, this need has a crucial and broad impact on all the enterprise governance goals. This scenario is typical of highly integrated supply chains or of supranational (e.g. European or international) federations of national assets sharing sensitive data to implement new capabilities.

In this talk, we will present a model-based methodology that can be used to (i) unambiguously capture data policy requirements from external stakeholders, to (ii) ensure the compliance of the enterprise architecture with the data policy(ies); and consequently to (iii) guide the enterprise governance basing on the information needs. The methodology (already been included in the MITRE’s Enterprise Architecture Book of Knowledge) supports the fulfilment of the COBIT 2019 governance objectives by providing guidance and reference in the implementation of several management objectives. We will briefly discuss how the methodology aligns with and spans multiple COBIT 2019 governance components, and we will specifically focus on how the methodology can contribute to increase the capability level of the processes under the APO 14 management objective.

Garrett Keogh - 12:15pm 

Glen Dimplex  Group Data Protection Lead

A pragmatic data protection and privacy professional. Currently managing Glen Dimplex’s data protection programmes in The EU , UK , North America and Australia.

Topic - Brexit – what now for the Data Dialogue  

This presentation will look at the post Brexit implications on data protection . It will outline the obligations of UK and EU data controllers as well as the future options for a UK/EU data protection relationship .