Home > News and Advocacy > Our Presence > Past Events > Year 2018 Events > Learn At Lunch: General Data Protection Regulation for the Internal Auditor

Learn At Lunch: General Data Protection Regulation for the Internal Auditor

In the current business environment where more organisations operate across geographic boundaries, it is inevitable that the enactment of new laws and regulations would impact on them. Therefore, it is important that organisations give due consideration to what these would mean to them. Increasingly, transactions are occurring online and the volume of data flow and its collection are growing at an exponential rate that have given rise to heightened concerns and scrutiny over its management and protection.

About 40 Internal Audit professionals attended a Learn At Lunch talk to understand more about the European Union General Data Protection Regulation (GDPR) conducted by Mr Daryl Pereira, Head of Information Protection and Business Resilience and Head of Cybersecurity Practice Partner at KPMG in Singapore on 12 April 2018. Taking effect in May 2018, the GDPR is designed to harmonise data privacy laws across Europe and protect and empower European Union citizens’ data privacy.

Mr Pereira outlined the wide-reaching remit of the GDPR by giving an overview of what it means for companies in Singapore including the consequences of non-compliance. Singapore’s Personal Data Protection Act, first established in 2012 and currently undergoing review, was also put side-by-side with GDPR to highlight the differences and what organisations would need to consider and implement subsequently.

Ms Emma Haenebalcke from KPMG Singapore with extensive consulting experience in the areas of European GDPR and Singapore PDPA, delved deeper into the principles of GDPR. She offered practical guidance on how Internal Audit can play a key role by building an alliance with the Data Protection Officer and being the organisation’s enabler in GDPR compliance.

It was evident from the numerous questions fielded by participants that more knowledge and clarity on GDPR and its implications was desired, which almost guarantees a high degree of complexity in complying with the 99 obligations when GDPR officially kicks in.

View here for more photos.