Business Assurance - Viewpoint

Privacy & Information Security

Business enabler or innovation barrier?

Leaders' features

Privacy management as part of business strategy

Personal data protection is strategic for leaders and not merely a matter of compliance.  They may also be motivated by market drivers: 70% for issues of brand protection, 73.3% in response to customer pressure.  They have a far greater perception of the potential benefits and indeed 45% view it as a business enabler. 

Good risk management skills

Leaders know how to manage risks better than other companies, not least those risks which involve “human factors”.  Management and employees alike reveal higher awareness and can draw on appropriate legal and technical competence.

Higher investments

Leaders invest more than others, especially in staff training (50%), risk assessment (46.7%) and data mapping (30%).  It is noteworthy that IT security enhancement , staff training  and risk assessment  are similarly prioritized.

Clear objectives and mastering of regulations

Leaders are twice as confident in defining where to focus their attention on data protection.  They also register significantly below average rates for perceiving a lack of support and guidance from authorities (23.4%) and for concerns in interpreting the rules on personal data protection (14.9%).

Competence and competitive advantage

Leaders know how to deal with data protection and value the competitive advantage that comes from correct and effective management of personal data (60.3%).

Defined roles and responsibilities

Leaders define roles and responsibilities for privacy management in their organizations.  Three out of four have formally appointed a Data Protection or Privacy Officer. 

Benefits from new digital technologies

Leaders acknowledge that new digital technologies such as big data analytics, IOT (Internet of Things), sensors, blockchain and smart tags might pose certain risks; however the associated benefits are recognized to a larger degree (30% which increases to 35% when viewed over a two-year timescale).

Privacy regulation - not a limit

Leaders master regulation and see it less as a curb on innovative projects than the sample average. For 30% it represents no limit at all.

Finding valid support in certification

More than 75% of leaders acknowledge the value of certification for addressing the different issues related to privacy management.

Further investments in the near future

More than nine leaders out of ten plans to maintain or increase investments in data protection in the next 12 months.