Skip to content

White Label

Our Blog

Puzzle
DPAs

Tips for negotiating Data Processing Agreements

As a data protection professional, you will often find yourself being part of large contractual negotiations, where you will be responsible for data processing agreement. Therefore, please find below a few tips on how to prepare for a (re-) negotiation of data processing agreements to achieve the best possible outcome of these. First of all, know the party on the

Read More »
Risk

Managing Security and Privacy Risks

As cyber security risks increase and new data protection requirements surface, navigating the privacy and security landscape has become ever more onerous and demanding.Even in organisations with well-established and mature enterprise risk management programs, keeping your risk picture updated and actually having your identified risks under control have become an arms-race. Below, I will share a few risk-reducing steps that

Read More »
Governance Program
Governance

5 tips for an effective Privacy and Security Program

Bringing your privacy and security program to life involve turning the principles and activities outlined in the framework into concrete actions and processes that can be implemented in practice within your organisation. This typically involves defining clear roles and responsibilities, establishing clear lines of communication and decision-making, and setting up systems and processes for monitoring and ultimately enforcing compliance with

Read More »
Global
digitalrisk

The Conundrum of Handling the Challenge of Third-Party Digital Risk Management (Part 3)

SECURING THE RIGHT VENDORS IN THE CYBER SECURITY AND DATA PRIVACY DOMAINS Digitalization forcefully accelerates the adoption of platforms and devices that allow sensitive data to be shared with third parties, such as cloud service providers, data aggregators, application programming interfaces (APIs), and other technology-related intermediaries. In essence, this propagates the need to know and track vendors much more diligently,

Read More »
Governance Program
ciso

ISO/IEC 27001:2022 Updates

ISO/IEC 27001 is widely known as the de facto information security standard that specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system.   The first version of ISO/IEC 27001 was published in 2005, which evolved from the BS 7799 standard. In the final months of the second iteration published in 2013, the updated version was

Read More »
Data Transfers
digitalrisk

The Conundrum of Handling the Challenge of Third-Party Digital Risk Management (Part 2)

ADDRESSING THE CHALLENGE OF CONTINUALLY MITIGATING DIGITAL RISK Within the blog post series, “The Conundrum of Handling the Challenge of Third-Party Digital Risk Management”, this week we will visit the matter, “Addressing the Challenge of Continually Mitigating Digital Risk”, after addressing the different angels of the “Problem Statement” in the previous blog post within this series. Largely, we will address the

Read More »
cyberresilience

The Conundrum of Handling the Challenge of Third-Party Digital Risk Management (Part 1)

INTRODUCTION Over the coming three weeks, White Label Consultancy will publish three blog posts on the topic of third-party digital risk management, taking the customer and organization perspectives, which will emanate in a white paper that will be shared in three weeks. This week’s blog post will be about the “Problem Statement” of digital risk management, highlighting starting points and

Read More »
Global
Privacy

Saudia Arabia Data Protection Law 

Introduction   The Kingdom of Saudia Arabia new has adopted new Personal Data Protection Law (PDPL) to regulate personal data processing and prevent personal data abuse in line with the goals of the Kingdom’s Vision 2030 to develop a digital infrastructure and support innovation to grow a digital economy. PDPL has many similarities with various national and international data protection regulatory

Read More »
GDPR

Privacy Policy – why does it matter?

Nowadays there is often a lack of understanding of why and how privacy policy is important for any organization that processes personal data.  This blog post sheds light on the notion of the privacy policy, its importance, structure, and enforcement. Hopefully, after reading this blog you will be able to understand the reasons why privacy policy should be considered as

Read More »
Governance
DPO

Data Protection Officer or Chief Privacy Officer?

The rise of the Data Protection Officer In the final months of preparation for GDPR, Europe witnessed the proliferation of a new work function. All over Europe organisations were appointing data protection officers to ostensibly achieve compliance with the new regulation. A lot of water has passed under the bridge since then. Organisations have now had the opportunity to work

Read More »