Privacy Compliance structures

The purpose of this survey is to gain an understanding of how organisations are looking after their privacy compliance and privacy risks, in terms of the structure of teams and relationships.

As this initial survey is a bit of a fact finding mission to understand what multiple choice options we can explore, we are asking initially for written feedback.

In this question we are after a bit of a description for things like the following:
Who does the core of the privacy compliance management work (line 2) - the support, monitoring, education etc?

Who has accountability for privacy compliance in the business and who do they think they liaise with?

Is there someone different looking after data in the organisation (are they a line two function as well?) and do they liaise with the privacy compliance line two staff?

Is privacy a specialised team or is it part of core compliance and where and how does it work with risk managment in line two?

Does the team/person/s responsible for privacy compliance and/or data privacy report or work closely with any other areas of the business and are they considered line two or one?

All of this feedback will be incorporated into a wider survey to gather some intel about how organisations are looking after 'privacy' (as a very broad heading) and where the risks remain, with hopefully some valuable insights we can all benefit from!

Question Title

* 1. What are the checks and balances for your privacy compliance?

For example: Is the framework audited or reviewed periodically? Are the controls tested? What kind of attestations are you using? Is there any reporting or monitoring?

Question Title

* 2. Can you broadly describe what is in your privacy compliance framework?

Question Title

* 3. Do you have an underlying risk assessment (or more than one)?

Question Title

* 4. Do you have policies?

The following questions will help us get a feel for how privacy compliance works in your organisation:

Question Title

* 5. Who looks after your privacy compliance?

We're looking for things like - do you have a 'special' team? Is it part of the whole compliance line two responsibilities? Does the marketing team think they do it? Do the business units think they do it? Who actually looks after the obligations?

Question Title

* 6. Do you have KPI’s for in particular management around privacy compliance?

Question Title

* 7. What is your sector?

Question Title

* 8. Does your organisation make a distinction between privacy compliance with personal information and data privacy?

Question Title

* 9. Do you have training?

Question Title

* 10. What is the size and nature of the organisation?

Question Title

* 11. What do you want to know more about in regard to privacy, what are your concerns about?

Question Title

* 12. Any other comments you wanted to add?

Question Title

* 13. What is the reporting line for the privacy compliance?

Privacy Compliance structures

Question Title

* 1. What are the checks and balances for your privacy compliance?For example: Is the framework audited or reviewed periodically? Are the controls tested? What kind of attestations are you using? Is there any reporting or monitoring?

Question Title

* 2. Can you broadly describe what is in your privacy compliance framework?

Question Title

* 3. Do you have an underlying risk assessment (or more than one)?

Question Title

* 4. Do you have policies?

Question Title

* 5. Who looks after your privacy compliance?We're looking for things like - do you have a 'special' team? Is it part of the whole compliance line two responsibilities? Does the marketing team think they do it? Do the business units think they do it? Who actually looks after the obligations?

Question Title

* 6. Do you have KPI’s for in particular management around privacy compliance?

Question Title

* 7. What is your sector?

Question Title

* 8. Does your organisation make a distinction between privacy compliance with personal information and data privacy?

Question Title

* 9. Do you have training?

Question Title

* 10. What is the size and nature of the organisation?

Question Title

* 11. What do you want to know more about in regard to privacy, what are your concerns about?

Question Title

* 12. Any other comments you wanted to add?

Question Title

* 13. What is the reporting line for the privacy compliance?

* 1. What are the checks and balances for your privacy compliance?

For example: Is the framework audited or reviewed periodically? Are the controls tested? What kind of attestations are you using? Is there any reporting or monitoring?

* 5. Who looks after your privacy compliance?

We're looking for things like - do you have a 'special' team? Is it part of the whole compliance line two responsibilities? Does the marketing team think they do it? Do the business units think they do it? Who actually looks after the obligations?