Whole Day Online Conference On Topical And Timely

Global Whistleblower Issues 2023

10:00 AM to 3:30 PM CEST



09:30-09:45 Introduction To The Online Conference And The Topics And Speakers
Kersi F. Porbunderwalla, President and CEO, The EUGDPR Institute
Documenting GRC/GDPR  Compliance.
  • How to develop a practical approach to writing policies and procedures?
  • How to embed smart controls and roles in policies and procedures: – get tips and a tool to facilitate the operation and formalisation of tasks and controls –
  • Develop a template for a policy and waiver management policy
Kersi Porbunderwalla. President and CEO. The EUGDPR Institute
GDPR, Data Privacy and Protection: from  a Data Subject and Consumer perspective
  • Focus on reputation and damages
  • Update on European class-action suits
Lorenza Villa, Lawyer – GDPR Consultant & Data Protection Officer

DSARS: Utilising Privacy Automation to Build a Measurable ROI Program

  • How to discover, classify and automate your data processes to streamline records of processing activities​
  • How to deal with DSARs and automate the process to reduce manual labour, time tis is taken and employee frustration ​
  • How to adapt consumer rights processes to employees
The new directives from the EU.
  • E-Privacy Directive (cookie directive). Cookie and ePrivacy:
  • NIS Directive; cybersecurity, network security
  • The Digital Services Act (DSA)/
  • Digital Markets Act (DMA):
  • Safe digital space to protect the fundamental rights of all users of digital services


Prof. Hernan Huwyler, Global Risk Officer, Milestones group
12:10-12:55 Data Transfer Risks, Gaps and the Impact of IT Digitalization and Future markets

  • Data Transfers Globally to the US and the EU
  • Impact and risk assessments and GDPR processes to normalise business operations

Darine Fayed, DPO, Mailjet by Sinch

12::55-13:15 Break


What are the Fundamental GRC and IT problems in diverse organisations
  • What is IT risk management in critical IT Infrastructure?
Michał Jezierski, Chief Compliance Officer @ Grupa Kęty S.A.
13:50-14:30 Using Execution and Effectuation to Inspire Governance, Risk Management and Compliance Transformation

  • What is effectuation, and how can you use it at the board and management level to implement change?
Prof. Emmanuel Fragnière, Director of the CAS HES-SO in Treasury Management at the University of Applied Sciences and Arts Western Switzerland Valais (HES-SO Valais-Wallis)
14:30-15:30 GDPR’s global extraterritorial scope and Update on the Global GDPR Mandates
Edward King Onyenweaku of The GXTI, Lagos, on the African Privacy Mandates
Amit Kharkhanis, Partner. Update on the Indian Personal Data Protection Bill
Final Questions From The Audience and Participants, Answered By The Panel Of All Speakers.
Enhancing and Structuring  The GDPR Journey
  • Move the project to a permanent function
  • Build a data privacy culture and active awareness
  • What does it take to succeed in the implementation/Execution and monitoring hase?

All Speakers


The annual Nordic GRC and IT Security online conference will bring together compliance, risk, and audit executives from corporations from the Nordics and around the EU. The online conference agenda will feature keynote panels, presentations, and breakout sessions, including multiple Q&A opportunities.

This is an overall general preview of the 2021 GDPR, GRC and IT Security online conference schedule, curriculum and program, with inspiring Governance, Risk Management, Compliance and IT-Security (GRC) topics and issues during the plenum, parallel workshops and breakout -sessions at the online Annual  GRC summit.

The 14th Annual GDPR/GRC online summit is known for abundant expert speakers, attendee dialogue and participation, productive debate and knowledge sharing. We will conduct a series of surveys with interactive voting on some GRC/GDPR and IT security issues for table discussions on the spontaneous results during the sessions.

The conference attracts governance, compliance, risk, audit, IT and legal executives from worldwide corporations. Besides plenum and keynote speakers, we have concurrent panel discussions, workshops, parallel sessions and presentations that deliver high-quality GRC content to suit all trades.

At the conference, 15+ speakers and panellists will display their GRC and IT Security expertise and offer analysis, views and predictions on what might lie ahead for the enforcement and regulatory climate related to governance, risk management, compliance and IT security officers and their teams.


  • GRC, GDPR and IT Strategy
  • Compliance in Cybersecurity
  • Business Continuity
  • Policies, objectives Governance, Risk Management, Compliance and GDPR
  • Ensure Effective Management and Adequate levels of GRC, GDPR Resources and Compliance
  • GRC, GDPR and IT Legal Issues
  • Assess the performance of HR, Marketing, and GRC departments
  • Data, Information and Cyber Security Compliance

Introduction to Global, GDPR, Data Privacy, Cyber Security and Data Protection Issues

  • GDPR: the story so far�Where are we now
  • The new data protection Landscape
  • Data protection: a consumer perspective
  • Addressing the subjectivity of GDPR
  • Shifting GDPR from project to production
  • Creating a data privacy culture in your organisation
  • Using GDPR to propel the business forward
  • An international approach to data protection
  • The new black: how data is the unique competitive advantage

GDPR Components and Issues

  • Practical implications of privacy and GDPR delivery
  • The disaster recovery: get back up and running as fast as possible
  • Protecting data privacy and consumer rights
  • Managing cross-border compliance
  • Managing SARs and individual rights
  • Data breach prevention and response
  • Managing consent: increasing revenue, trust and transparency
  • Subject access rights: GDPR implementation guide Continuing the GDPR compliance journey
  • Challenges to data profiling under GDPR
  • The Key components of third-party data Compliance

Global Compliance Issues

  • NIS (network and information systems) directive: compliance and guidance
  • The ISF Standard of Good Practice for Information Security and its role in developing data protection frameworks
  • Face recognition technology in the context of GDPR
  • What’s ahead for ePrivacy regulation
  • ePrivacy: how to align with GDPR, PECR, NIS and other compliance mandates
  • The future of marketing and data protection and ePrivacy

Global GRC and GDPR Marketing

  • Creating a compliant brand data strategy for competitive advantages
    • How data can be used and its impact on brand behaviour
  • Marketing and advertising in a regulated GDPR landscape
  • Marketing, legitimate interests and concerns around consent
  • PR in breach responses: how companies can deal with them effectively
  • GDPR and direct marketing: what you need to know
  • Opportunities and challenges for marketers
  • The future of advertising post-GDPR implementation
  • Marketing technology: the role in GDPR compliance
  • The rise of contextual advertising at the expense of personalised advertising


  • Achieving a robust cybersecurity policy:
  • The emerging security threat landscape
  • The future of cybersecurity
  • The state of cybercrime and the elusive cyber criminals: targets and tactics
  • What are the latest developments in cybersecurity?
  • Hacking and cybercrime: what you need to know
  • Cybersecurity breaches: how to deal with them effectively
  • Cybersecurity and BYODs: managing the internal threat
  • Emerging tech trends transforming cyber and privacy

Global GRC and GDPR in Financial Services

  • GDPR for financial services � compliance burden or a chance to build customer trust?
  • GDPR and anti-money laundering compliance
  • The changing landscape of financial services related to GDPR
  • Data Privacy and Data Protection Challenges and strategies for MiFID II
  • The outlook for regulation in financial services
  • What are the implications of PSD2 and open banking for organisations? Cryptocurrency and GDPR developments
  • RegTech and the Nexus with Data Protection
  • How PSD2 can assist with third-party regulatory obligations Fighting against financial crime
  • Increased security requirements for KYC data PSD2 vs GDPR: the other side of the argument

Global GRC and GDPR, Cloud, Data, IT, Bigdata and Technology

  • Is all data the same? assessing the content of big data for security purposes
  • Data Loss Prevention: Protecting the data that matters
  • Aligning emerging technology in the context of Compliance data protection
  • Technology: reshaping the data protection landscape
  • The latest developments in cloud technologies
  • Technology, GDPR and cross-border data transfers
  • Cloud Security and incident reporting under the NIS directive
  • Aligning technology for data protection
  • Emerging tech trends transforming data protection
  • Securing your network with cloud containers
  • Managing your data through IoT and data protection

Global GRC and GDPR IT and Data Governance Issues

  • The impact of GDPR on the Stakeholders
  • Crisis management: leadership, PR and social media
  • Regaining trust with all stakeholders: change in attitudes towards data Governance, privacy, and ethics
  • The new realities of data governance in a regulated world
  • Protection of intellectual property and trade secrets from insiders
  • GDPR’s effect on global data protection policies
  • GDPR and the updated components of accountability, trust and transparency

Global GRC and GDPR Risk Management Issues

  • Qualitative and Quantitative approaches to information risk assessments
  • Integrate Risk Management as the Single Source
  • Risk Management Across Borders
  • The importance of BYOD policies in managing data protection risks and compliance
  • Role of the data protection officer and the shift towards evidence-based compliance
  • Assessing your GRC, Cyber and GDPR vulnerabilities: a risk management perspective

Case Study

  • Key learnings from infamous data breaches
  • GDPR journey post-implementation: a case study
  • A case study in IT, Data and Cyber Security Assurance � the business value proposition.
  • Response and recovery planning: a case study

Future, Cyber Security, Blockchain, AI

  • Privacy challenges and solutions for blockchain
  • GDPR and the future of RegTech, risk management and cybersecurity
  • The end of personal privacy and data protection over the next three years
  • What are a lot of cloud technologies and data protection
  • Artificial intelligence: privacy concerns and solutions
  • The Future of GDPR and Data Privacy using Blockchain technology
  • Decentralising privacy: using blockchain to protect personal data