Tag Archives: Compliance

GDPR Readiness Checklist Tool launched by NW Security Group to help businesses comply with upcoming EU legislation

NW Security Group, the provider of IP video solutions and security consultancy, has launched a free European Union (EU) General Data Protection Regulation (GDPR) Readiness Checklist Tool to help businesses quickly and easily determine if they’re adequately preparing for the new legislation. Due to come into effect on 25 May, the EU GDPR aims to ensure the protection of personally identifiable information. According to recent figures, over 50% of companies across the UK will not be ready for the GDPR by the stated deadline.

While awareness of the new legislation has risen in recent months, the consensus is that UK firms are under-prepared for the EU GDPR, and therefore at risk of fines as high as €20 million or 4% of a company’s annual turnover (whichever is greater).

As an expert in providing security consultancy and training, NW Security has been giving businesses across the UK guidance on how to ensure compliance by the May deadline in a series of awareness seminars. The GDPR Readiness Checklist Tool has formed a vital part of each seminar, helping attendees determine how effective their data protection processes are on their respective journeys towards GDPR compliance.

NigelPeersGDPRChecklistTool

Nigel Peers, senior consultant at NW Security, offers his thoughts on the EU’s General Data Protection Regulation and how companies must prepare for its introduction

“As a provider of IP-based security systems, we’ve always taken cyber security very seriously indeed to ensure the solutions we recommend to our customers protect the data that’s generated,” stated Nigel Peers, senior consultant at NW Security. “In recent months, we’ve been raising awareness with companies and helping them to assess their levels of preparedness for the GDPR using our quick Checklist Tool. As the timeframes become more urgent and levels of readiness are left wanting, we felt it would be helpful to make this free Checklist Tool available to more companies across the UK. It prompts them to think about how best to prepare themselves and their supply chains for the GDPR and provides an insight of just how comprehensive a full GDPR Organisational Readiness Assessment needs to be.”

One of the seminars was held at the Wirral Chamber of Commerce in Birkenhead, welcoming attendees from a range of businesses in the region to heighten understanding of the new GDPR and identify how it could impact their organisation. Laura Cross, director at Concentric HR, said of the seminar: “It was extremely informative and practical. We don’t feel fully prepared for the GDPR as yet, but events such as this have definitely increased our knowledge on the topic and given us great learnings to take back and implement within our firm.”

Cross continued: “The GDPR Readiness Checklist Tool was one of the most useful aspects of the seminar. It really helped me to understand where our business is currently on the journey towards GDPR compliance. Knowing that there are external experts out there that can support us along the way is extremely reassuring for our business.”

*To use the free EU GDPR Readiness Checklist Tooll visit: www.nwsecuritygroup.com/gdpr-readiness-quick-checklist

Advertisements

Leave a comment

Filed under Risk UK News

“Early compliance engagement is key to raising building standards” urges Bureau Veritas

With reports suggesting that the construction sector will continue to grow over the next two years, Bureau Veritas has been quick to assert that an industry shift towards earlier engagement with compliance partners is vital when it comes to raising quality and safety standards for all.

Despite a momentary downtime, largely the result of a post-Brexit slump in confidence and weakening pound, the consensus is that commercial construction will regain pace in the coming months. According to the latest Construction Products Association report, UK construction output will increase by 2.3% in 2019, primarily due to major infrastructure projects.

Concern focuses on the fact that an increased pressure on commercial and residential developers to build more properties, despite a declining workforce, presents a risk to ‘deliverability’ and quality control. A recent study, for example, estimated that over half of all new build properties have ‘major faults.’

BureauVeritasConstructionSite

Andy Lowe, director for building control at Bureau Veritas, commented: “Amid incredibly tight construction deadlines, cost pressures and a raft of legislation, it’s understandable that the modern builder and developer has a lot to come to terms with. That’s why we always advocate early engagement with a certification specialist. Without the ability to influence the wider project, it can be incredibly difficult to optimise quality control procedures and enhance safety measures, while at the same time enabling developers to achieve stated targets.”

Lowe continued: “In some cases, it can even help streamline proceedings and improve efficiencies, and particularly so when it comes to ensuring that the design aspect correlates with the compliance requirements. Without the approver’s early input, for example, any decisions made by a design team could be borderline in terms of interpretation and, upon review, it may be that items such as the fire strategy or the number of staircases are questionable, thus affecting the design as a whole and even resulting in the need for a redesign.”

In conclusion, Lowe stated: “In this way, we believe an industry shift towards earlier engagement is core to not only increasing quality and safety standards, but also optimising efficiencies on current major projects going forward.”

Leave a comment

Filed under Risk UK News

Bored and distracted employees “could be biggest data security risk” warns Centrify

Employees who become distracted at work are more likely to be the cause of human error and a potential security risk. That’s according to a ‘snapshot’ poll conducted by Centrify.

While more than a third (35%) of survey respondents cite distraction and boredom as the main cause of human error, other causes include heavy workloads (19%), excessive policies and compliance regulations (5%), social media (5%) and password sharing (4%). Poor management is also highlighted by 11% of security professionals, while 8% believe human error is caused by not recognising data security responsibilities at work.

According to the survey, which examines how human error might lead to data security risks within organisations, over half (57%) of respondents believe businesses will eventually trust technology enough to replace employees as a way of avoiding human error in the workplace.

CentrifyDataSecurity

Despite the potential risks of human error at work, however, nearly three-quarters (74%) of respondents feel that it’s the responsibility of the employee, rather than technology, to ensure that the host company avoids a potential data breach.

“It’s interesting that the majority of security professionals we surveyed are confident that businesses will trust technology enough to replace people so that fewer mistakes are made at work, yet on the other hand firmly put the responsibility for data security in the hands of employees rather than technology,” commented Andy Heather, vice-president and managing director at Centrify EMEA.

“It seems that we as employees are both responsible and responsible: responsible for making mistakes and responsible for avoiding a potential data breach. It shows just how aware we need to be at work about what we do and how we behave when it comes to our work practices in general and our security practices in particular.”

Leave a comment

Filed under Risk UK News

Organisations “need to do more” to ensure EU GDPR compliance

Organisations need to do more work to ensure compliance with the European Union’s General Data Protection Regulation (GDPR) which is due to come into force in May 2018. While organisations are largely aware of their upcoming obligations, levels of maturity to meet the new standards are low.

Overall, organisations are only complaint with less than 40% of the principles laid out in the GDPR. DLA Piper’s Global Data Privacy Snapshot 2017 notes that some industries are progressing towards compliance better than others. The hospitality and banking sectors are ahead of the rest with 48% and 43% compliance respectively, compared to the average of around 37%. Healthcare and manufacturing are at the bottom end of the scale with 34% and 35% compliance.

Data breaches are already the second greatest concern for business continuity professionals. That’s according to the latest Horizon Scan Report published by the Business Continuity Institute. Unless organisations become compliant by the time the GDPR comes into force then a breach could become even more disruptive.

Patrick Van Eecke, partner and global co-chair of DLA Piper’s Data Protection practice, said: “The responses show that many organisations still have work to do on their data protection procedures. Any organisations operating in Europe will need to see major improvements in their score by May 2018 if they’re to avoid potentially heavy financial penalties under the GDPR, not to mention serious reputational damage as people become more and more aware of their rights in this area.”

eugdprweb

Van Eecke added: “With more and more organisations placing data centre stage, data protection will become an increasingly prominent issue. It’s vital that organisations invest now in the strategy and processes needed to help them to meet their obligations.”

Jim Halpert, the US co-chair of DLA Piper’s Global Data Protection practice, added: “As privacy requirements such as privacy by design, data portability and extensively documenting a privacy program become more complex, compliance demands significant operational work that takes time. In this sense, the results are not surprising. The time to step up compliance efforts is this year, not next.”

The GDPR will apply to processing carried out by organisations operating within the EU and to organisations outside the EU that offer goods or services to individuals in the EU.

The UK Government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR. Organisations failing to comply with the GDPR after its implementation in 2018 could face fines as high as 4% of global annual turnover.

Leave a comment

Filed under Risk UK News, Uncategorized

Telefonica UK Property and ISS choose Ideagen’s Enlighten system to manage governance, risk and compliance

Telefonica UK, a leading digital and communications company, and ISS, the global facilities management service provider, are set to work with software firm Ideagen on improving governance, risk and compliance operations across the O2 estate.

Ideagen Enlighten, Ideagen’s cloud-based GRC application, is to be implemented and rolled out to bring several operational improvements to Telefonica UK’s Property department. The software will provide one source of truth for the management of controlled documentation, improve visibility of audit scheduling and automate action management and escalation. Enlighten will also enhance levels of reporting and increase accessibility for Telefonica’s mobile workforce.

Darren Bryanton, Telefonica’s national FM operations manager, said: “We regularly participate in audits to assist Telefonica UK in retaining an impressive portfolio of certifications and standards which are essential in demonstrating world class service to our customers. Enlighten will manage audits and document control for the department.”

Suzanne Burge, ISS’ quality and assurance manager, added: “After a thorough review of the market, we selected Enlighten due its scalability, accessibility and ease of use. We wanted a product that we could design ourselves to fit the needs of the business, not just now but also in the future.”

ideagencorplogo

Tim Blackburne, ISS’ account director, explained: “Telefonica UK’s high standards of operational compliance and audit success rely on clear governance, audit readiness and document management. Ideagen Enlighten gives us this.”

Andrew Neish, Telefonica’s head of property, commented: “Both Ideagen and Telefonica UK share the same vision of how innovation can drive improvement in business. This opportunity to provide a game-changing and transformational system is one that we’re very excited about.”

Ideagen is a supplier of information management software with operations in the UK, the United States and the Middle East. The company specialises in eGRC (Enterprise Governance, Risk and Compliance) and healthcare solutions for organisations operating within highly regulated industries.

Leave a comment

Filed under Risk UK News, Uncategorized

The Legal Risk Management Handbook set for publication by KoganPage

Legal risk covers all areas of business where regulation and the law impact on operations and decisions. From risks arising from contract drafting and management through to regulators’ new focus on conduct, as well as compliance, regulatory and dispute risks, the effective management of legal risk is key for organisations that want to maximise value while minimising cost and exposure to legal losses. The Legal Risk Management Handbook, to be published by KoganPage on 3 December, is a practical guide to making sure your business is legal, protected and making the most of its opportunities.

Written by experts in law and risk management, this highly practical guide sets out a clear definition for legal risk and a framework for its management. Covering the full spectrum of legal risks that international businesses can face, it translates legal concepts into clear mitigatory actions.

Whether you’re an in-house lawyer needing a clear approach to managing risk in your areas of influence, or a member of the risk management function needing a jargon-free guide to your company’s legal responsibilities, you will find authoritative insight and guidance in this publication.

Containing Case Studies from international businesses and real-life insights from those at the coalface of legal risk management, The Legal Risk Management Handbook is essential reading for everyone who needs a better understanding of this important business topic.

legalriskmanagementhandbook

Simon Nasta, general counsel for FBN UK, has provided advance praise for the book, calling it a ‘must read’ for in-house lawyers and new general counsels. “I particularly like the simple and practical guides to implement what are quite advanced legal risk management techniques,” explained Nasta.

Professor Stuart Weinstein of the Faculty of Business and Law at Coventry University commented: “The Legal Risk Management Handbook contains a wealth of information useful for any company involved in international business to consider when managing legal risk. What sets this book apart is that it translates complex legal principles into practical operating tools that business managers and the lawyers who work with them can use on a day-to-day basis. An indispensable compendium for the legal and compliance team, the executive suite and the Boardroom who must work hard to ensure that legal risk management is at the top of the agenda in every organisation.”

Matthew Kellett, EY UK law leader (FSO) stated: “This book challenges all organisations to review their legal risk management strategies and provides practical suggestions on how to flex their approach to enhance legislative and regulatory compliance. All those in leadership or front line advisory roles will relate to the issues raised and can benefit from the proposed solutions to manage their forward exposures to legal loss.”

The book’s authors are Matthew Whalley and Chris Guzelian. Whalley has a unique blend of practical experience and strategic insight into legal risk management and law department operations. He created the UK’s first and only Legal Risk Consultancy in 2012, and has helped FTSE 100 and Fortune 500 clients alike take their first steps towards developing a structured approach to legal risk. Whalley was shortlisted for the Laurie Young Memorial Global Thought Leadership Award in 2014 for his detailed papers on legal risk management.

Chris Guzelian is an associate professor at the Thomas Jefferson Law School in San Diego, California where he teaches business, criminal and American constitutional law courses. Previously, he was a state prosecutor, a civilian officer with the US Department of Defence and a lawyer with the Us bankruptcy courts. Guzelian advises a number of corporate, non-profit and Government authorities on risk-related matters.

  • EAN: 9780749477974
  • Edition: 1
  • Published: 3 December 2016
  • Format: Paperback
  • 232 pages

*To order your copy visit: https://www.koganpage.com/product/the-legal-risk-management-handbook-9780749477974

 

Leave a comment

Filed under Risk UK News, Uncategorized

Advanced recognised by BSI for decade of standards excellence in fire systems sector

Global fire safety systems developer Advanced has received an award from BSI, the business standards company, in recognition of ten years of standards excellence in the field of fire systems.

The award recognises Advanced’s role in driving higher standards in the fire industry and its ongoing role in relevant fire standards committees. For example, Advanced was one of the first to adopt EN54-13, the European standard that ensures optimal fire system performance at all times through rigorous third party testing.

advancedbsiaward

Dave Wilson, who’s responsible for standards and compliance at Advanced, commented: “Our ethos is that our products set the standard in fire systems. We work closely with quality, standards and industry bodies around the world to ensure we remain at the forefront of the market. We’ve worked very closely with BSI for many years now, and it’s a real pleasure to receive this award for our work and the partnership we’ve developed in terms of fire systems and BSI Kitemark-licensed product approvals.”

As a business, Advanced designs intelligent fire systems approved to key international, regional and local standards including UL 864 and EN54. Its products are used in prestigious and challenging locations all over the world, from single panel installations through to large multi-site networks.

Advanced’s products include complete fire detection systems, multi-protocol fire panels, extinguishing control and fire paging systems.

Leave a comment

Filed under Risk UK News, Uncategorized