Compliance, Governance and Oversight Council

CGOC is a forum of over 3,600 legal, IT, records and information management professionals from corporations and government agencies. For over a decade, CGOC has been a thought leader advancing governance best practices across the industry.

Recent Resources

Data Protection in the Modern Enterprise – CGOC London highlights and trends

November 16, 2017

For years before the passage of the GDPR, we provided advice and resources to help organizations adhere to the European Data Protection Directive. However, the Directive created only a minimum standard and the response has been all over the map. Many countries implemented higher and different standards, leading to confusion, while some organizations have elected to risk incurring fines rather than invest in compliance. The GDPR now harmonizes all of the data protection laws in the EU to protect the personal information of its citizens and residents – and with that will likely come more consistent enforcement and penalties.

Download the right tools including in-depth presentations on:

– Operationalizing the GDPR
– GDPR and the Impact on Incident Response
– Harnessing Technology in GDPR Transformation
– Aligning GDPR with Other Regulations

Speakers from Deutsche Bank, HGP, IBM, FTI Consulting, Reed Smith, Capgemini and more.

Read More

Cross-Border Information Governance: Setting Up for Compliance

October 11, 2017

Meet the Speakers:
Dr. Andreas Splittgerber – Partner at Reed Smith
Dorota Kosela – General Counsel at Braster S.A.
Cindy Compert – CTO Data Security & Privacy at IBM Security
Jimmy Koo Senior Legal Editor, Bloomberg BNA (Moderator)

Any business operating across international borders will be involved in controlling, processing and transferring data. With increasing privacy regulations across the globe, legal and security departments must be prepared to understand and comply with the variety of regulations that different countries have implemented (including the fast-approaching GDPR), particularly as the increased transfer of data across borders leads to increased exposure. Leaders of these departments must ensure they create an effective information governance plan and implement security systems to adequately protect their data.
Watch the recorded webinar here: http://bit.ly/2y9eab9

Read More

Internal Investigations – 10 Ways To Be a Cyber Sleuth

September 18, 2017

Cyberattacks aren’t the only significant threats facing enterprises today. Companies often find themselves needing to conduct extensive and costly investigations into employee behavior. Investigators typically face two common challenges. First, finding answers often lies in analyzing mountains of data. Second, the answers must be found quickly. Investigative speed has the potential not only to limit the damage caused by the original transgression, but also to dramatically reduce legal costs and manage corporate risk.

Read More

News and Events

Stop Dragging Your Feet: GDPR Compliance Can Make You More Competitive

December 15, 2017

The May 2018 deadline for the EU’s General Data Protection Regulation (GDPR) should have organizations scrambling to roll out GDPR-readiness programs. After all, the regulation applies to most organizations doing business in the EU, non-compliance can result in severe fines, and getting ready for compliance will likely take significant time and effort.

Read the article

If GDPR Compliance Doesn’t Start With Information Governance, You’ll Probably Fail

December 9, 2017

Most discussions regarding the EU’s impending General Data Protection Regulation (GDPR) — scheduled for implementation in May 2018 — focus squarely on consent management (i.e., making sure organizations have permission to use the data they are collecting and processing).

Read the article

Most companies ill-prepared for EU data protection requirements

November 10, 2017

Known as the General Data Protection Regulation or GDPR, the EU describes the new requirements as “the most important change in data privacy regulation in 20 years.” Intended to replace the current European Data Protection Directive and standardize the laws governing data privacy across the EU’s member countries, it is meant to reshape the way organizations across the region deal with data privacy.

Read the article