Compliance, Governance and Oversight Council

CGOC is a forum of over 3,600 legal, IT, records and information management professionals from corporations and government agencies. For over a decade, CGOC has been a thought leader advancing governance best practices across the industry.

Recent Resources

Data Protection in the Modern Enterprise – CGOC London highlights and trends

November 16, 2017

View all sessions including in-depth presentations on:

– Operationalizing the GDPR
– GDPR and the Impact on Incident Response
– Harnessing Technology in GDPR Transformation
– Aligning GDPR with Other Regulations

Speakers from Deutsche Bank, HGP, IBM, FTI Consulting, Reed Smith, Capgemini and more.

Read More

Cross-Border Information Governance: Setting Up for Compliance

October 11, 2017

Panelists discuss the various international data protection regulations and some mechanisms for international data transfers, such as the Privacy Shield. Panelists provided strategies for developing an effective information governance plan for compliance and tips for setting up your internal systems to properly protect your data. Watch the recorded webinar here:

Dr. Andreas Splittgerber – Partner at Reed Smith
Dorota Kosela – General Counsel at Braster S.A.
Cindy Compert – CTO Data Security & Privacy at IBM Security

Read More

Internal Investigations – 10 ways to be a Cyber Sleuth

September 18, 2017

Cyberattacks aren’t the only significant threats facing enterprises today. Companies often find themselves needing to conduct extensive and costly investigations into employee behavior. Investigators typically face two common challenges. First, finding answers often lies in analyzing mountains of data. Second, the answers must be found quickly. Investigative speed has the potential not only to limit the damage caused by the original transgression, but also to dramatically reduce legal costs and manage corporate risk.

Read More

News and Events

If GDPR Compliance Doesn’t Start With Information Governance, You’ll Probably Fail

December 9, 2017

Most discussions regarding the EU’s impending General Data Protection Regulation (GDPR) — scheduled for implementation in May 2018 — focus squarely on consent management (i.e., making sure organizations have permission to use the data they are collecting and processing). This focus certainly makes sense. Consent management is critical to organizations’ abilities to continue doing business as usual in the face of the new regulation. However, as data collection and processing continue to soar — and there are no signs the consent requirement will slow data growth — organizations are increasingly challenged to secure the data they process, as required by Article 32 of the regulation.

Read the article

Most companies ill-prepared for EU data protection requirements

November 10, 2017

Known as the General Data Protection Regulation or GDPR, the EU describes the new requirements as “the most important change in data privacy regulation in 20 years.” Intended to replace the current European Data Protection Directive and standardize the laws governing data privacy across the EU’s member countries, it is meant to reshape the way organizations across the region deal with data privacy.

A recent survey of 132 compliance officers finds, however, that only a handful of companies are prepared to meet the new regulation’s requirements.

Read the article

Really? Only 6 Percent Of Companies Ready For GDPR

November 9, 2017

A survey of top corporate data protection challenges has found only 6 percent of companies are prepared to be compliant with the EU’s General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018. The Compliance, Governance, and Oversight Council (CGOC) released the results of the survey, which gathered the results from 132 compliance officers from organizations around the world. Those organizations were across multiple industries.

GDPR is a growing concern for companies in the life sciences industry. A session at DIA’s annual meeting in Chicago in June 2017 brought the issue to the attention of many pharma executives in the audience. Violations of the regulation can result in a penalty of €20 million or 4 percent of worldwide revenue.

Read the article