News

SUBSCRIBE to our weekly e-mail (with live links) for just €5 per month
+++++++++++++++

ELEC Paper: Why EU Capital Markets Union has become a “must have” and how to get there -Feb 2024

My collected papers - 1989/1993: Market Discipline in EMU

Public Information

Expand

Graham Bishop Consultancy

Friends of GrahamBishop.com

Brussels 4 Breakfast

CPD / Education and Learning

Graham Bishop - Biography

Graham's Blogs

Graham's Media Activities

Graham's Speeches

Graham's Writing

Press Resources

Photographs

My `pro bono' work

How you can support this work

Why my `pro bono' work is relevant to markets

Technical Difficulties

Privacy Policy

Terms and Conditions

Tweets by @GrahamBishopcom

Follow @GrahamBishopcom

Article List:

Hedgeweek: More than...
Commercial Risk Euro...
Commercial Risk Euro...
Financial Times: Eur...
European Commission:...
Insurance Europe: GD...
Hedgeweek: Financial...
>>Commercial Risk Euro...
FCA and ICO publish ...
ICAS: How to prepare...
Accountancy Europe: ...
Insurance Europe: Da...
AIMA GDPR Implementa...
Commercial Risk Euro...
François Villeroy de...

Home>Protecting Customers>General Data Protection

Print Page Save to My Library <Next Article Previous Article>

15 February 2018

Commercial Risk Europe: AMRAE publishes GDPR and cyber research

The French risk management association AMRAE has published a technical guide to the General Data Protection Regulation (GDPR), with more cyber risk-related research in the pipeline.

AMRAE published its GDPR technical guide in partnership with CGI business consulting. The paper provides risk managers with a guide to implementing the GDPR in France. It covers the basics of the GDPR, but also the role of the risk manager in its implementation.

The guide follows a series of workshops for risk managers run by AMRAE since September on the GDPR. The workshops have covered GDPR-related topics such as the role and skills needed by risk managers to meet its demands, how to carry out gap analysis, training and auditing contractors. The workshops have also covered governance, including the role of the data protection officer, a new role required under the GDPR.

The GDPR is a significant challenge for French companies, especially smaller organisations that may not have the resources to comply, according to Philippe Cotelle, vice-president of AMRAE’s cyber commission and head of Airbus Defence and Space insurance risk management. “The GDPR requires significant investment and not all companies will be able to afford it,” he said.

Surveys suggest that many companies will not be ready for the GDPR by its May 2018 implementation deadline. A survey conducted by Marsh in 2017 found that only 8% of European firms believed they were fully compliant. Mr Cotelle thinks that compliance levels of just 10% to 20% are feasible, although it will be higher among larger companies. Most large French companies have started their GDPR compliance and have set up GDPR working groups, he said.

Risk managers are typically involved in GDPR working groups, helping to identify contractual liabilities. “This is a new element of risk for risk managers to comply with,” said Mr Cotelle.

French companies are already boosting cybersecurity in anticipation of incoming EU legislation, namely the GDPR and NIS Directive, which is also implemented in May 2018.

The NIS Directive will build on cybersecurity under the French Military Programming Law and will expand the number of companies that must report to the French national cybersecurity agency ANSSI, he said.

Full article on Commercial Risk (subscription required)

AMRAE_guide

© Commercial Risk Europe

< Next Previous >

Key
Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information

Comments:

No Comments for this Article

Add new comment

Show name and company details

Follow Us

News

Public Information

Article List:

15 February 2018

Commercial Risk Europe: AMRAE publishes GDPR and cyber research

© Commercial Risk Europe

Key

Comments: