So you want to be a privacy pro?
Computerworld - It's an increasingly familiar scene: The IT manager lingers after a meeting with the chief privacy officer (CPO) to see how he, too, can become involved in privacy, the defining issue of the Information Age. Why is this happening in my company and others? Probably because IT pros know better than anyone how personal data needs to be protected, and they're motivated to make things right. But before you make the big leap from IT to privacy, run through this checklist to see if the move is right for you.
Step 1: Find out if you'd actually like the daily tasks.
The mission to protect people's privacy can be very inspiringbut the reality within your company may be quite different. The privacy function where I work encounters a great variety of challenges because we operate in many industries and countries. But if your company serves a single industrysuch as finance or health careand you have offices only in North America, your job may be limited to routine compliance tasks that are more distant from the mission of protecting people's privacy.
What makes up the daily life of a privacy professional? The best sources of information on the profession are the International Association of Privacy Professionals (IAPP) and the Ponemon Institute. Their 2005 joint survey discovered that privacy officers spend roughly half their time on three activities: responding to incidents, developing and implementing policies, and advising the organization on proper privacy practices. (For a breakdown of the results, see the table below.) Go to page 2>>
Privacy Professional Key Duties
Managers involved in IT governance may find several familiar tasks in a privacy job, but some tasks such as analyzing privacy regulations and providing privacy consulting to the company are likely to be new territory.
% of total time
Responding to incidents
Developing and implementing policies and guidance
Advising/consulting the organization
Administration (personnel and budget)
Developing and performing training and communications
Developing privacy strategies
Performing risk assessments and data inventories
Monitoring and measuring compliance (enforcement)
Reporting to management
Source: International Association of Privacy Professionals and the Ponemon Institute's 2005 survey of 224 privacy professionals
Step 2: Find out if you'd have direct C-level support.
Everybody wants top-level support for their projects. But for a function as new and undefined as privacy, it's essential. Without it, you could easily find yourself in a career cul de sac, spending years in the bureaucratic wilderness without meaningful results. How can you tell if privacy is valued by your company?
First, look at who the privacy leader reports to. Ideally, it's directly to the CEO, so that the privacy perspective has an equal and independent voice in the boardroom. It's still a strong sign if privacy reports to a C-level board member.
- PCI 3.0 Compliance In this white paper, learn how PCI-DSS 3.0 effects how you deploy and maintain PCI compliant networks using CradlePoint devices.
- Defense throughout the Vulnerability Life Cycle with Alert Logic Threat and Log Manager New security threats are emerging all the time, from new forms of malware and web application exploits that target code vulnerabilities to attacks...
- QA Automation: Reducing Test Execution While Improving Coverage A leading capital investment firm in the US was in need of a comprehensive, cost effective and flexible solution to reduce their existing...
- Protect your brand with Alert Logic PCI DSS compliance solutions Alert logic's cloud-powered solutions help organizations that process, store or transmit credit card data eliminate the burden of PCI compliance. This product brief...
- Expert Panel: Enterprise Mobility and Data Loss Prevention When it comes to enterprise mobility, it's not just about devices, it's about the way people work. Hear this expert panel discuss the...
- Princess Cruises collaborates across the globe in the IBM cloud Norm Ayers, Director of Emergency Response and Social Projects at Princess Cruises explains how IBM and Cloud helped the company rapidly scale its... All Management White Papers | Webcasts