Printer Friendly, PDF & Email

Prepare for the worst: Interdepartmental crisis training improves data breach response efforts

For compliance professionals, especially those working with the many vendors and other third parties that make up modern global value chains, building bridges between departments is a major task, because it is common for departments within an organization to operate as silos; for example, the accounting, marketing and information technology (IT) departments may have very little horizontal interaction. Those bridges are necessary in order to train employees, explain policies and procedures, and acquire the data necessary to understand where risks are and how to mitigate them.

With data and operations increasingly being relegated to automated and digital (i.e., cloud) software solutions, IT, in particular, plays a critical role in any organization’s daily affairs. All the major compliance challenges — bribery, trade and labor issues, regulatory burdens, third-party vetting and management — increasingly require IT and compliance to work together.

But unfortunately, it is often the case that the two departments will only interact when a problem arises. In the worst-case scenario, IT and compliance will find themselves across the table from each other in a crisis, such as a data breach.

This document is only available to subscribers. Please log in or purchase access