The both roles CISO and DPO in many terms and conceptions are similar but there are still some different points between these two roles.
While CISO (Chief Information Security Officer) looks at risk from a business, financial and operational point of view, a DPO or Data Protection Officer – a role required under the European Union’s General Data Protection Rule – looks at the same risk from a data subject’s (consumer) point of view.
In the DPO role is needed to be considered what are the risks in terms of the loss of privacy and loss of freedom from a data subject’s point of view. Whereas in CISO role faces the challenge of managing multiple vendors under strict GDPR regulations. In the daily work there are suppliers and customers and sometime some of the customers are also suppliers. In these cases, is needed to ensure that you have contacts that cover all these interactions. There is also recommended to check and be sure that your suppliers have the same level of security and data protection safeguards as you do.
As it’s a big challenge sometimes to managing dual roles in the same time, Louis and Associates understand these complex topic and issue on the market and can deliver these services to your company directly depending of your business requirements and needs.