Monitoring, testing and responding to change

In this subtopic, we discuss steps that you can take to embed your cybersecurity strategy and the management culture and business life cycle of your organisation. As part of the privacy operational life cycle, data protection compliance is achieved through the monitoring, auditing and communication aspects of the management framework, where:

  • monitoring identifies any gaps and weaknesses in an organisation's privacy program;
  • auditing ensures consistency, effectiveness and sustainment of the privacy practices; and
  • communication creates internal and external awareness of the privacy program, ensuring flexibility to respond to legislative and industry changes.

See Monitoring and testing and Responding to change.