An event organized by FERMA and ECIIA : Register now

The webinar will discuss the full results and recommendations of a joint project between FERMA and the European Confederation of Institutes of Internal Auditing (ECIIA), to assess how the EU General Data Protection Regulation (GDPR) impacted our professions, one year after its enforcement.

Why should you attend?

It will help you to know:
  1. To which extent the risk manager and the internal auditor are involved in the GDPR corporate implementation
  2. How GDPR has affected the interactions between risk management, internal audit and Data Protection Officer (DPO)
  3. What are the best practices and recommendations to embed personal data protection in the risk and audit governance of your organisation


After one year of GDPR implementation, FERMA and ECIIA sent in May  a common basis of five questions to their risk and internal audit members.
The objectives were to:
  • Evaluate the roles of the risk management and internal audit functions regarding the GDPR and personal data related risks
  • Provide a unique insight into the implementation of the GDPR by companies to the European policymakers
FERMA will share the results for the first time at this year’s forum in Berlin.

Exclusive preview of key findings…

  • High level of cooperation between the DPO, the risk management and internal audit functions.
  • 76% of risk managers integrate data protection in their global risk mapping.
  • Governance is (or will be) the most audited element of GDPR (56%).
  • 89% of respondents say that the DPO function has been internalised and mainly assigned to an existing function, most of the time under legal/compliance.
With 321 respondents, the results provide tangible data on the implementation of the GDPR within organisations as the European Commission will publish an evaluation report in May 2020.

Practical information

Contact person

Laetitia Fung

More information

Register now