ISACA research shows companies still aren’t ready for GDPR
Learn how most organizations are still not fully prepared to meet GDPR compliance requirements and how this impacts their data security needs.

The GDPR deadline is just over a week away and results from ISACA’s GDPR Readiness survey show that most organizations are still not fully prepared to meet compliance requirements.
ISACA surveyed more than 6,000 professionals globally to find out how prepared organizations are for GDPR, what the top barriers to compliance are and the expected timeframe for readiness.
Check out this infographic that shows some of the highlights from the survey:
Perhaps the biggest surprise is the level of employee education on GDPR and their role in compliance. Only 39% of respondents said employees have been educated to a satisfactory level about their responsibilities to maintain GDPR compliance.
People and tools are the drivers to GDPR compliance
ISACA’s research about GDPR-readiness makes it clear: companies will be expected to do more to protect personal data because the old way of doing things just won’t cut it anymore. And this includes providing employees with the right resources and tools to help them understand what they can do to protect personal data within the flow of work. As a result, information ownership and data protection “by design and by default” will continue to be primary drivers of successful compliance for GDPR and other regulations.
The best solution to help with GDPR compliance will enable people, process, and technology to work together without grinding things to a halt. Because people need the freedom to work just as much as organizations need to protect sensitive data. This is why employees need to understand the business value of the data they work with regularly, so they can protect it in the day-to-day flow of work.
Get employees involved in your GDPR compliance journey
Educating employees about information security and data protection is important because the amount of data generated is constantly growing and the way employees work and share information is evolving. The roles and responsibilities for each business unit must be defined to help meet GDPR and other compliance requirements.