We’ve talked before about the benefits of being proactive versus reactive. Being proactive is more beneficial than being reactive in every aspect of life, whether in business, sports, or just everyday life. A task as simple as crossing a street can illustrate this point: be proactive by looking both ways ahead of time and avoiding potential oncoming traffic or keep your head down and try to react at the last second to a large truck barreling down on you. The difference and the possible consequences are stark.
Here we look at the difference in prescriptive and outcomes-based regulations and which may be better for data privacy.
With GDPR now in full effect, many companies are scrambling to navigate issues the regulations have created for them, and one question is now being more pointedly discussed by many globally: is prescriptive or performance-based regulation better, specifically where personal data is concerned?.
Chain of Responsibility (CoR) road safety laws will be more stringent from 1 October 2018.
Here we analyse the need for better corporate governance in the age of big data through the Facebook scandal
Why does a company need solid governance controls? One need only look at Facebooks stock market value loss in the wake of the social media giant’s recent scandal involving data privacy. In a typical corporation, a $50billion loss of value within a few days would undoubtedly lead to some major changes, and quickly.
Any company that’s been in business for more than a few months can attest to the fact that compliance is not only a big part of being in business, it’s a moving target that almost changes with the seasons. And the last half of 2017 pushed the focus on compliance into high gear with the various scandals and lawsuits that popped up across the landscape.
It might seem counterintuitive, but it’s common knowledge and apparently the natural order of things – technology moves much faster than the rules we set to govern it. Automobiles upset the public at first and caused governments to rethink roads. Airplanes caused governments to address the skies, something they’d never had to do before. Now drones are forcing them to rethink the rules about the sky, and public concerns are putting pressure on those decisions.
The difference between the auditor and compliance officer within organisations is not always clear. There are definitely similarities and the two have common characteristics with some overlap so it is reasonable to confuse the two as almost merging into one another. They must work together in many cases but there are distinct differences. Distinct and important.
At face value, compliance can easily be interpreted as maintaining the status quo, following the rules, and conforming to predetermined and universally accepted norms. And if you choose to believe and adhere to that definition and understanding of the term and the practice, that’s exactly what it will be. But you do have a choice. It’s just like a paraphrase of the old saying: whether you believe that you can or you can’t do something, you’re right.
When a casual observer watches a Formula 1 race, they probably don’t think much about anything beyond the experienced and practiced driver handling a very fast car, the best they can. If they do move any further in their analysis, it would be to understand the importance of speed and precision during a seconds-long pit stop.
A Tale of Two Businesses
Consider the following scenarios. Two retail managers each have a chain of locations they are in charge of, with massive amounts of inventory across each chain. One relies on the store manager at each location to ensure that inventory levels are where they should be. So once per month they get a message from each store manager that essentially says “inventory is still good!”, and they leave it at that.