12
Airmic Technical
7 The risks
The EU General Data Protection Regulation (GDPR)
Any data processing or analysis that involves personal data will
fall under the new General Data Protection Regulations, which will
become law in the UK in May 2018. The law brings in mandatory
reporting of data breaches, heavy fines and a recommendation for
organisations to appoint a Data Protection Officer. Risk managers
should address and control their organisation's response to this issue,
considering the impact of any new data collection and analytics
techniques. More information can be found in Airmic's The EU
General Data Protection Regulations: What risk managers need to
know.
The impact on cyber risk
Cyber risks continue to be quoted as top-of-mind concerns for risk
managers. As organisations use increasing data sources and integrate
data analytics into their processes, the cyber risk will change. Risk
managers can provide the link between business strategy, data
processing and IT infrastructure, assessing the cyber risk accordingly.
More information can be found in Airmic's 'Understanding your cyber
risk and purchasing insurance'.
The need for the human element
Computers and algorithms operate on logic, which cannot make
sense of everything! All data analytics should include a step where
business managers review and evaluate output, tempering the
analytics with reality and common sense.
Like all process changes, advancing data analytics does involve
taking on risks. Risk managers should consider the following:
