The DPO oversees GDPR compliance, while the implementation of technical and organisational measures sits with the CISO or IT manager. In practice, DPO and CISO work hand in hand on data protection impact assessments (DPIAs), breach handling, retention periods and the documentation of sensitive processing activities.
EN
FR