Cloud Security Alliance (Lausanne) - GDPR compliance

Digicomp Academy Suisse Romande SA

Avenue de la Gare 50 · Lausanne

How to find us

Digicomp Academy Suisse Romande SA Avenue de la Gare 50 1003 Lausanne

Location image of event venue


18:00 - Welcoming

18:10 - 18:30 - "The new and revitalized Swiss Chapter of the Cloud Security Alliance "
Giulio Faini – President , Swiss Chapter

Abstract: “In June 2019 we already held CSA meetings but now in November we officially restart the activities of CSA, Swiss chapter and this introduction speech is meant to explain the Swiss CSA working groups, the overall 2020 objectives of the association and the membership benefits we are putting in place. This meeting will be as well an opportunity to share your ideas and contribution as we always look for new volunteers and participation”.

18:30 - 19:00 - GDPR code of conduct
Linda Strick – Director CSA EMEA

Abstract: “The Cloud Security Alliance (CSA) has created the CSA Code of Conduct for European Data Protection Regulation (GDPR) Compliance. It aims to provide Cloud Service Providers a solution for GDPR compliance and to provide transparency guidelines regarding the level of data protection offered by the CSP.
With the GDPR Tools Companies can leverage
● Code of Conduct: Offers cloud service providers the opportunity to demonstrate to business partners and regulators that they comply with the new EU DSGVO requirements.
● Self-Assessment: Provides companies an additional means of structuring the level of protection they offer for personal data. Allows cloud customers an instrument to evaluate the level of protection offered by cloud providers for personal data.
● Mark of Conformity: Cloud service providers and cloud customers who wish to comply with the CSA Code of Conduct for EU DSGVO Compliance (CSA CoC for GDPR) can have their EU DSGVO compliance confirmed by the CSA. CSA will verify that efforts have been made in good faith to thoroughly implement the entire Code of Conduct and to issue a Mark of Conformity when all conditions are met.

19:05 - 19:45 - "From Spreadsheets to Streamlined: Automating the Third-Party Vendor Risk Lifecycle”
Tarek Wüstefeld - Privacy Consultant at OneTrust

Abstract: Managing third-party vendor risk before, during and after onboarding is a continuous effort under global privacy laws and security regulations. While outsourcing operations to vendors can alleviate business challenges, managing the associated risk with manual tools like spreadsheets is complex and time consuming. To streamline this process, organizations must put procedures in place to secure sufficient vendor guarantees and effectively work together during an audit, incident – or much more. In this session, we'll breakdown a six-step approach for automating third-party vendor risk management and explore helpful tips and real-world practical advice to automate third-party privacy and security risk programs.

19:45- 20:30 – Apéro and networking