Who Needs a ROPA and Why?

In this episode of InfoSec Insider – Talk DP, Stuart Skelly, a Senior GRC Consultant at URM, explains records of processing activities (ROPAs), a key document that almost every organisation must create and maintain in order to comply with the General Data Protection Regulation (GDPR).  Stuart leverages his 25+ years of specialisation in data protection law to discuss: 

• What a ROPA is, which organisations need to have one  

• The advantages of having a ROPA in place and how this can benefit your GDPR compliance efforts  

• Who within an organisation needs to create the ROPA 

• The challenges associated with producing a ROPA and how these can be overcome 

• Whether you should first produce a data flow map before embarking on the ROPA 

• The next steps after the ROPA has been built. 

Learn more about this topic:  https://www.urmconsulting.com/blog/who-needs-a-ropa-and-why https://www.urmconsulting.com/blog/how-to-create-a-record-of-processing-activities-ropa 

If you enjoyed this episode of InfoSec Insider – Talk DP, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider   

You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts   

Brought to you by URM, the UK’s leading information and cyber security specialists.