Assume you are an IT security specialist for a large U.S. online  retail organization that does business internationally. Your CIO has  asked you to thoroughly review the new General Data Protection  Regulation (GDPR) recently implemented in the European Union. He wants  to understand exactly what the organization must do to comply with this  regulation when doing business with EU customers.

Provide a detailed discussion about the rules for businesses and the rights of the EU citizens.

Include a discussion of the following:

  • What does the GDPR govern?
  • What rights do the EU citizens have with regard to their data?
  • What is considered personal data under this regulation?
  • What is considered data processing under this regulation?
  • Describe the role of the data protection authorities (DPAs).

Discuss, in detail, how the GDPR will change business and security  operations for your organization. Provide the CIO with a recommended  checklist for GDPR compliance and discuss processes and policies that  may need to be changed in order to comply with GDPR.

In your conclusion, address what you think will be the financial  impact to the organization, both in terms of compliance and any lack of  compliance. 

Assignment Requirements

  1. The paper should be 34 pages.
  2. Use the rubric guide
  3. Use Times New Roman 12 pt font.
  4. Use APA formatting for paper, citations, and references.
  5. Be sure to cite your sources and provide the appropriate references