Welcome to the PMIEF 30th Anniversary Celebration! All day long on Tuesday the 4th of August, we are celebrating the Project Management Institute Educational Foundation (PMIEF) 30th anniversary by highlighting the Educational Foundation and how you can give back to your community through social good efforts.
We’re excited to open up our community today to all project professionals around the world to continue the conversation around making a difference through the use of project management. We have two LIVE webinars (open to all) and plenty of other content focused on how you—the PMI community of practitioners, PMI chapter volunteers, donors and more—have helped bring PMIEF’s mission and vision to life. Find out what content we have in store for you today by checking out the guide below!
But wait...there's MORE!
TODAY ONLY: For those of you who read and comment on PMIEF’s content on 4 August 2020 here on ProjectManagement.com, you’ll receive an exclusive badge!
What Background Makes a Good DPO?
By Yunique Demann, Associate Director Risk – Data Privacy
The enactment of the EU General Data Protection Regulation (GDPR) formalized the role of the Data Protection Officer (DPO) role to ensure there was senior leader in the organization who was responsible and accountable for driving the privacy program and upholding the rights of data subjects and their data.
The role of the DPO is to implement a data protection strategy that aligns with GDPR and other privacy laws that supports business objectives and reduces risk. The DPO oversees the development, implementation and maintenance of data privacy and data protection policies and ensures the organization processes personal data of data subjects (employees, customers, and other individuals) in a compliant way that reduces the potential for data breaches and protects the data throughout its lifecycle with that business. DPOs should operate independently, with full support from executive management all the way through to the board.
As the need for privacy professionals increases, the pool of qualified individuals with the knowledge and capabilities comes largely from two groups: privacy lawyers/legal privacy professionals and the IT privacy professional from an IT and/or security background. The privacy lawyer focuses on privacy laws and provides legal guidance and direction on compliance with those laws. IT/security privacy professionals have a good understanding of the law and can also provide guidance on implementation of privacy requirements. They usually have a deeper understanding of the security and risks factors associated with compliance based on their closeness with the business and can provide guidance on technologies, process and procedures that support the security of processing.
Both roles are effective and approach privacy from a different perspective, and both can function in the role as a Data Protection Officer (DPO). An effective DPO does not need to come from a legal background but a good understanding of law is a mandatory requirement for understanding privacy requirements.
There is another role that can become a DPO – compliance officer – but he or she must demonstrate independence when overseeing the privacy function. Under GDPR, the DPO must be free from conflicts of interest. In a recent case, the Belgian Data Protection Authority fined an organization €50,000 for failing to ensure the DPO was free from a conflict of interest. Therefore, in meeting requirements specific to GDPR, although the DPO may fulfill other tasks, the tasks related to compliance must not result in a conflict of interest.
The career trajectory for a privacy professional also can evolve into becoming Chief Privacy Officer (CPO). The person in this role should be comfortable with owning the privacy program as it pertains to developing policies and liaising with IT/security and vendor management. In this role, the IT privacy professional may have a head start, but this in no way excludes the privacy lawyer from creating these relationships and gaining the necessary knowledge.
With the introduction of ISACA’s new Certified Data Privacy Solutions Engineer (CDPSE) certification, privacy professionals have a new opportunity to assess their privacy-related skills against a new globally recognized standard. CDPSE is the latest credential from ISACA for those who participate in the design, implementation and management of technology solutions that store, process and transport personally identifiable information (PII).
Having a formal certification provides the external validation that those performing in the function as a DPO are qualified and meet a recognized criterion for managing a privacy program. IAPP and now ISACA are leading the way in developing internationally recognized certifications in this area, although there are multiple country regulation-specific certifications for privacy around the world.
As someone who has come from a security background, I have found my background has been a complement to my current role as a DPO and has helped me collaborate with the IT and security teams in supporting the privacy program. I choose to pursue additional post-graduate qualifications for navigating the different privacy laws and gaining legal skills. The certifications available now can better equip privacy professionals with the skills and knowledge they need to excel in their DPO roles.
We make reality.
Let's. Get. To Work.
Members, you’ll find a new PMI experience designed for your personal growth and connection to each other (and yes, you’ll earn plenty of PDUs)!
For those new to our community, welcome to the innovative, rewarding project world—creating impact and transformation across industries. These events are crafted to help you boost your career. Or pivot to a new one.
Consider a PMI Membership and save $400 on a Series Pass!
Our monthly virtual events begin in July and continue through December 2020. They are crafted to:
Pleases click here to register for this newly created virtual event experience!
By Giampaolo Marucci – PMBOK® Guide – Seventh Edition Development Team Member
In some languages there is no direct translation of the English word “accountable.” For example, in Italy we translate it as “responsible.” That is, in Italy, we translate “accountable” and “responsible” with the same word: “responsible.” But we know, also in Italy, that “accountable” and “responsible” have different meanings.
In Italian, we interpret responsibility as the act of taking charge of the execution of work that someone asks for. Accountability is the awareness of paying someone for damage caused by wrong decisions or getting the reward for good decisions. Accountability requires that the accountable people respond to any of the activities delegated to responsible people. Responsibility does not include accountability, while accountability can include responsibility. In both cases, someone is responsible or accountable to someone else.
Historically, accountability for a project has been assigned to a single person inside a context. For example, a project manager is usually accountable to the Sponsor for the success (or lack of success) of the project. While the project manager may delegate responsibility to members of the project team, the project manager maintains accountability. But, looking at how some organizations have been structured during the last couple of decades, in some cases, accountability in a project, product, or service to customers or the public, has been assigned to more than one person. In the Team Performance Domain in the PMBOK® Guide–Seventh Edition we refer to this as shared ownership. That is, there are contexts in which the outcomes from the work are assigned to the more than one person, or the team as a whole.
This can be the case with a high performing team that is stable, empowered, and self-organized. Ownership for the outcomes from the project are shared by the team as a whole. Stable teams move from formation and grow into a high-performing team by passing through four stages: Forming, Norming, Storming, Performing. The length of time for the team to grow into the performing stage can vary based many variables. (You can refer the Tuckman “Team development model” for detail on this. The PMBOK® Guide refers to it in the section “Models, Methods, and Artifacts” of the PMBOK® Guide - Seventh Edition.) Following, you can see some of the characteristics that are usually present in high performing teams where ownership can be shared:
Having such a performing team, an organization can assign them a project and let them self-organize to decide their way of working, choose and evolve their processes and practices to adopt inside the project, and configure processes and practices based on the organization’s policy. The organization can give to the team, as a whole, rewards or penalties for success (or lack of success) of the project.
In other words, the organization can let the team not only be responsible for the work but also own the outcomes to the organization. High performing teams with shared ownership is described inside the Team Performance Domain in the PMBOK® Guide–Seventh Edition.
While we are disheartened about the reality of not meeting face to face during PMI live events this year, we want you to know that “where there’s a will, there’s a way!” With that said, have you heard the buzz about the new series of virtual events that PMI is developing? YES, new and exciting things are happening in the PMI Events World and we want you to be part of it! How can you? Simply register for our next “Discover PMI - Ask Us Anything!” webinar, What’s All the Buzz about the Virtual Experience Series?, scheduled Wednesday, 22 July 2020 at 3:00PM EDT.
As you may know, the format of this series of webinars is executed through non-PDU bearing webinars, meant to encourage conversation with various PMI departments. Simply put, community members, like yourselves, having a one hour Q&A session with a particular PMI department. We are so thrilled to have Gina Alesse, Julie Ho and Michelle Brown from PMI Events, discuss the specifics of The Virtual Experience Series: Delivering Value, Creating Change & Advancing the World™ that will feature monthly virtual experiences from now through December 2020.
Register for FREE at https://www.projectmanagement.com/webinars/639279/What-s-All-the-Buzz-about-the-Virtual-Experience-Series-. We certainly hope you will join us!
As always, our project is YOU. Your successes and setbacks, your passions and peeves—we want to hear about them all, and help you get to where you're going today and tomorrow. We hope these webinar series guide you in the right direction. As always, your feedback and ideas are most welcome!