The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Jill Frisby - Crowe Chizek and Company LLC

Students: Spring 2023, unless noted otherwise, sessions will be virtual on Zoom.

Protecting Data Privacy: A Practical Guide to Managing Risk

Sep 19, 2007

PDF Slides PDF
Download: Video Icon MP4 Video Size: 406.3MB  
Watch on Youtube Watch on YouTube


Protecting valuable information assets, including personal data about employees, students, customers, and medical patients, is an enterprise-wide responsibility. Like all components of good corporate governance, it begins with senior leadership establishing a culture of awareness about the importance of safeguarding these assets, and extends through coordinated actions among all business units, divisions, and departments. When creating data privacy programs, organizations should align them with their strategic enterprise risk management objectives and follow a top-down approach to achieve the greatest benefit.

This presentation will focus on a practical approach to data privacy, that seeks to understand the business needs for data and align a data privacy protection program to those needs. Effective programs prevent companies from ending up in the news, disclosing a data loss, by enabling its employees to stay vigilant for situations where data may be at risk. Topics to be discussed include:

* The Goals of an Effective Data Privacy Program
* Current Data Privacy Landscape
* Common Privacy Program Pitfalls
* Key Components of a Successful Data Privacy Program
* The Top Down Data Privacy Risk Assessment
* Data Privacy Roles and Responsibilities
* High Level Roadmap and Ideas to Consider for Future Strategy

About the Speaker

Jill Frisby is a Manager in the Risk Consulting Practice with a specialty in the area of Information Security and Data Privacy. She has been the keynote presenter on Information Security for several regulatory agencies, banking associations, and industry roundtables.

Jill has become an industry thought leader in the area of the Data Privacy, developing Crowe Chizek's full suite of services to help ensure initial and continuing protection and compliance. She designed a web-based tool for the facilitation of Information Systems Risk Assessments, and has helped major companies and government organizations remedy significant deficiencies in safeguarding consumer information. Jill's research and methodologies were been published in Bank Accounting and Finance in a whitepaper explaining "A Five-Step Plan for Comprehensive Information Security and Privacy" (June 2004 issue).

In addition, Jill has been featured in 5 major newspapers and on three network evening television broadcasts related to her research in the area of Wireless LAN Security. These media publications were completed in conjunction with a Crowe Chizek research study, the goal of which was, upon investigation, to inform the public of the growing problems with Wireless LAN security and the ways to remedy these issues

Jill currently performs assessments in the areas of:

* Gramm Leach Bliley Act Compliance
* Information Security Policy and Standards Development
* Network Security Assessments
* Internal and External Penetration Assessments
* Information Systems General Controls Reviews

Jill is a Certified Information Systems Auditor, Certified Information Systems Security Professional, Microsoft Certified Systems Administrator with a Specialization in Security, a Project Management Professional and a CompTia Certified Security Professional. She is a graduate of the University of Illinois, where she majored in General Engineering and minored in Technology Management.

Ways to Watch


Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!