Step 1. Talk To Your Board

1. Talk to your Board – GDPR consultant 12 step guide to GDPR compliance

To get the board on board, you will need to clearly communicate:

  • What GDPR means to your organisation

  • Why they should care about it

  • How the organisation will respond to it and how you will manage it

  • What you need from them to make it happen

Be as positive, engaging and solution-focused as you can. Do not look to the board to fix your problems, instead tell them how you are going to tackle issues before they become a problem, and the support you need from them to do so. It is essential that you express this is a business benefit, which will safeguard and strengthen your organisation’s reputation. Avoid legal, technical and theoretical language and remember to focus on what matters most to the board. When talking about the big fines associated with a breach of GDPR, be sure to focus on relevance and efficacy.

Lets break it down …

In this way, you are breaking down the threats associated with non-compliance to enable them to understand how the broad threat is relevant to them, and you are strengthening their belief that the organisation can deal with the GDPR requirements and that they can support this endeavour.

Do not be tempted to whip up some fear, uncertainty and doubt (FUD) to scare the seniors into listening to you. “Fear appeals” (the attempt to motivate people to behave in a certain way by arousing fear) have been used for decades and research shows that unless they are handled very carefully, this can massively backfire.

Appealing to people’s emotions as a way of changing behaviour, can often lead to your audience engaging with their emotions rather than the actual danger you are trying to convey. This can lead to denial (“hackers would not want my data”) or avoidance (“the internet is like the Wild West, so I won’t use it”) in response to your fear appeal. We frequently see this with people who have been subjected to cybersecurity FUD.

Senior executives operate at a strategic level and, if you want their support and engagement, you need to think strategically, too. Senior executives are also human and subject to the same psychological impulses and social norms as the rest of us. It is crucial to remember that how you communicate is as important as what you communicate.

 

STEP 2. RAISE AWARENESS »