18 - 20 December, 2017

Data Privacy: a practical approach

6th ISACA Athens Chapter Conference

ISACA Athens Past Events &



Whether you are the CEO, CIO, CISO, or working in IT, IT Audit or operational functions, you face a number of great challenges driven from the digital transformation. These challenges have now become a top priority and responsibility: protecting data, comply with new regulations, manage IT risk of digital transformation, managing and controlling your company’s exposure to the cloud.

This is only going to become even more challenging with the emergence of artificial intelligence (AI), machine learning and the internet of things (IoT).

On our sixth bi-annual chapter conference and workshop, we are going to address emerging trends in regulation, business models and technology in a practical manner and in some detail.

More information about the agenda, speakers and workshop will be announced shortly.


Conference Topics

  • Data privacy. EU’s looming General Data Protection Regulation (GDPR) will go directly into law for all countries within the EU by May 25, 2018. Let’s get a practical approach to what should be done to comply with the new Regulation
  • Digital transformation. Digital transformation projects require new business models, new skill and potentially re-engineering operating models. They require the right mix of governance and controls to be in place in terms of digital strategy, data privacy requirements and of course digital security.
  • Cloud control. There are a number of risks associated with this significant strategic and organizational change. Data sovereignty is very important. Provider downtime, deleting data off the cloud, getting data back in-house these are also valid concerns too.


Keynote Speakers

  • Yves Le Roux, CISM®, CISSP, ISACA Privacy Guidance Task Force Chair
  • Dr. Marc Vael, Security, Privacy & IT Audit Executive
  • Bruno Horta Soares, CISA®, CGEIT®, CRISC™, PMP®, ISACA Lisbon Chapter,  Executive Senior Advisor IDC Portugal
  • Mina Zoulovits, Digital Transformation and Privacy Law Expert, Member of the Multistakeholder Expert Group of the EE for the monitoring of the implementation of the GDPR

Conference Chairman: Dr. Costas Lambrinoudakis, Professor, Head, Department of Digital Systems, University of Piraeus, Board Member, Hellenic Data Protection Authority 


Data Privacy Workshop

A practical approach for IT implementation and compliance

19-20 December 2017, Hellenic American Union

Explore through best practices driven from ISACA’s guidelines and applied projects throughout Europe, what the IT Security, Audit, IT Assurance and Risk professional should know to comply with the new GDPR EU regulation.

Workshop instructors:  Elena Spiropoulou, Accredited Mediator (Legal Session),  Yves Le Roux, Chair of the ISACA Privace Task Force (Technical Session)



Registrations will open on October 25, 2017

Registration Fees





Students (full time)

& Unemployed

Corporate Registrations

(>2 participants)

18 December 2017
Conference only*





18-20 December 2017
Conference and Workshop





*VAT 24% applies on conference fee only.

  • Registration to workshop track grants free entrance to Conference.
  • Workshops are VAT exempt.
  • Workshops are sponsored by the 0,24 OAED-LAEK subsidy program (for company-registrations only). In order to guarantee a place on the conference and workshop, delegates are kindly requested to register at least 15 working days prior to the event.

Yves Le Roux, Chair of ISACA Privacy Task Force, Board Member of the ISACA French Chapter, Chair of the (ISC)2 EMEA Advisory council.

After his graduation from Paris University in 1970, Yves LE ROUX worked in the Rothschild Group where, among others tasks, he was in charge of the network security and other security related issues. In 1981, he joined the French Ministry of Industry where he was in charge of the Open Systems Standardization programs.
In 1986, he took the position of European Information Security Manager at Digital Equipment. Then, he joined the security research and development team. In 1999, he went to Entrust Technologies, PKI software editor. In 2003, Yves joined Computer Associates Int. as a Technology Strategist. In April 2017, he retires from CA Technologies

He has co-authored three books on security. He is a lecturer at ISEP (Paris Graduate Engineering School) and spoke in many conferences (e.g., EUROCACS/ISRM 2015, SEMAFOR 2015 , (ISC)² EMEA Congress 2015, (ISC)² Benelux, DACH and Dubai SecureSummits 2017).

Dr. Marc Vael, Security, Privacy & IT Audit Executive, ESKO, President of the ISACA Belgium Chapter


Bruno Horta Soares, CISA®, CGEIT®, CRISC™, PMP®, Founder and President ISACA Lisbon Chapter, Executive Senior Advisor IDC Portugal

He has a 5 years degree in Management and Computer Science and more than 15 years of Information Systems professional services experience, particularly in areas related with Governance, Risk, Control, Audit, Information Security & Privacy and Digital Transformation. Started his career at Deloitte Consulting, worked for Information Risk Management area at KPMG and for Enterprise Risk Services area at Deloitte Portugal. In 2012 he found GOVaaS - Governance Advisors as-a-service, where he is currently Senior Advisor, and since then devoted enthusiastically to advising, teaching and training professional and Organizations in Portugal, Angola, Brazil and Mozambique. Currently actively collaborates with an ecosystem of local and international partners, particularly IDC Portugal where since 2015 he is IT Executive Senior Advisor for Digital Transformation, Governance, Strategy and Security.

He’s advisor and visiting professor at different business and engineering universities in Portugal, Angola and Brasil, founding President of the ISACA Lisbon Chapter, member of several professional associations and keynote speaker at various conferences and seminars.

Mina Zoulovits, Digital Transformation and Privacy Law Expert, Member of the Multistakeholder Expert Group of the EE for the monitoring of the implementation of the GDPR.

Mina is an expert with vast experience in consulting on legal issues related to Digital Transformation of private companies, as well as the public sector and deals with complex strategic legal matters for a series of clients from diverse market fields like cosmetics, tobacco, fashion industry, petroleum, transportation, electric equipments, Platforms, Applications, Physical Archiving etc.

She has vast expertise in the area of data protection and privacy law for more than 15 years ranging from compliance assessments, strategic decision making, implementation of procedures, drafting of key legal documents (Notifications to DPAs, privacy notices to data subjects, consent forms, data processing agreements, data transfer agreements, BCRs, standard contractual clauses, Privacy Policies, Employees Privacy Data Policies etc) to incident handling as well as representing clients in hearings before the local DPA.

At the same time, Mina has consulted the local government on e-government related issues that include complicated issues of security, privacy, digital signature and dematerialization of administration documents. She was a member in the law making committees for the implementation of Directives 2011/83/EU and 2013/11/EU as well as in the drafting of the Consumer Code for Distance Sales and the amendment of law 2251/1994 on consumer protection.

She has also participated in many EU funded legal projects that include the assessment of the implementation of diverse  EU Directives, the drafting of road maps for future actions and the proposal for amendments to the Commission. Among other key legal issues, those projects inlcluded analytical work on data protection requirements both from a market and from a governance related perspective. Mina is also a frequent evaluator and reviewer of Horizon 2020 and CEF Telecom Projects as well as member of stakeholders groups of the Commission.

Conference Chairman:

Dr. Costas Lambrinoudakis, Professor, Head, Department of Digital Systems, University of Piraeus, Board Member, Hellenic Data Protection Authority

Dr. Costas Lambrinoudakis holds a B.Sc. (Electrical and Electronic Engineering) from the University of Salford (1985), an M.Sc. (Control Systems) from the University of London (Imperial College -1986), and a Ph.D. (Computer Science) from the University of London (Queen Mary and Westfield College - 1991). Currently he is a Professor at the Department of Digital Systems, University of Piraeus, Greece. From 1998 until 2009 he has held teaching position with the University of the Aegean, Department of Information and Communication Systems Engineering, Greece. 

For the period 2012-2015 he was a member of the board of the Hellenic Authority for Communication Security and Privacy, while from 2016 he serves on the board of the Hellenic Data Protection Authority. Finally from 2015 he is Head of the Department of Digital Systems and Director of the Systems Security Lab.  His current research interests are in the areas of Information and Communication Systems Security and of Privacy Enhancing Technologies. For many years he is working on issues related to the protection of personal data and the compliance of information systems to the National and European Legislation. He is an author of more than 100 scientific publications in refereed international journals, books and conferences, most of them on ICT security and privacy protection issues




CONFERENCE: 18 December 2017

Benaki Museum - 138 Pireos Av. 08.00-18.00

WORKSHOP: 19 & 20 December 2017

Hellenic American Union – 22 Massalias St. 09.00-17.00