Privacy: What's The CIO Got To Do With It?

Cooperation between the CIO and the CPO is a recipe for a successful privacy initiative, says Michelle Dennedy, chief privacy officer at Sun Microsystems. Lack of cooperation is a recipe for... well, you know.

John Soat, Contributor

October 4, 2007

2 Min Read

Cooperation between the CIO and the CPO is a recipe for a successful privacy initiative, says Michelle Dennedy, chief privacy officer at Sun Microsystems. Lack of cooperation is a recipe for... well, you know."A lot of CPOs are struggling with -- what is privacy? How does this work?" says Dennedy, who became Sun's chief privacy officer four years ago. Dennedy divides her work into four quadrants: (1) compliance with the company's privacy policy as it relates to employees; (2) privacy compliance as it relates to customers; (3) compliance as it relates to Sun's products and services; and (4) "Talking with people around the world about privacy issues."

Dennedy's Chief Privacy Office is a four-person operation (including herself), but Sun also has a company-wide Privacy Council made up of about 80 business unit representatives. "Anyone who owns a stake in information [at Sun] owns a stake in the Privacy Council," she says.

Dennedy works most closely with Sun's CIO, Bob Worrell, and the company's chief information security officer, Leslie Lambert. Those three, along with the company's chief compliance officer ("who owns our business conduct rules") and an internal audit executive make up what Dennedy refers to as "an ad hoc governance group," in particular in relation to the application of IT systems within Sun.

Keeping track of those systems, and the information they represent concerning both employees and customers, is the most daunting part of her job. "My challenge is to look at the data going through the pipes," she says.

That's why cooperation between herself and the CISO, and their relationship with the CIO, are critical to making the privacy effort real. "Relationships in this area are just key," she says. "Especially if you have a small team and don't have a key to turn off the machines that are doing the damage, You need to have access to the person who does," Dennedy says.

Dennedy authored a whitepaper on the subject called "The CIO And The CPO -- A Vision For Teamwork And Success," which you can find here.

Read more about:

20072007

About the Author(s)

John Soat

John Soat

Contributor

See more from John Soat
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Bald eagles, eagle in flight.
Cyber Resilience
9 Ways CISOs Can Stay Ahead of Bad Actors9 Ways CISOs Can Stay Ahead of Bad Actors
byLisa Morgan
Jul 24, 2024
9 Slides
Binary code concept pattern and big data structure.Net and source code.Abstract background of technology, science and cloud computer.
Data Management
How Much Data Is Too Much for Organizations to Derive Value?How Much Data Is Too Much for Organizations to Derive Value?
byCarrie Pallardy
Jul 22, 2024
11 Min Read
CrowdStrike Holdings, Inc. logo is displayed on a smartphone screen.
Cyber Resilience
CrowdStrike Aftermath: Lessons Learned for Future RecoveryCrowdStrike Aftermath: Lessons Learned for Future Recovery
byJoao-Pierre S. Ruth
Jul 24, 2024
6 Min Read
Calculator displaying the text "SALARY" on top of $100 bills.
IT Leadership
2024 InformationWeek US IT Salary Report: Profits, Layoffs, and the Continued Rise of AI2024 InformationWeek US IT Salary Report
byInformationWeek Staff
Jun 4, 2024
1 Min Read
Digital Security and Threat of a System
IT Leadership
11 Ways Cybersecurity Threats are Evolving11 Ways Cybersecurity Threats are Evolving
byLisa Morgan
Jun 13, 2024
11 Slides
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports