Nov 2025 PDM – How to Set Up and Operationalize a Data Privacy Office for a Bank
November 8 @ 6:00 pm IST - 8:00 pm IST
Program Details
(Please note the change from the usual timing)
Date: Saturday, November 8, 2025
Mode: Physical | Supports ❤️ our Focus Area - Reviving In-person Connections
CPE: 2 Hours
Venue: Hotel Maris, 11, Cathedral Rd, Parthasarathypuram, Gopalapuram, Chennai, Tamil Nadu 600086
Event Start time: 18:00 (6 PM IST) (Please note the change from the usual timing)
Agenda
18:00 - 18:30: High tea, Registration and Networking 18:30 - 18:33: Welcome by ISACA Chennai Chapter Director Programs 18:33 – 18:40: Chapter Updates & Speaker Introduction 18:40 - 19:50: Session on how to set up and operationalize a Data Privacy Office for a Bank by Mr. Solomon Sagayaraj 19:50 - 20:00: Questions and Closure comments
Description and Session Objectives 🎯
- To understand and apply a practical, governance-led approach to setting up and operationalizing a Data Privacy Office in a banking environment — integrating regulatory compliance, business alignment, and continuous assurance.
- Participants will learn a practical, step-by-step approach to operationalizing privacy — starting from a Privacy Gap Assessment and progressing through Identifying Business Processes & Data Sources, Harvesting Personal Data Inventory, RoPA creation, DPIA execution, Vendor Governance, and Continuous Monitoring.
- The session aligns with Generally Accepted Privacy Practices [GAPP], India’s DPDP Act, RBI Circulars, ISO/IEC 29100 Privacy Framework, and ISO/IEC 27701, showing how privacy can be embedded across banking processes such as KYC, Automated Credit Scoring, and Loan Disbursement, etc.
Key Learnings and Takeaways
- Clear model for establishing a Privacy Office aligned with GAPP, DPDP, RBI Circulars & ISO standards.
- Practical understanding of linking Business Processes → Personal and Sensitive Data → Privacy Obligation.
- Gain clarity on implementing RoPA, DPIA, and Data Protection Agreements (DPA).
- Walkthrough the Privacy Operations Lifecycle [Gap Assessment → RoPA → DPIA → DPA → Monitoring → Audit]
- See how to extend privacy controls to Vendors and Cross-Border Data Flows.
- Visualize a 30-60-90-day roadmap to achieve operational privacy maturity
Speaker Profile
Mr. Solomon Sagayaraj John Michael
Solomon is a seasoned Cyber Security Executive with over 30 years of experience in consulting and operations covering Cyber Security Strategy, Data Governance, Data Privacy, Data Protection, Identity Access Management, and Business Resilience. His extensive career has been marked by leadership roles in major banks and financial institutions.
Solomon has held leadership positions in the Information Security Departments for Qatar Islamic Bank, Commercial Bank of Qatar and Accenture Services. Solomon has invested most of his career in the Banking & Financial Services Industry covering organizations – Qatar Islamic Bank, Commercial Bank of Qatar, Bank of New York Mellon and Standard & Chartered Bank, etc.
Solomon holds an MBA and has earned multiple certifications, which include:
- CISA
- CISM
- CGEIT – Rank Holder
- CRISC – Rank Holder
- CDPSE
- ISO/IEC 42001:2023 AIMS Lead Auditor Certification
- AI Governance Professional [AIGP] – Trained [IAPP Authorised Training]
- Securiti OEM Authorised Education: (i) AI Security & Governance Certified (ii) PrivacyOps Academy Certified (iii) Data Security Posture Management Fundamentals Certified
Solomon currently leads the Research Group for ISACA Chennai Chapter and guiding over 30+ certified professionals for a series of research on AI and Privacy.
Solomon was the former SIG lead for the ISACA HQ Award-winning Special Interest Group (SIG) for Data Privacy & Protection from 2024-25 in ISACA Chennai Chapter.
Solomon is a recognized trainer for CISA, CISM, CGEIT and CRISC review courses conducted by the ISACA Chennai Chapter.
Solomon has contributed to professional teaching and knowledge sharing sessions at renowned institutions – University of Madras [Department of Criminology], Bharathidasan Institute of Management [BIM], ISC2 – Chennai Chapter and Loyola Institute of Business Administration [LIBA].
He is professionally associated with IAPP [International Association of Privacy Professionals, USA] and DAMA [Data Management Association, Ontario, Canada]
Registrations will commence at 5 PM on Nov 5, 2025
