Sara Magdalena Goldberger

• Analyze Transfer Impact Agreements, Binding Corporate Rules and Standard Contractual Clauses ensuring that the transfer mechanism is effectively guaranteeing an adequate level of data protection in the third country and is not undermined by the transfer in practice or local legislation.
• Work within the Cybersecurity function with a focus towards strengthening privacy controls within systems/applications deployed in the organization
• Liaise with business and project stakeholders to elicit, analyse, communicate and validate data privacy requirements as a result of changes to business processes and information systems.
• Collaborate with legal compliance team on DPIA for high risk processing activities
• Ensure privacy by design by liaising and collaborating with stakeholders 
• Analyse privacy gaps in projects/systems & applications and work with the technical project teams to bring them to closure
• Support Legal, Compliance, Information Security and the DPO in performing due diligence and contracting with new 3rd parties.

Global manufacturing company

• Managing Privacy transformation in a global digital transformation programme
• Ensuring global compliance across multiple jurisdictions regarding Data Subject Access, DSR
• Manage the Data Subject Access Request process

Global extraction and mining company 

• Set up and review compliance in relation to remediation of unstructured data, data at rest and data in motion 
• Provide guidance towards GRC risk within the wider GRC community
• Ensured close collaboration and awareness/oversight between DPO, CISO senior management, and respective stakeholders
• Identity and Access Management, IAM
• Ideate and strategize data remediation mechanisms and processes
  • Complete revision of the standard process - resulting in a streamlined process 
  • Established a Privacy Remediation Working Group
• Close collaboration with Global Privacy Office and Information Security team, to adapt to the requirements of a complex business environment with diverse expectations 
• Collaborate with Technical support and Offshore Operations team:
  • Day to day remediation operation review and updates
  • Assist in KPI management and reporting

Evaluated European Wide proposals in the range of EUR 2 - 5 million.

Subject: Digital Security and privacy for citizens and Small and Medium Enterprises and Micro Enterprises.

Global Private Bank

• Supporting a global private bank in Digital Transformation ensuring regulatory compliance. Automating Governance, Regulations, and Compliance (GRC) and privacy controls.
• Business analysis.
• Securing IT operations.
• Regulatory framework analysis: GDPR; CCPA, NIST, ISO27000, NIS Directive. Develop plans and controls for prevention, detection, response, and mitigation.
• Set in place global IT audit processes, and global GRC programme.

Working in the crossroads of regulations, legislations, technology, and change, analyze and understand complex Information Security issues (on technology, organizational, and process-level) and IS mitigating measures for those issues.

• Assess risks, using recognized sources of threat intelligence as well as risk impact assessments
• Assess complex cybersecurity programmes, covering people, physical, process, and technology aspects
  
• Advice on and, where required, manage the transformation and improvement of organizations’ cyber security programmes
  
• Advice on and implement performance management and assurance frameworks for cybersecurity
• Analyze business processes and set in place streamlined, safe and secure, business

Creating and executing change management and deployment strategies for multiple IT initiatives on a global basis.

Contributing to the design and development of change management and communication deliverables, including the case for change, stakeholder analysis, change impact assessment, communication strategy/plan, leadership action plan, training roadmap, etc.

Engaging key stakeholders to develop change management methods, tools, and templates for project teams, leveraging change management best practices and lessons learned

Planning and conduct change management activities along with executing business strategies.

Customizing and create efficient tools and outputs and deliverables to drive awareness, progress, and success of the initiative.

Achievements:

• Change communications around new global service desk & Windows10 migration
  • Video - 11 languages
  • SharePoint site
  • branding
  • emails to all staff - 30 languages
  • training, internal articles
  • management presentations
  • quick start guide

Setting in place a compliance programme of various business units and departments as outlined in the GDPR regulation.

• GDPR Business analysis and Process development 
• GDPR Communications 
• Day — to — Day advice on GDPR related matters
• Risk management 
• Rewrite cookie policy of UO's donor relations
  
• Process re-engineering 
• Stakeholder management 
• Website development 
  • topology
  • content development
• Contract review and update concerning data transfers — national and international
• Review and update Records of Processing Activities for the University of Oxford donor relations
• Responsible for delivery of Marketing Consent Management; Data Retention - Discovery; Cookies
• Responsible for supporting the design/implementation of all amended business processes
• Supported training and testing processes as required
• Responsible for University and Collegiate wide quality control of all donor relations: forms, emails, web pages...

Defined and communicated information management architectures, road-maps, and patterns that support adherence and compliance to GDPR and BCR principles. My intervention helped Heineken shorten its internal sales process from 10 days to 1 hour. It also completely digitialised the process. 

Based on system analysis, I communicated technical standards and guidelines of cross-functional solutions like ERP, MDM, and BI applications. 

Achievements:

• create change road-maps and data architectures
• minimize resistance and speed up adoption
• streamlined and shortened internal sales process, from 10 days to 1 hour.
• produced slim-lined sales and marketing process
• stakeholder & project management
• budgeting
• timing
• train and educate managers
• GDPR project responsible

Responsible for the global launch of employee portal based on SharePoint. Aims to simplify collaboration and productivity. Shell employees will receive a superior work environment. Change from a 10 year IT environment to state-of-the-art technology. Global matrix organization. 

• Global IT Change Communications  - launching a global SharePoint portal
• Change impact analysis
• Solving identified risks either through personal intervention or via technical specialist intervention
• Stakeholder management of a global and diverse large group of stakeholders numbering 10.000 plus
• Creating communications, training and engagement packs
• Setting in place the corporate SharePoint topology
• Business Readiness 
  • Ensuring that IT is ready to deliver
  • Ensuring that all stakeholders are ready for the change
  • Ensuring project delivery

Cyber Rescue Alliance is a business assistance alliance. We help our Members reduce the harm caused by cyber-attacks. We help Members respond to the shock of a successful cyberattack, to:

• Make decisions that reduce damages, rather than exacerbate them

• Select pre-qualified providers, rather than scramble to find specialist responders

• Leverage our pre-agreed contracts, rather than be distressed buyers

• Continue with their core business, rather than be swamped by attack response

• Business development

Achievements:

• Established the Organisation as a Thought leader on Social Media
• Creation and distribution of digital content
• Public and Media Relations - the organization is now considered a thought leader in its area

Global change communications manager on a project to minimise the number of applications within Novartis. The project is also responsible for server virtualisation and minimising the number of server halls around the globe.

Achievements

• Set in place processes for global change communications. The first time this global programme has a process that supports the programme and project managers in their work, it enhances the quality of communications that leave the programmes.
• Developed change management processes
• Identified and set in place sign-off process, timing and decision-makers in the organisation. 
• Trained managers and users in this process and its tools
• Developed a set of questions which helps the programme managers to identify which tool and channels to use for which message and how messages can be curated across channels and tools. 

Responsible for integrated communications plan covering employee engagement and communications, outreach, media relations, etc. Work areas are IT management, Data and Analytics, Executive CIO Communications.

• Developing and coordinating integrated, forward-looking internal/external strategic communications plan, working closely with Marketing & Communications colleagues, agreeing on clear RACIs (roles & responsibilities) for all activities, focusing on business outcomes

• Working directly with Chief Operations & Technology Officer and the GOT Leadership Team to support the delivery of strategic priorities, prioritized business projects/initiatives

• Relationship and stakeholder management and strategic business partnering to identify and prioritize communication needs and requirements within the functions; prioritize and meet  communication needs with limited, shared resources

• Working with Employee Communications to ensure resource support, collaborating closely with and across Centers of Expertise and services experts

• Lead 5 Communications Business Partners

• Sit on the GOT Leadership Team, Corporate Board -2

Responsible for legislative and policy development within IT,  justice and home affairs, and Cybersecurity.

• Draft legislative amendments

• Analyze legislative proposals

• Secured speaking engagements for Member of Parliament

• Secured a recurring column in the international press on "The Digital Citizen"

• Curate column into events in Brussels and Sweden in co-operation with  world's largest PR agency, Edelman

• Interact with policy media commentators and journalists

• Lecturer for Erasmus University College on Corporate Communications and Public Affairs

• Support the VP of International Relations to formulate global integrated communications
• Developed a  global ThinkThank on Smart Cities
• Identify, select and manage strategic partners, agencies, and external resources
• Liaise with internal stakeholders to ensure execution and integration of programmes and strategies

• Support Head of Communications to formulate global change communications
• Select and manage agencies and resources of the communications team to ensure that the most appropriate and efficient measures are available to Philips IT
• Liaise with other communications managers within Philips IT to ensure integrations of programmes and strategies
• Co-ordinate planning and budget
• Co-ordinate content creation for online information

• Develop integrated  PR and communication strategies and measures, campaigns, and tactics to identified organizational objectives
• Identify strategic partners
• Identify, pitch, and lead story development
• Manage day-to-day relationships with industry, press, and opinion leaders
• Work with human resources executives to create and implement effective internal communications
• Review agency performance and negotiate new contracts where necessary
• Manage the organisation’s Intranet and public website

Political Science, Communications, Public Affairs

Master of Science International Corporate Communications