Alexandra Tsvetkova is a Guest Speaker at the IX Professional Meeting of Internal Auditors 'Internal Audit Gapped between Ethics and Regulation', Sofia

IIA Bulgaria is the exclusive representative of the International Institute of Internal Auditors (The IIA Inc.) in the Republic of Bulgaria. IIA Bulgaria is established in June 2003 and up to now it has more than 500 members – professionals in the fields of internal audit, financial control and risk management.

One of the main goals of the organization is to encourage and support the development of internal audit and control in Bulgaria, including by organizing events on up-to-date professional issues and specific topics. One of these events is the Professional Meeting of Internal Auditors and its ninth edition was held on 21-22.06.2018 in Sofia. Over 150 internal auditors and other stakeholders took part in it.

Alexandra Tsvetkova, Director of LIBRe Foundation, was invited to present on 'The Lifecycle of Data in the Mirror of Transparency: Where the Boundaries for GDPR Compliance Lay?' (45 min). Transparency throughout the data processing cycle is an indispensable part of the application of data processing principles and is an obligation under the General Data Protection Regulation of paramount importance. The session examined the feasibility of transparency as an overarching obligation under the GDPR with respect to: (1) provision of information to data subjects related to fair processing; (2) how data controllers communicate with data subjects in relation to their rights under the GDPR; and (3) how data controllers facilitate the exercise by data subjects of their rights. Through numerous examples and case studies, Ms. Tsvetkova presented each of the elements of transparency and how they should be seen as an integral part of the internal audit of organizations for compliance with the Regulation. The session was supplemented with the specific requirements for development of systems of connected and portable devices and the interlink between the transparency requirement and privacy-by-design principle.

Applied Research