Our client for this engagement is an innovative, data driven business which markets a range of SaaS products involving consumer personal information.


The International Association of Privacy Professionals (IAPP) estimates that some 70,000 data protection officers (or Chief Privacy Officers as they’re called in Australia) will be needed within the next few years globally, to meet changing regulatory expectations.   The reality is that talent in this field is scarce, and not every business has the commercial appetite to bring this role in-house.

Our role 

Through our CPO as a Service offering we placed an experienced privacy leader in this company on a monthly retainer.   The client was able to use this resource to establish some of the policies and procedures it needed and could also call on their outsourced CPO to fight fires as needed.  This allowed our client access to the skills that they were unable to find or afford, to uplift their privacy framework and navigate privacy risks.

The specifics

The CPO carried out the following activities:

  • Educated operational and leadership personnel on privacy risk and controls
  • Helped the company to articulate a two-year road map to uplift its privacy capability
  • Drafted policies and procedures
  • Managed privacy issues as they arose