What It Is

K-PIPA, or Personal Information Protection Act, is South Korea's comprehensive data protection regulation enacted in 2011 with major amendments in 2020, 2023, and 2024. It governs collection, use, storage, transfer, and destruction of personal information, including sensitive data and unique identifiers, applying to all data handlers domestically and extraterritorially to foreign entities targeting Korean residents. Its consent-centric, risk-based approach emphasizes transparency, minimization, and accountability.

Key Components

• Core principles: transparency, purpose limitation, data minimization, explicit consent.
• Obligations: mandatory CPOs, security measures (encryption, access controls), data subject rights (access, erasure, portability within 10 days).
• Breach response: 72-hour notifications; cross-border transfers via consent or certifications.
• Enforcement by PIPC with fines up to 3% revenue. No formal certification but ISMS-P aids compliance.

Why Organizations Use It

Legal mandate avoids hefty fines (e.g., Google's $50M); builds trust in privacy-sensitive market; enables EU adequacy for data flows; mitigates risks from breaches and litigation.

Implementation Overview

Phased approach: gap analysis, CPO appointment, data mapping, PbD integration, training, audits. Applies to all sizes/industries processing Korean data; no certification but PIPC guidelines and audits required.

What It Is

The Project Management Body of Knowledge (PMBOK® Guide), authored by the Project Management Institute (PMI), is a global framework and standard for project management. Its primary purpose is to codify principles, performance domains, processes, and practices for delivering value through projects. The Eighth Edition emphasizes a principles- and domains-based approach with tailoring for predictive, agile, or hybrid methods.

Key Components

• **Six Core PrinciplesHolistic view, value focus, quality, accountable leadership, sustainability, empowered teams.
• **Seven Performance DomainsGovernance, scope, schedule, finance, stakeholders, resources, risk.
• Legacy elements: 5 Process Groups and 10 Knowledge Areas.
• Non-prescriptive processes, tools like Earned Value Management (EVM), and tailoring guidelines; supports PMP® certification.

Why Organizations Use It

• Drives predictability, reduces overruns, aligns projects to strategy.
• Mitigates contractual, audit, reputational risks.
• Enables hybrid agility, competitive differentiation, stakeholder trust.

Implementation Overview

Phased framework: alignment, gap analysis, design, training, pilot, rollout, improvement. Suits all sizes/industries; 12-24 months for enterprises. No mandatory certification but PMI credentials common.