Required by the GDPR for organizations that process personal data at scale - Responsible for ensuring organizational compliance with data protection law - Requires knowledge of data protection regulation, risk assessment, and organizational management - Growing demand: every major company operating