Considering these definitions: - Compliance officer: professionally responsible to ensure that all requirements (e.g., statutory, legal, contractual, etc.), internal and external, are fulfilled. - Data Protection Officer: professionally responsible for the protection of data. - Chief Information Security Officer: a senior-level executive responsible for an organization's information and data security.
In this scenario, the compliance officer has a broader scope of work. He has to work with ALL internal and external requirements (information security requirements are only part of the business).
The DPO and CISO work more closely but from different points of view. While the DPO focus is to ensure data is protected, the CISO must also balance the need for data protection with business objectives, strategies, and available resources.