Chloe Biscoe Archive
ISO 27001 is the international standard for an ISMS (information security management system), a best-practice approach to security that helps organisations achieve all of their data privacy compliance objectives. If you are currently weighing up your options for ISO 27001 …
As part of your GDPR (General Data Protection Regulation) compliance project, you must be able to understand what personal data you process. Specifically, Article 30 states that you must “maintain a record of processing activities under responsibility”. To achieve …
Completing a risk assessment is often the most complex and difficult aspect of an ISO 27001 project. Whatever tool you decide to use in your project, it needs to take into account many elements, such as assets, threats, vulnerabilities and …
An ISO 27001 risk assessment is at the core of your organisation’s information security management system (ISMS). Those new to tackling this complex step may rely on using a manual, inexpensive solution such as spreadsheets, but there are many disadvantages …
As part of your EU General Data Protection Regulation (GDPR) compliance project, your organisation will need to understand what personal data it processes. You will likely choose data mapping as a way to meet these requirements. Key elements of data …
Data mapping will be a key part of your compliance project in the run-up to the EU General Data Protection Regulation (GDPR) compliance deadline of May 2018. The Regulation introduces numerous changes – and the change from complying with the …
Regulatory compliance requirements are becoming a significant issue for organisations, particularly in the field of information security. What is IT compliance? IT compliance is used to explain how an organisation manages its IT in order to comply with laws, regulations …
The EU General Data Protection Regulation (GDPR) is a new law that will supersede the Data Protection Directive 1995 (DPD) and all domestic laws based on it, such as the UK Data Protection Act 1998 (DPA). The GDPR aims to …
Understanding what personal information is being collected and processed is a fundamental component of any EU General Data Protection Regulation (GDPR) compliance programme. Without that understanding it will be difficult for any organisation to ensure that their data processing activities …
An ISO 27001 audit can be intimidating, especially if it is the first time that your information security management system (ISMS) has been audited. Producing accurate, concise and updated reports is an important part of your audit. Some reports are …