Chloe Biscoe Archive
Completing a risk assessment is often the most complex and difficult aspect of an ISO 27001 project. Whatever tool you decide to use in your project, it needs to take into account many elements, such as assets, threats, vulnerabilities and …
An ISO 27001 risk assessment is at the core of your organisation’s information security management system (ISMS). Those new to tackling this complex step may rely on using a manual, inexpensive solution such as spreadsheets, but there are many disadvantages …
As part of your EU General Data Protection Regulation (GDPR) compliance project, your organisation will need to understand what personal data it processes. You will likely choose data mapping as a way to meet these requirements. Key elements of data …
A risk treatment plan (RTP) is one of the mandatory reports that you will need to produce for your ISO 27001 information security management system (ISMS). What is a risk treatment plan? An RTP provides a summary of each of …
Data mapping will be a key part of your compliance project in the run-up to the EU General Data Protection Regulation (GDPR) compliance deadline of May 2018. The Regulation introduces numerous changes – and the change from complying with the …
Regulatory compliance requirements are becoming a significant issue for organisations, particularly in the field of information security. What is IT compliance? IT compliance is used to explain how an organisation manages its IT in order to comply with laws, regulations …
The EU General Data Protection Regulation (GDPR) is a new law that will supersede the Data Protection Directive 1995 (DPD) and all domestic laws based on it, such as the UK Data Protection Act 1998 (DPA). The GDPR aims to …
Understanding what personal information is being collected and processed is a fundamental component of any EU General Data Protection Regulation (GDPR) compliance programme. Without that understanding it will be difficult for any organisation to ensure that their data processing activities …
The EU General Data Protection Regulation (GDPR) is a new law that will harmonise data protection in the EU and will be enforced from 25 May 2018. The Regulation will apply to all organisations that process EU residents’ personal data, …
An ISO 27001 audit can be intimidating, especially if it is the first time that your information security management system (ISMS) has been audited. Producing accurate, concise and updated reports is an important part of your audit. Some reports are …
