Chloe Biscoe Archive
As part of your GDPR (General Data Protection Regulation) compliance project, your organisation must understand what personal data it processes. To help you do this, you must create a data flow map. A data flow map shows how your organisation’s data and information …
Risk assessments are at the heart of ISO 27001, but they often have a reputation for being time-consuming and difficult. But how long should the risk assessment process take? The answer depends on which tool you use. Risk assessment tools …
ISO 27001 is the international standard for an ISMS (information security management system), a best-practice approach to security that helps organisations achieve all of their data privacy compliance objectives. If you are currently weighing up your options for ISO 27001 …
As part of your GDPR (General Data Protection Regulation) compliance project, you must be able to understand what personal data you process. Specifically, Article 30 states that you must “maintain a record of processing activities under responsibility”. To achieve …
An ISO 27001 risk assessment is at the core of your organisation’s information security management system (ISMS). Those new to tackling this complex step may rely on using a manual, inexpensive solution such as spreadsheets, but there are many disadvantages …
As part of your EU General Data Protection Regulation (GDPR) compliance project, your organisation will need to understand what personal data it processes. You will likely choose data mapping as a way to meet these requirements. Key elements of data …
Data mapping will be a key part of your compliance project in the run-up to the EU General Data Protection Regulation (GDPR) compliance deadline of May 2018. The Regulation introduces numerous changes – and the change from complying with the …
Regulatory compliance requirements are becoming a significant issue for organisations, particularly in the field of information security. What is IT compliance? IT compliance is used to explain how an organisation manages its IT in order to comply with laws, regulations …
The EU General Data Protection Regulation (GDPR) is a new law that will supersede the Data Protection Directive 1995 (DPD) and all domestic laws based on it, such as the UK Data Protection Act 1998 (DPA). The GDPR aims to …
Understanding what personal information is being collected and processed is a fundamental component of any EU General Data Protection Regulation (GDPR) compliance programme. Without that understanding it will be difficult for any organisation to ensure that their data processing activities …
