The EU General Data Protection Regulation (GDPR) comes into effect next month, and states that organisations must adopt appropriate policies, procedures and processes to protect the personal data they hold.
Noncompliance can result in fines of up to €20 million or 4% of an organisation’s global annual turnover. Fortunately, ISO 27001, the international standard that describes best practice for implementing an information security management system (ISMS), can help you with your compliance project.
ISO 27001 provides an excellent starting point for achieving the technical and operational measures required by the GDPR to help mitigate data breaches.
Implementing a documented, ISO 27001-aligned ISMS can help your organisation achieve GDPR compliance, while providing unquestionable evidence that you have taken reasonable measures to address information security risks, which will be favourably looked upon by regulators.
Download this informative guide to GDPR compliance and its relation to ISO 27001 to discover:
- What a comprehensive data security regime looks like;
- What an ISMS is and how to go about implementing one;
- How achieving ISO 27001 certification can enable you to meet the GDPR’s technical and organisational requirements; and
- Useful guidance on how to effectively prepare for the GDPR.
The GDPR compliance deadline is 25 May 2018, and ignoring or failing to fully comply with the Regulation could be costly. Start your compliance journey here.