IT Governance, the single-source provider of cyber security and privacy management solutions, has launched a consultancy and training service offering for BS 10012, the British standard for a PIMS (personal information management system). The service has been specifically developed to help organisations demonstrate compliance with data privacy management elements of the EU GDPR (General Data Protection Regulation) and other data protection laws.
is regarded as the best-practice standard for personal data management and provides the specification for implementing a PIMS. The Standard provides a framework to implement security controls, policies and procedures to help manage risks to personal data in line with GDPR requirements.
Alan Calder, founder and executive chairman of IT Governance, said: “Having had more than 15 years of practical experience working on management system standards and implementations, we are pleased to be the first company in the world to achieve accredited certification to BS 10012. This has been made possible by integrating the PIMS into our ISMS (information security management system), demonstrating that we follow a best-practice approach to privacy, cyber security and GDPR compliance.
“Integrating a BS 10012 PIMS with an ISO 27001-compliant ISMS and obtaining certification is of paramount importance to organisations wishing to provide the necessary assurance to their stakeholders, including the board and their clients, about the efficacy of their data privacy practices.”
The ICO (Information Commissioner’s Office) suggests that certification could help organisations demonstrate compliance with the GDPR and “also help demonstrate data protection in a practical way to businesses, individuals and regulators. Your customers can use certification as a means to quickly assess the level of data protection of your particular product or service”.
IT Governance will soon be delivering BS 10012 Lead Implementer and Lead Auditor training courses, designed to help those responsible for implementing a PIMS with its setup and implementation, as well as preparing them for the certification audit.
Professionals looking to understand the key requirements and benefits of implementing a BS 10012-compliant PIMS can get further guidance by downloading IT Governance’s free green paper: BS 10012:2017 – An introduction to implementing a personal information management system (PIMS)
For more information about IT Governance’s BS 10012 consultancy services, please visit the website,
or call +44 (0)333 800 7000