Submit Search
Upload
Tech Connect Live 30th May 2018 ,GDPR Summit Sharon o' reilly
•
1 like
•
76 views
E
Events2018
Follow
How ISO 27001 can assist with your GDPR compliance
Read less
Read more
Business
Report
Share
Report
Share
1 of 20
Download now
Download to read offline
Recommended
NQA ISO 27701:2019 - PIM
NQA ISO 27701:2019 - PIM
NA Putra
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
NA Putra
NQA ISO 27001 A Guide to Annex A
NQA ISO 27001 A Guide to Annex A
NA Putra
Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice?
Patten John
GDPR and ISO 27001 - how to be compliant
GDPR and ISO 27001 - how to be compliant
Ilesh Dattani
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
NQA
GDPR vs ISO27001 en
GDPR vs ISO27001 en
Walter Vannini
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
PECB
Recommended
NQA ISO 27701:2019 - PIM
NQA ISO 27701:2019 - PIM
NA Putra
NQA - ISO 27001 Implementation Guide
NQA - ISO 27001 Implementation Guide
NA Putra
NQA ISO 27001 A Guide to Annex A
NQA ISO 27001 A Guide to Annex A
NA Putra
Why ISO-27001 is a better choice?
Why ISO-27001 is a better choice?
Patten John
GDPR and ISO 27001 - how to be compliant
GDPR and ISO 27001 - how to be compliant
Ilesh Dattani
NQA Your Complete Guide to ISO 27001
NQA Your Complete Guide to ISO 27001
NQA
GDPR vs ISO27001 en
GDPR vs ISO27001 en
Walter Vannini
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
ISO 27001 control A17 (Continuity on Information Security), and ISO 22301: co...
PECB
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
A-lign
NQA ISO 27701 Implementation Guide
NQA ISO 27701 Implementation Guide
NQA
27001 2015(+a1)
27001 2015(+a1)
Carlos Ayil
NQA Your Risk Assurance Partner
NQA Your Risk Assurance Partner
NQA
we45 ISO-27001 Case Study
we45 ISO-27001 Case Study
we45
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
NQA
27001 awareness Training
27001 awareness Training
Dr Madhu Aman Sharma
It security iso 27001
It security iso 27001
Iris Maaß
Why ISO27001 For My Organisation
Why ISO27001 For My Organisation
Vigilant Software
Iso 27001 certification body in singapore
Iso 27001 certification body in singapore
iassingapore
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
himalya sharma
Iso 27001 10_apr_2006
Iso 27001 10_apr_2006
Khawar Nehal khawar.nehal@atrc.net.pk
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRC
PECB
ISO 27001:2013 - A transition guide
ISO 27001:2013 - A transition guide
Verde Ventures Pvt. Ltd.
Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001
qualitysummit
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementation
himalya sharma
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
himalya sharma
Guide on ISO 27001 Controls
Guide on ISO 27001 Controls
VISTA InfoSec
What is iso 27001 isms
What is iso 27001 isms
Craig Willetts ISO Expert
2019 14th Iberian Conference on Information Systems and Tech.docx
2019 14th Iberian Conference on Information Systems and Tech.docx
jesusamckone
2019 14th Iberian Conference on Information Systems and Tech.docx
2019 14th Iberian Conference on Information Systems and Tech.docx
RAJU852744
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
PECB
More Related Content
What's hot
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
A-lign
NQA ISO 27701 Implementation Guide
NQA ISO 27701 Implementation Guide
NQA
27001 2015(+a1)
27001 2015(+a1)
Carlos Ayil
NQA Your Risk Assurance Partner
NQA Your Risk Assurance Partner
NQA
we45 ISO-27001 Case Study
we45 ISO-27001 Case Study
we45
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
NQA
27001 awareness Training
27001 awareness Training
Dr Madhu Aman Sharma
It security iso 27001
It security iso 27001
Iris Maaß
Why ISO27001 For My Organisation
Why ISO27001 For My Organisation
Vigilant Software
Iso 27001 certification body in singapore
Iso 27001 certification body in singapore
iassingapore
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
himalya sharma
Iso 27001 10_apr_2006
Iso 27001 10_apr_2006
Khawar Nehal khawar.nehal@atrc.net.pk
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRC
PECB
ISO 27001:2013 - A transition guide
ISO 27001:2013 - A transition guide
Verde Ventures Pvt. Ltd.
Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001
qualitysummit
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementation
himalya sharma
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
himalya sharma
Guide on ISO 27001 Controls
Guide on ISO 27001 Controls
VISTA InfoSec
What is iso 27001 isms
What is iso 27001 isms
Craig Willetts ISO Expert
What's hot
(19)
ISO 27001 Certification: An All-Access Pass
ISO 27001 Certification: An All-Access Pass
NQA ISO 27701 Implementation Guide
NQA ISO 27701 Implementation Guide
27001 2015(+a1)
27001 2015(+a1)
NQA Your Risk Assurance Partner
NQA Your Risk Assurance Partner
we45 ISO-27001 Case Study
we45 ISO-27001 Case Study
NQA ISO 27001 Implementation Guide
NQA ISO 27001 Implementation Guide
27001 awareness Training
27001 awareness Training
It security iso 27001
It security iso 27001
Why ISO27001 For My Organisation
Why ISO27001 For My Organisation
Iso 27001 certification body in singapore
Iso 27001 certification body in singapore
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
ISO 27001 Training | ISO 27001 Internal Auditor Training | ISMS Internal Audi...
Iso 27001 10_apr_2006
Iso 27001 10_apr_2006
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRC
ISO 27001:2013 - A transition guide
ISO 27001:2013 - A transition guide
Mr. ahmed obaid the ceo guide to implement iso 27001
Mr. ahmed obaid the ceo guide to implement iso 27001
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Training | ISO 27001 Implementation
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
ISO 27001 Checklist - ISMS Scope - Clause 4.3 - 38 checklist Questions
Guide on ISO 27001 Controls
Guide on ISO 27001 Controls
What is iso 27001 isms
What is iso 27001 isms
Similar to Tech Connect Live 30th May 2018 ,GDPR Summit Sharon o' reilly
2019 14th Iberian Conference on Information Systems and Tech.docx
2019 14th Iberian Conference on Information Systems and Tech.docx
jesusamckone
2019 14th Iberian Conference on Information Systems and Tech.docx
2019 14th Iberian Conference on Information Systems and Tech.docx
RAJU852744
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
PECB
Data Protection and Data Privacy
Data Protection and Data Privacy
IT Governance Ltd
Security, GDRP, and IT outsourcing: How to get it right
Security, GDRP, and IT outsourcing: How to get it right
N-iX
CV jagroop jagpal
CV jagroop jagpal
JagroopSinghJagpal
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018
Goutama Bachtiar
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
PECB
Cyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdf
toncik
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Compliance
accenture
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
ekyklos Κύκλος Ιδεών για τη Εθνική Ανασυγκρότηση
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
Ahmed Riad .
Solution Brief: Helping prepare for risk & compliance challenges for GDPR
Solution Brief: Helping prepare for risk & compliance challenges for GDPR
Iceberg Networks Corporation
Cv jagroop jagpal
Cv jagroop jagpal
JagroopSinghJagpal
GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementation
FERMA
Cobit 5 for information security
Cobit 5 for information security
Elkanouni Mohamed
ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças
Fernando Palma
Satori GDPR Overview 2018
Satori GDPR Overview 2018
Dean Evans
GDPR compliance and information security: Reducing data breach risks
GDPR compliance and information security: Reducing data breach risks
IT Governance Ltd
Any Standard is Better Than None: GDPR and the ISO Standards
Any Standard is Better Than None: GDPR and the ISO Standards
PECB
Similar to Tech Connect Live 30th May 2018 ,GDPR Summit Sharon o' reilly
(20)
2019 14th Iberian Conference on Information Systems and Tech.docx
2019 14th Iberian Conference on Information Systems and Tech.docx
2019 14th Iberian Conference on Information Systems and Tech.docx
2019 14th Iberian Conference on Information Systems and Tech.docx
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
ISO/IEC 27001 and ISO/IEC 27032:2023 - Safeguarding Your Digital Transformation
Data Protection and Data Privacy
Data Protection and Data Privacy
Security, GDRP, and IT outsourcing: How to get it right
Security, GDRP, and IT outsourcing: How to get it right
CV jagroop jagpal
CV jagroop jagpal
Information Security Management System with ISO/IEC 27000:2018
Information Security Management System with ISO/IEC 27000:2018
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Aligning ISO/IEC 27032:2023 and ISO/IEC 27701: Strengthening Cybersecurity Re...
Cyber resolution ban-ana comparing to ana-nas.pdf
Cyber resolution ban-ana comparing to ana-nas.pdf
General Data Protection Regulation (GDPR) Compliance
General Data Protection Regulation (GDPR) Compliance
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
14.3.2018, Παρουσίαση Κώστα Γκρίτση στην εκδήλωση «Προστασία Προσωπικών Δεδομ...
ISO/IEC 27001:2013 An Overview
ISO/IEC 27001:2013 An Overview
Solution Brief: Helping prepare for risk & compliance challenges for GDPR
Solution Brief: Helping prepare for risk & compliance challenges for GDPR
Cv jagroop jagpal
Cv jagroop jagpal
GDPR & corporate Governance, Evaluation after 2 years implementation
GDPR & corporate Governance, Evaluation after 2 years implementation
Cobit 5 for information security
Cobit 5 for information security
ISO 27002 2013 Atualizações / mudanças
ISO 27002 2013 Atualizações / mudanças
Satori GDPR Overview 2018
Satori GDPR Overview 2018
GDPR compliance and information security: Reducing data breach risks
GDPR compliance and information security: Reducing data breach risks
Any Standard is Better Than None: GDPR and the ISO Standards
Any Standard is Better Than None: GDPR and the ISO Standards
Recently uploaded
Phases of Negotiation .pptx
Phases of Negotiation .pptx
nandhinijagan9867
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Falcon Invoice Discounting
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
dlhescort
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon investment
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
lizamodels9
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
amitlee9823
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
amitlee9823
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Sheetaleventcompany
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
rajveerescorts2022
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
dlhescort
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Seo
Whitefield CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
Whitefield CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
kapoorjyoti4444
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
amitlee9823
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Damini Dixit
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
rwgiffor
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
dlhescort
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Sheetaleventcompany
Recently uploaded
(20)
Phases of Negotiation .pptx
Phases of Negotiation .pptx
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Unveiling Falcon Invoice Discounting: Leading the Way as India's Premier Bill...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Call Girls In Nangloi Rly Metro ꧂…….95996 … 13876 Enjoy ꧂Escort
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Cheap Rate Call Girls In Noida Sector 62 Metro 959961乂3876
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Whitefield CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
Whitefield CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls In Noida 959961⊹3876 Independent Escort Service Noida
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Tech Connect Live 30th May 2018 ,GDPR Summit Sharon o' reilly
1.
How ISO 27001
can assist with your GDPR compliance GDPR Summit May 30th 2018 Sharon O’ Reilly IT Governance Ltd www.itgovernance.co.uk
2.
Introduction: Speaker Background –
GRC/GDPR Consultant Ireland – IT Governance – Certified Data Protection Practitioner and Practitioner Course Trainer – Certified Trainer: Data Protection, Information Security, Management Systems – Certified ISO 27001 Lead Auditor and Lead Implementer – 16Years experience as a consultant to Irish Industry – Specialising in ISO 27001, Data Protection ,PCI DSS consultancy – Have consulted to organisations across multiple sectors – Experienced auditor and compliance systems implementer and contract manager – Engaged by clients to audit key suppliers and act as lead for external certification and client audits – BSc and MSc Analytical Science – 10 Years experience in the pharmaceutical regulatory and compliance areas 2 © IT Governance Ltd 2018
3.
Overview Overview The GDPR is
with us as of Friday 25th May but it is widely acknowledged that there is much still to be done to achieve compliance. The purpose of this presentation is to explain clearly and simply how ISO 27001 can help you in your quest to achieve and maintain GDPR compliance. 3 © IT Governance Ltd 2018
4.
Overview GDPR: EU General
Data Protection Regulation. This Regulation needs to be considered alongside the new Irish Data Protection Act which was signed into law on Thursday 24th May 2018. ISO 27001:2013: Information Security Management Systems Standard (current version issued in 2013) and is the international gold standard in the information security management sphere. 4 © IT Governance Ltd 2018
5.
Overview But what has
ISO 27001 got to do with GDPR compliance???? Quite a lot actually…….. 5 © IT Governance Ltd 2018
6.
GOOD NEWS!! Many organisations
have been struggling with their GDPR compliance programmes……why is there no standard we can use??? There is…..ISO 27001 is all about creating robust and practical information security management systems and creating a culture of security. While this does not cover all aspects of GDPR compliance it does cover many key areas. 6 © IT Governance Ltd 2018
7.
Overview GDPR compliance is
a legal necessity. Information Security Management is a business essential. Put them together and you have a very valuable framework which will allow you to manage GDPR compliance going forward and maintain best practise in information security. 7 © IT Governance Ltd 2018
8.
Overview 8 © IT Governance
Ltd 2018 GDPR ISO 27001Robust and sustainable data governance framework
9.
ISO 27001 and
GDPR 9 KEY REQUIREMENTS GDPR ISO 27001 Risk-based approach Systematic approach to information security Data Processing Principles 4 - 6 Accountability Security of Processing Continual Improvement √ √ √ √ √ √ √ √ √ √ √ √© IT Governance Ltd 2018
10.
RISK-BASED APPROACH The GDPR
requires organisations to adopt appropriate policies, procedures and processes to protect the personal data they hold. This involves taking a risk-based approach to data protection and building a workplace culture of data privacy and security. 10 © IT Governance Ltd 2018
11.
SYSTEMATIC APPROACH TO INFORMATION
SECURITY ISO 27001 provides exactly that – a systematic approach to information security management with mandatory systems or processes which “manage/control the controls”. It is a management systems standard. 11 © IT Governance Ltd 2018
12.
GDPR PRINCIPLES OF
PROCESSING 12 • Processed lawfully, fairly and in a transparent manner 1 • Collected for specified, explicit and legitimate purposes 2 • Adequate, relevant and limited to what is necessary 3 • Accurate and, where necessary, kept up to date (ISO 27001) 4 • Retained only for as long as necessary (ISO 27001) 5 • Processed in an appropriate manner to maintain security (ISO 27001) 6 Accountability © IT Governance Ltd 2018
13.
ACCOUNTABILITY The (GDPR) introduces
a new principle- that of accountability. The GDPR requires that your organisation can demonstrate compliance with all the principles. So, your organisation needs to build such a culture and to be able to demonstrate accountability 13 © IT Governance Ltd 2018
14.
ACCOUNTABILITY An ISMS (Information
Security Management System) produces records to demonstrate that it is working correctly = Accountability 14 © IT Governance Ltd 2018
15.
SECURITY OF PROCESSING Article
32 of the GDPR says that technical and organisational measures must be taken to “ensure a level of security appropriate to the risk”. ISO 27001 mandates risk management to identify such measures and Annex A identifies specific control measures. 15 © IT Governance Ltd 2018
16.
CONTINUAL IMPROVEMENT The GDPR
refers to “regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing” (Article 32). 16 © IT Governance Ltd 2018
17.
CONTINUAL IMPROVEMENT An ISO
27001-aligned ISMS provides measures to “continually improve the suitability, adequacy and effectiveness of the ISMS. Applying this approach to continual improvement also supports compliance with the GDPR. 17 © IT Governance Ltd 2018
18.
More good news…..added
extras Using ISO 27001 as a framework for managing GDPR compliance not only makes GDPR compliance simpler both at the implementation phase and on a continuous and sustainable basis but also gives us many more extra benefits……. 18 © IT Governance Ltd 2018
19.
More good news…..added
extras - Protection of all information – not just personal data - Assurance to the outside world – “we take security seriously” - Reduced reputational risks – “bad headline avoidance” 19 © IT Governance Ltd 2018
20.
Conclusion Thank You 20 © IT
Governance Ltd 2018
Download now