Expert Advice Community

Guest

A path between the ISO 27001 certification and the GDPR toolkit

  Quote
Guest
Guest user Created:   Oct 31, 2017 Last commented:   Oct 31, 2017

A path between the ISO 27001 certification and the GDPR toolkit

I previously purchased the ISO 27001 toolkit and am working with a client with implementation. Is there a path between the work we have and will do for ISO 27001 certification and the GDPR toolkit?
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Dejan Kosutic Oct 31, 2017

Answer: In the Article 32, EU GDPR requires the implementation of security controls, so in our EU GDPR Toolkit we have included 11 documents from ISO 27001 that will cover this requirement - here they are:
- IT Security Policy (in the ISO 27001 toolkit this one is called the Acceptable Use Policy)
- Access Control Policy
- Security Procedures for IT Department (in the ISO 27001 toolkit this one is called the Operating Procedures for Information and Communication Technology)
- Bring Your Own Device (BYOD) Policy
- Mobile Device and Teleworking Policy
- Clear Desk and Clear Screen Policy
- Information Classification Policy
- Policy on the Use of Encryption Article 32
- Disaster Recovery Plan Article 32
- Internal Audit Procedure Article 32
- ISO 27001 Internal Audit Checklist

The point is, the implementation of these security controls is ca 50% of the whole GDPR implementation, while the rest of the effort should be focused on privacy and legal issues.

These links will help you:
- Diagram of the EU GDPR implementation process https://advisera.com/eugdpracademy/free-downloads/
- EU GDPR Documentation Toolkit - you'll find a list of all documents on that page: https://advisera.com/eugdpracademy/eu-gdpr-documentation-toolkit/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 31, 2017

Oct 31, 2017

Suggested Topics

Dana Created:   Jan 22, 2023 EU GDPR
Replies: 1
0 0

Controller and Processor

wasima Created:   Jan 22, 2023 EU GDPR
Replies: 1
0 0

Data subject Rights

Guest user Created:   Jan 19, 2023 EU GDPR
Replies: 1
0 0

GDPR in Sweden