Expert Advice Community

Guest

Complying with ISO 27001 and EU GDPR

  Quote
Guest
Guest user Created:   Feb 03, 2021 Last commented:   Feb 03, 2021

Complying with ISO 27001 and EU GDPR

Can an IT company with 1 employee and working with freelancers/consultants be compliant with iso27001 and gdpr?(Gdpr requires a data privacy officer)

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 03, 2021

Please note that ISO 27001 was designed to be implemented by organizations of any size and industry, so it can be applicable to your organization. Freelancers/consultants can be viewed as outsourced services and treated accordingly.

Regarding GDPR, it depends on the activity of your organization. If your organization processes a high volume of personal data, or monitors behavior, or processes special categories of personal data like health data, political opinion, sex orientation, criminal convictions, so you require a Data Protection Officer (DPO). If your organization does not deal with this data, you do not require a DPO.

The DPO does not need to be an employee of the organization, this role can be outsourced, but you need to ensure that required roles and responsibilities are included in the contract or service agreement.

These articles will provide you a further explanation about ISO 27001 and DPO:

These materials will also help you regarding ISO 27001 and DPO:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 03, 2021

Feb 03, 2021

Suggested Topics