Guest user Created: May 11, 2017 Last commented: May 11, 2017

Conformity with EU GDPR

For a company the conforming with ISO 27001 requests is enough for to be in law with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (General Data Protection Regulation) ?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal May 11, 2017

Answer: Only ISO 27001 is not enough. EU GDPR focus is on protection of personal information, and ISO 27001 focus is to protect information in general. From the ISO 27000 family, ISO/IEC 27018 should also be consulted (Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors).

This article will provide you further explanation about ISO 27001 and EU GDPR:
- Does ISO 27001 implementation satisfy EU GDPR requirements? https://advisera.com/27001academy/blog/2016/10/17/does-iso-27001-implementation-satisfy-eu-gdpr-requirements/

This material will also help you regarding ISO 27001 and EU GDPR:
- What is EU GDPR and how can ISO 27001 help? https://info.advisera.com/27001academy/free-download/what-is-eu-gdpr-and-how-can-iso-27001-help

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

May 11, 2017

Expert Advice Community