Expert Advice Community

Guest

EU GDPR & ISO 27001 Integrated Documentation Toolkit questions

  Quote
Guest
Guest user Created:   Jul 04, 2022 Last commented:   Jul 04, 2022

EU GDPR & ISO 27001 Integrated Documentation Toolkit questions

1. We have completed the GDPR Assessment (file 1.1) and most of the answers are negative since we have just started working on the GDPR as well. It's mentioned in the file itself that "If you answered, “No,” to some questions, it will indicate where you need to focus your compliance efforts." Does this mean that we have to first work on what is missing from the GDPR hence, turn the "no's" into "yes" and then proceed with the ISO documents (Requirements, ISMS Scope etc.)? Or is there a different process we should follow? 2. Once we finish the first draft(s) of our ISMS scope, we would like you to review it as part of the package services we have purchased together with the documentation. Is there a certain procedure we should follow? Given the fact that the Scope is the baseline for implementing ISO, we believe that it would be wise to ensure that our ISMS scope is reasonable and meets all the necessary features.

Assign topic to the user

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 04, 2022

1.We have completed the GDPR Assessment (file 1.1) and most of the answers are negative since we have just started working on the GDPR as well. It's mentioned in the file itself that "If you answered, “No,” to some questions, it will indicate where you need to focus your compliance efforts."

Does this mean that we have to first work on what is missing from the GDPR hence, turn the "no's" into "yes" and then proceed with the ISO documents (Requirements, ISMS Scope etc.)? Or is there a different process we should follow?

You can work both implementations at the same time, following the order of documents and folders as they are presented in the toolkit. The answers from the questionnaire will help you focus on the documents which cover the missing points from GDPR.

Included in the toolkit you have a List of documents file that shows you which documents cover which requirements from both ISO 27001 and GDPR.

For example, if you identify that GDPR article 28 needs to be treated, you need to consider that when working the Supplier Security Policy

2. Once we finish the first draft(s) of our ISMS scope, we would like you to review it as part of the package services we have purchased together with the documentation. Is there a certain procedure we should follow? Given the fact that the Scope is the baseline for implementing ISO, we believe that it would be wise to ensure that our ISMS scope is reasonable and meets all the necessary features.

For document review, you can simply sent the document through email to our support email: support@advisera.com

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 04, 2022

Jul 04, 2022