Scope of the IT Security Policy (Doc 8.1)
Assign topic to the user
EU GDPR DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
EU GDPR DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
EU GDPR DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Answer:
Article 32 of the EU GDPR - Security of processing https://advisera.com/eugdpracademy/gdpr/security-of-processing/ requires controllers and processors alike to implement “appropriate” technical and organizational measures to keep the personal data.
The policies you would find in section 8 of the EU GDPR toolkit are examples of organizational measures taken to protect the data. So, in a nutshell the purpose of the IT Security Policy as well as the whole array of policies in section 8 is to provide you with a set of documents which if implemented correctly will ensure that you have taken the appropriate measures to protect personal data.
If you want to find out more about keeping data secure please check out our article “How cybersecurity solutions can help with GDPR compliance” https://advisera.com/eugdpracademy/blog/2017/11/27/how-cybersecurity-solutions-can-help-with-gdpr-compliance/
Comment as guest or Sign in
Mar 28, 2018