Expert Advice Community

Guest

Security policy

  Quote
Guest
Guest user Created:   Jan 11, 2018 Last commented:   Jan 11, 2018

Security policy

I have a technical question about the documents. In document 7.2 ANNEX 2 1a "Processor must document a security policy ", what document is "security police"? I can not find a document with this name.
0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Jan 11, 2018

Answer:

The requirement you refer to is meant to be complied with the data processor that is processing personal data on your behalf so, any of your processors would need to have at least a security policy in place to protect personal data. Of course a supplier can have a whole security framework in place with a multitude of documents.

As for you own security setup you can find a couple of security related policies in folder 8 of our EU GDPR implementation toolkit https://advisera.com/eugdpracademy/eu-gdpr-documentation-toolkit/ , from which you can choose which is most relevant in terms of your business activities. I can also warmly recommend ISO 27001 as a good example of a security framework.

You can find out more about ISO 2700 1 and the EU GDPR in our article “Does ISO 27001 implementation satisfy EU GDPR requirements?” here : https://advisera.com/27001academy/blog/2016/10/17/does-iso-27001-implementation-satisfy-eu-gdpr-requirements/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 11, 2018

Jan 11, 2018

Suggested Topics

wasima Created:   Jan 22, 2023 EU GDPR
Replies: 1
0 0

Data subject Rights

Guest user Created:   Jan 19, 2023 EU GDPR
Replies: 1
0 0

GDPR in Sweden

Guest user Created:   Oct 03, 2022 EU GDPR
Replies: 1
0 0

Data privacy