Using ISO 27001 and 27017 to get GDPR compliance
I wanted to know if it's not possible to use ISO 27001 and possibly 27017 to get to GDPR compliance so it's all embedded in a system as opposed to separate controls to cover a regulation
Assign topic to the user
It is possible to use ISO 27001 to cover the requirements of GDPR Article 32 (ISO 27017 is not required unless you have specific requirements demanding controls from this standard). For the remaining requirements of GDPR, you should define additional approaches.
This article will provide you a further explanation about ISO 27001 and GDPR:
- Does ISO 27001 implementation satisfy EU GDPR requirements? https://advisera.com/27001academy/blog/2016/10/17/does-iso-27001-implementation-satisfy-eu-gdpr-requirements/
This material will also help you regarding ISO 27001 and GDPR:
- How to integrate GDPR with ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/how-to-integrate-gdpr-with-iso-27001-free-webinar-on-demand/
Comment as guest or Sign in
May 15, 2020