Standards and how they support with EU GDPR

Since the introduction of the General European Data Protection Regulation (EU GDPR), organizations have been looking for ways to demonstrate compliance and avoid the potential fines associated.

For over a century we have been helping businesses to drive success through standards. And there are some great best practice frameworks that can help support your organization to address not only EU GDPR, but wider information security and privacy requirements. From ISO/IEC 27001 to the wider ISO/IEC 27000 series, we have a range of standards that can help.

Confidence with privacy

Certification and training to best practice standards shows that you take privacy seriously. With ISO/IEC 27001 at the centre, you can work with us to adopt the relevant frameworks to help you address privacy concerns and support with compliance.

ISO/IEC 27001 Information Security Management

ISO/IEC 27001 is the internationally recognized standard for an information security management system. It gives you a great foundation framework to address information security risks with appropriate measures and controls. It’s an ideal starting point for any organization that needs to manage and respond to information threats and build resilience.

How does ISO/IEC 27001 help with EU GDPR
ISO/IEC 27001 outlines specific requirements and controls that ensure you not only respond to contractual and regulatory requirements, such as EU GDPR, but you put the appropriate controls in place to manage risks to your business information, including personal records. 

By adopting ISO/IEC 27001 as your best practice framework you’ll be in a good position to identify your requirements for the EU GDPR, as well as implement appropriate controls and any additional measures required. 

Find out more >

BS 10012 Personal Information Management

BS 10012 sets out the requirements for a personal information management system. It ensures you identify and mitigate risks to personal information through implementing the appropriate controls. 

How does BS 10012 help with EU GDPR
This standard is written to align with legislation. Originally written against the UK Data Protection Act requirements, BS 10012:2017 has now been revised so that it is more closely aligned to EU GDPR requirements. By using this guidance, along with a robust ISMS, you will be a good position to demonstrate EU GDPR compliance. 

Find out more >

ISO/IEC 27018 Personally Identifiable Information on Public Clouds

ISO/IEC 27018 is an international code of practice to support with managing Personally Identifiable Information (PII) on public clouds. It builds on the general controls described in ISO/IEC 27002 and is appropriate for any organization that processes PII. 

How does ISO/IEC 27018 help with EU GDPR
ISO/IEC 27018 ensures you address security issues related to personally identifiable information stored on the public cloud. By using this framework, along with a robust ISMS, you demonstrate your commitment to protecting personal records and can provide the extra reassurance clients require for cloud computing.

Find out more >