GDPR – ISO 27001 Mapping Tool Now Available
As I am sure you’re aware GDPR is now active across Europe. The regulation requires organisations to implement effective measures to ensure the data they hold is are secure from security threats plus processed and used for purposes that are clear to the user.
Why Choose ISO 27001?
ISO 27001 is a framework for information protection. According to GDPR, personal data is critical information that all organisations need to protect. The implementation of ISO 27001 identifies personal data as an information security asset, most of the EU GDPR requirements will be covered. ISO 27001 provides the means to ensure this protection. There are many points where the ISO 27001 standard can help companies achieve compliance with this regulation.
As the leading international standard and certification for information security, ISO 27001 covers 75-80% of GDPR. This makes it the ideal choice of a framework to support GDPR compliance.
The connection between GDPR and ISO 27001 is around personal data. GDPR focuses specifically on the criticality of protecting and appropriately managing personal data. ISO 27001 focuses more broadly on creating an information security management system (ISMS) to prevent data loss or exfiltration and ensure that a firm’s information security posture can be maintained, and incidents identified, logged and reported. This includes guidance on how to handle and protect personal data in a secure, trustworthy manner.
What can you do?
Your first task is to review how exactly ISO 27001 can cover your organisation in relation to GDPR. We have put together you with an ISO 27001/ GDPR Mapping Tool which you can use to understand how the information security standard can help you achieve GDPR Compliance.
Speak to an expert
If you have any questions about ISO 27001 or the GDPR contact our advisors by phone or email and we will explain the entire process from Implementation to Certification.