ISO 27001 and GDPR Regulations
ISO 27001 – Information Security and GDPR Data Protection.
The adoption into EU law in early 2018 of the Data Protection Regulation has challenged many businesses to assess their operations and to make provisions to protect the data held in their IT/data retrieval systems. Regulations themselves cannot be used as the basis for system registration in the same way that ISO 9001 et al can be, so Quay now offer registrations to a public domain standard GDP TS1001:2018, which neatly deals with all of the requirements of the GDP Regulations. Registration to this standard will adequately demonstrate a company’s awareness of the requirements and, through assessment, demonstrate due diligence.
Existing international standards such as ISO 27001 continue to be a popular choice with many clients seeking to formalise the basis of their approach to information security.