It has been months after the EU General Data Protection Regulation (GDPR) came into force in May 2018. Most companies have by now, gone past their teething periods of implementation and are cruising into maintenance stages of GDPR compliance. For companies who have only recently entered the EU market or overlooked the implementation deadline, there is still hope to catch up with the rest of the EU community.
Certification schemes serve the purpose of demonstrating the competency of an organization’s management system against best practices. The most well-known certification scheme implemented globally is the ISO 9001 Quality Management System Certification, designed to ensure organizations meet the needs of stakeholders, while fulfilling statutory and regulatory requirements. ISO 27001 is the International Standards Organization certification of Information Security Management Systems, serving the purpose of demonstrating organizations’ commitment to manage and protecting information and assets, including GDPR.
Getting your organization ISO 27001 certified is a systematic journey to ensuring GDPR compliance. First steps include getting familiar with the standard’s requirements and gathering an overview of the information assets in the organization. An increasing number of seasoned organizations seeking certification practise sending necessary personnel for ISO 27001 Internal Auditor training. The role of an Internal Auditor is to help assess the company’s conformity and help prepare for the certification’s external audit. With an Internal Auditor in place, organizations are better equipped to attain certification.
At DNV GL, our advice to clients is to always take the first step of assessing your organization’s readiness for GDPR compliance / ISO 27001 certification. There are 2 options of assessment: Professional Assessment by Lead Auditors or Self-Assessment via checklist. While Professional Assessments offer a more in-depth and accurate report on readiness of regulated GDPR compliance or the undertaking of an internationally recognized standards, Self-Assessments can provide a preliminary review at no cost.
Take your first steps and verify if your organization is GDPR compliant against our FREE GDPR checklist. For enquiries, contact firstname.lastname@example.org or call 6508 3285.Download FREE GDPR Checklist ISO 27001 Certification Quote Request ISO 27001 Training Calendar