Whilst the arrival of GDPR a week later on the 26th May surprisingly did not come with the same level of fanfare, it certainly also got plenty of good media coverage globally and continues to be a talking point for many.
At Protocol Policy Systems we recently completed Version 18 (V18) of the IT Policy System. One of the main objectives for releasing V18 is to assist organisations get their policy foundations in place as they strive to demonstrate compliance to GDPR.
To this end we have aligned the relevant sections of our comprehensive suite of IT Policies with the ISO29151 standard, which in combination with ISO27002 provides a code of practice for the protection of personally identifiable information.
To view a positioning graphic of ISO27k and ISO29k frameworks – Click Here
What is the main focus of ISO29151? – Protecting Personally Identifiable Information
The ISO29151 standard specification includes guidelines based on ISO27002, and adapts these where required, to address the privacy safeguarding requirements that arise from the processing of Personally Identifiable Information (PII).
- Consent and choice.
- Purpose, legitimacy and specification.
- Collection limitation.
- Data minimisation.
- Use, retention and disclosure limitation.
- Accuracy and quality.
- Openness, transparency and notice.
- Individual participation and access.
- Information security.
- Privacy compliance.
If you would like to arrange an online demonstration of the IT Policy System V18 with a view to understanding the extent of the GDPR relevant content then please contact Steve Macmillan.
New Cloud Computing content included in V18
Earlier in the year we aligned our policy content, where appropriate, to the ISO27017 Standard – Adoption of Cloud based technologies.
ISO27017 leverages many of the controls outlined in the ISO27002 standard and introduces some new recommended controls for organisations such as Cloud Service Customers and their suppliers – Cloud Service Providers. The standard provides cloud-specific implementation guidance to address cloud-specific information security threats and risks considerations.
All customers with current maintenance contracts are entitled to receive a free upgrade to version 18. In early June we will send out an advisory that provides some more details as to where the additional content and mapping work has been applied.
The same applies for customers of our new Policy Management as a Service offering. The additional content is provided under the annual subscription fee. Click Here to view the As a Service details.
Welcome aboard Emma
We are pleased to welcome Emma Tickner to the PPS (UK) team as a Business Relationship Manager. Emma will be focussed on talking to our Local Government customers and prospects in the coming weeks and will be able to provide further information on our Policy Management as a Service and Version 18.
Historic Environment Scotland deploy the IT Policy System
Historic Environment Scotland (HES) the lead public body established to investigate, care for, and promote Scotland’s historic environment has recently completed a successful deployment of the IT Policy System. Click Here to read the case study.