April 10, 2018
In the last six months we have fielded a number of enquiries as to how we can assist organisations ensure they have the right level of IT policy content in place to help them demonstrate they are working towards GDPR compliance.
In following up these enquiries it is often apparent that some of the organisations involved have struggled for years to consistently develop and deliver good IT security policies. Therefore the requirement to review existing or create new policies in the move to be GDPR compliant represents a challenge some feel unable to tackle without assistance.
Our IT Policy Management as a Service offering is geared to quickly develop and deploy comprehensive and appropriate organisational IT policies to users, managers and technical people. CLICK HERE to view the service spec sheet.
The service addresses two primary challenges –
Using the ISO27002 set of standards, practices and controls as the foundation of the policies in our system means we have a good starting point with respect to the GDPR. Several sections of ISO27002 are directly related to key data protection, retention and breach response requirements outlined in the new regulation.
To assist organisations more comprehensively address the new regulation we have also incorporated additional policy content (and mappings) to cover personal data and personally identifiable information protection based on the ISO29151 standard. ISO29151 is designed to help organisations establish and implement the right controls to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII).
Taking out an annual subscription to the Policy Management as a Service means any organisation can demonstrate they are following best practice, are working with policies that are compliant with standards and regulations such as ISO, PCI, GDPR and that those policies reflect the use of current technologies such as Cloud Computing and Mobile Devices. All policy content is customised and branded to meet customer requirements.
To view our demonstration video CLICK HERE.
To read about how we assisted Carlisle Council with their IT Policies CLICK HERE.
Contact us to discuss IT Policy Management as a Service.