Good Enough IT Risk Management

EU Data Protection Regulation - How Hard Can It Be?

[fa icon="calendar"] Tuesday, 12 April 2016 / by Lars Neupart

Granted, the wording of the new Data Protection Regulation we have just receivedli_eu_gdpr.jpg
is complex. The new act entails many requirements as to how companies must process and protect personal data, and not least which processes must function within the companies. The Neupart team is experienced in finding practical solutions in simplifying compliance with information security requirements. We would like to present Neupart’s approach employed in the development of this application.

 

Download our 7-step guide to implenting the EU GDPR

 

The EU regulation requirements are incorporated into the SecureAware ISMS application. Using our latest addition you can conduct your first gap analysis of the EU directive.

In the below SecureAware window, the regulations are shown on the left-hand side, while on the right-hand side you will see a series of links to your information security manual. 

If your IT security manual is in SecureAware ISMS, a large part of your manual is already mapped to the new personal data requirements.

If your information security manual is in SecureAware ISMS, a large part of your
manual is already mapped to the new personal data requirements.

 

The reason why you can do the gap analysis so easily is that we have placed the EU regulations into the requirements library in SecureAware along with the other requirements already within.

The EU Data Protection Regulation is located in the SecureAware ISMS requirement library.

The EU Data Protection Regulation is located in the SecureAware ISMS requirement library. 

 

However, there is even more good news. Once you know where the "holes" are in relation to the new regulations, we have made it possible to connect an efficient task management to your gap analysis. The task management allows you automatically to monitor and easily to report on your compliance status.

Efficient task management: Tasks are connected to the particular requirements. A task  can be anything from a simple "execute" task to a recurring process.

Efficient task management: Tasks are connected to the particular requirements. A task
can be anything from a simple "execute" task to a recurring process.

 

You can also use the task management to control ongoing, recurring tasks. Tasks related to your ongoing compliance with the new regulations.

Large companies supervise by means of periodically conducting an internal audit; this is also an area that is supported by the task management function within the application. 

It is easy to verify, inspect and conduct an internal audit.  There is a history of who-what-when on the red-yellow-green progress.

It is easy to verify, inspect and conduct an internal audit. 
There is a history of who-what-when on the red-yellow-green progress.

 

This way, the processes that will run in each company that handles personal data can be facilitated. 

PS! We have an added benefit for those companies having their IT manuals in SecureAware: We have mapped a large part of your manual onto the new personal data requirements in advance.

At the present moment, the most recent revision of the regulation is placed in SecureAware ISMS. Now the final text is complete, SecureAware will soon be updated with that.

 

Learn more

Take part in our webinar and receive a number of shortcuts to how your company can more easily follow the new rules for personal data protection.

Learn more and register

 

Learn about SecureAware ISMS

Emner: Best practice, Information Security Management, ISMS

Good enough IT risk management

The Neupart blog offers advice and knowledge of effective information security management, security strategies, risk management, compliance with information security standards and other requirements, business continuity planning, ISO2700x, EU Data Protection Regulation, PCI DSS, etc.

Popular Posts