Granted, the wording of the new Data Protection Regulation we have just received
is complex. The new act entails many requirements as to how companies must process and protect personal data, and not least which processes must function within the companies. The Neupart team is experienced in finding practical solutions in simplifying compliance with information security requirements. We would like to present Neupart’s approach employed in the development of this application.
The EU regulation requirements are incorporated into the Secure ISMS application. Using our latest addition you can conduct your first gap analysis of the EU directive.
In the below Secure ISMS window, the regulations are shown on the left-hand side, while on the right-hand side you will see a series of links to your information security manual.
If your information security manual is in Secure ISMS, a large part of your
manual is already mapped to the new personal data requirements.
The reason why you can do the gap analysis so easily is that we have placed the EU regulations into the requirements library in Secure ISMS along with the other requirements already within.
The EU Data Protection Regulation is located in the Secure ISMS requirement library.
However, there is even more good news. Once you know where the "holes" are in relation to the new regulations, we have made it possible to connect an efficient task management to your gap analysis. The task management allows you automatically to monitor and easily to report on your compliance status.
Efficient task management: Tasks are connected to the particular requirements. A task
can be anything from a simple "execute" task to a recurring process.
You can also use the task management to control ongoing, recurring tasks. Tasks related to your ongoing compliance with the new regulations.
Large companies supervise by means of periodically conducting an internal audit; this is also an area that is supported by the task management function within the application.
It is easy to verify, inspect and conduct an internal audit.
There is a history of who-what-when on the red-yellow-green progress.
This way, the processes that will run in each company that handles personal data can be facilitated.
PS! We have an added benefit for those companies having their IT manuals in Secure ISMS: We have mapped a large part of your manual onto the new personal data requirements in advance.
At the present moment, the most recent revision of the regulation is placed in Secure ISMS. Now the final text is complete, Secure ISMS will soon be updated with that.