A key component of ISO 27001 Information Security Management System is compliance with legal and regulatory requirements. It’s hardly surprising that keeping data secure is important and so one of the most common laws you need to comply with is the Data Protection Act 1998.
Failure to comply could cost you up to £500,000 as well as a lot of disruption and extra management time.
In May 2018, the EU General Data Protection Regulation (GDPR) comes into force and fines rocket up to a maximum of €20 million. If you haven’t paid much attention to Data Protection now is the time to make time to ensure that you are compliant.
The Information Commissioner’s Office has a great tool to help you assess your compliance for the Act. It’s a self-assessment tool available for the ICO website. You can complete the questions and then download your individual report as soon as you’ve finished.
The great news is that once you’ve assessed your compliance to The Data Protection Act you’ll know what you need to do. Get those actions in place and that’s a big tick towards your ISO 27001 certification.
GETTING STARTED: ISO 27001 Beginner’s Guide