Compliance and Governance

General Data Protection Regulation (GDPR)

Overview

GDPR came into effect on the 25th May 2018, replacing all previous data protection laws in the European Union.

This new law will give individuals greater control over their data by setting out additional and more clearly defined rights for individuals whose personal data is collected and processed by organisations. The GDPR also imposes corresponding and greatly increased obligations on organisations that collect this data.

Organisations and businesses collecting and processing personal data will be required to meet a very high standard in how they collect, use and protect data. Very importantly, organisations must always be fully transparent to individuals about how they are using and safeguarding personal data, including by providing this information in easily accessible, concise, easy to understand and clear language.

For organisations and businesses who breach the law, the Data Protection Commissioner is being given more robust powers to impose very substantial sanctions including the power to impose fines.

ISO 27001 Security Standard

Achieve the standards appropriate to your organisation and reduce your IT Security risks

Information Security risks are growing constantly and organisations must have the appropriate measures and tools in place to manage the security of their networks. The threat landscape is continually evolving and is constraining organisations in the preservation of the confidentiality, integrity and availability of their information assets.
ISO 27001 is globally recognised international standard of best practices published by the International Organization for Standardisation (ISO) for establishing, maintaining, and improving security programs for all organisations.

Through ISO27001 companies ensure that they have incorporated a standard best practice that:

  • Improves overall security posture to reduce the appetite for risk
  • Helps organisations maintain compliance with regulatory requirements
  • Is widely recognised by partners and customers as a best practice security management system, giving organisations competitive advantage
  • Facilitates addressing of risks related to Managed Security operations
  • Ensures that activities, assets and risks related to IT Security and organisations Administration are recorded and audit-able
  • Increases the level of security and awareness of best practices through continuous training