If you want to take your certification to the next level, you can add new international privacy management standards or introduce customised audits.

A customised audit approach puts your organisation under the microscope, giving you granular detail on your most critical risks. This can be achieved through the development of bespoke audit protocols.  

Bespoke audit protocols unlock the value of an audit, creating more insights and deeper risk management for your business. This involves a deep dive into your existing management system. We will develop scored question sets based on your expectations, policies and processes. These services are relevant for any organisation, particularly those processing sensitive data. 

New International standards on privacy management can be applied to ISO/IEC 27001. These include:

- ISO/IEC 27018 "Code of practice for PII in public clouds acting as PII processors'
- ISO/IEC 29100 "Privacy framework"
- ISO/IEC 29134 "Guidelines for privacy impact assessment"

The need for trust and accountability of personal information is growing in the minds of consumers. These standards help you respond to a broader set of regulatory compliance. 

GDPR, the EU's General Data Protection Regulation, became law on the 25th of May 2018.

How can organisations respond? Information from our Lead Auditor, Paul Breslin.

What are the main changes your organisation needs to be aware of?

10 Steps to GDPR Compliance