by layertec | Oct 20, 2020 | Compliance
To create a sound customer vulnerability system the top management of the organisation must take direct ownership from the start. A good place to commence is a culture assessment. If the organisation sets commercial sales targets as a total priority over all other...
by layertec | Oct 20, 2020 | Compliance
One key area within a customer vulnerability programme is to address accessibility. This should be seen in the context of the organisation’s offerings. The products and services offered should be considered against all the needs and expectations of customer...
by layertec | Oct 20, 2020 | Compliance
Customers of organisation are all different. They will have a wide range of abilities and some issues will not be so clearly defined. Circumstances can rapidly change as we have seen during the coronavirus pandemic and over night people that were financially or...
by layertec | Jul 10, 2020 | Compliance
Control area: 7.4 Privacy by design The control area from 27002 examines how an organisation addresses PII privacy through design and the selection of controls to reduce PII loss. Most data controllers and indeed processors of PII would try to limit the amounts of...
by layertec | Jul 10, 2020 | Compliance
Control area: 7.2.7 Joint PII Controller Joint data controller situations are always an interesting debate. In simplistic terms it means that both entities ‘control purpose and means’ of the PII. The control intimates that the joint data controllers should determine...
