by layertec | Jul 10, 2020 | Compliance
In section five of ISO 27701 the Standard outlines the need to extend the protection of privacy with regards PII and information security. So, in simple terms a 27001: 2013 certificate would just relate to information security whereas with 27701 this becomes...
by layertec | Jul 10, 2020 | Compliance
The PIMS (Personal Information Management System) relates to the high-level standard Annex SL headings that form part of new management standards. The core sections such as context of organisation, leadership, planning, support, operations, performance evaluation and...
by layertec | Jul 10, 2020 | Compliance
Control area: 8.4.2 Return, transfer & disposal of PII Occasionally when data controllers end relationships with data processors disputes break out as to the ownership and return of PII. Indeed prior to the GDPR agreements in place were often vague or ambiguous...
by layertec | Jul 10, 2020 | Compliance
Once the organisation has mastered the interpretations of the PIMS specific requirements relating to ISO 27001: 2013 the Standard, attention can then be focussed upon the guidance for enhancements of the PII controls. Normally an entity would select controls from...
by layertec | Jul 9, 2020 | Compliance
There is much academic narrative available on barriers to change within organisations. This blog does not seek to examine all these areas but provide a variety of solutions that may assist with removing barriers to change. An organisation will often have barriers to...
