GDPR and ISO 27001. Is my ISMS enough?

GDPR and ISO 27001. Is my ISMS enough?

Law and Regulation
The new European General Data Protection Regulation (GDPR) will come into full force in May 2018. Apparently, the implications are global, meaning that any company that processes personal data of natural persons within the EU, no matter where they reside in the world, will fall within the scope of the GDPR. A question being asked by many ISO 27001 certified organizations is, "if we already have ISO 27001, are we covered for the GDPR?". This is a good question, and if you want the short answer, it is probably, "no". For a longer answer, feel free to read on. GDPR vs. ISO 27001 The general response I am seeing from most¬†experts when asked this question is, "no, the GDPR is much bigger and broader than that." They go on to…
Read More