GRC

There is nothing straightforward or simple about responding to a data subject access request (DSAR). Whilst responding to DSARs can be onerous and time-consuming, you cannot take any shortcuts.

The PCI SCC has recently released a new remote assessment guidelines and procedures. Here we address a number of key questions: What are the Main Contents? What Led to it Being Published? And others..

A DPIA delivers a pre-emptive approach to assessing these risks, and by applying corrective actions can help prevent a data breach occurring. We present an outline of steps in conducting a DPIA

Creating a ROPA will involve understanding and capturing processing activities throughout an organisation. In this blog, we will outline a step-by-step procedure on how you can create a ROPA.

In this, the first of two blogs on ROPAs, we are going to address two fundamental questions: Which organisations need a ROPA? Why is it necessary to create and maintain a ROPA?

ISO 27001 is the International Standard for Information Security Management. Effectively, it provides any organisation, irrespective of size or sector, with a framework and an approach to protecting..

A key role of risk management is helping organisations decide how limited resources can be most effectively used to address the most pressing business issues, e.g. threats to information security.

What are the Benefits of Implementing ISO 27001? We dig a bit deeper on the benefits that are gained from implementing the standard and from achieving certification.