iTGRC, Regulatory Compliance Assurance
GDPR , ISO27001, ISO/IEC 9001 Regulatory compliance is an organization's adherence to laws, regulations, guidelines, and specifications relevant to its business. It deals with the concern ...
Is meeting regulations and ever growing compliance requirements proving a challenge? Think of Risk, Compliance and Privacy by Design.
Regulatory compliance is an organization's adherence to laws, regulations, guidelines, and specifications relevant to its business. It deals with the concern that one’s organisation is aware of and taking required and cost effective steps to comply with relevant laws and regulations.
- The appointment of a data protection officer (DPO) will be mandatory for companies processing high volumes of personal data and good practice for others.
- Privacy risk impact assessments will be required for projects where privacy risks are high.
- Products, systems and processes must consider privacy-by-design concepts during development.
- Data controllers must ensure adequate contracts are in place to govern data processors. They must also have a legal basis for processing personal data. Either alone or jointly with others, determines the purposes for which and the manner in which any personal data is, or is to be, processed.
- Data processors can be held directly liable for the security of personal data.
- 72 hours - the time a controller has to report a data breach after becoming aware of a breach, unless the breach presents a low risk to the individual’s rights.
Leave no room for GDPR non-compliance to avoid the Penalties
How do we know whether the Regulation is applicable to my business or organization? Reach out to iTGRC Asia Practitioners Advisory. We will put behind you the international experts to build the readiness and cyber resilience by applying ISO27001 to meet your GDPR Compliance a.k.a Data Protection before May 2018, and create a Central Repository in enablor to implement the framework that connects the dots to the supporting evidence, while you get your ORGANIZATION ISO27001 Certified concurrently.
Services offered by iTGRC Asia, (we adopt ISO27001 Standards)
- Information Security Management (ISM) Audit
- Review of Compliance program for effectiveness
- Internal Control Review
- Control Gap Analysis
- Policy and Procedure Development
- Policy Implementation and evaluation
- Managing Transition to Compliance
- Mitigation or Remediation, or both
Expected deliverable to your organizations
- Information Security Management Audit Report (Findings)
- Information Security Governance and Management Compliance Program assessment Report
- Control Gap Analysis Report
- Recommendation of Mitigation, Response plan or Remediation
- Recommendation of a Compliance Strategy, or Improvement plan based on industry Best Practices or International Supervisory bodies requirements, such as that by Federal Financial institutions examination council (FFIEC)
Start now and achieve ISO9001 certification in a matter of months.
- Free initial assessment enables you to assess where you are (after all, you probably already meet many of the requirements) and identify how you can progress with us to success.
- fixed price consultancy enables you to control all the costs of achieving certification.
- Our implementation approach and methodology is pragmatic, proven and straightforward.
- We will help you increase internal buy-in by leveraging your resources to achieve your certification/conformance goals.
- We focus on transferring knowledge and skills to you and your staff so that you can continue meeting compliance targets after the initial implementation period ends.
- We are a one-stop shop with comprehensive and integrated ISO9001 resources:
More importantly, our strategic partner IT Governance Ltd: your ISO9001 consultancy partner is approved by:
- BSI. Associate Consultant Program
- DNV Consultant gateway
- ISOQAR Associate Network
iTGRC Asia Pte Ltd