PDPA for Singapore

PDPA compliance, Singapore (applicable to most ASEAN countries, and Hong Kong)   As stipulated by PDPC Singapore, organizations are required to comply with the entire ...

  As mandated by Personal Data Protection Commission Singapore, organizations are required to comply with PDPA 2012 whether you collect, use, store, forward, share or disclose personal data. Reach out to us and setup the compliant Data Protection and Security framework now. 

PDPA compliance, Singapore (applicable to most ASEAN countries, and Hong Kong)


As stipulated by PDPC Singapore, organizations are required to comply with the entire PDPA 2012 whether you collect, use or disclose personal data about individuals, be it customer. Employees or members, anything close to that, practicing good personal data management hygiene can increase efficiency and effectiveness.


If you or your organization have been tasked to handle data intermediary, you MAY be excepted from some obligation in PDPA, but one can never ignore the necessary due diligence to protect the data in pursuant to any written contract or such.


The above describes and promotes the necessary leadership thought and management practice that need to cascade down their organization to avoid fine/sanction or cost of remediation/recovery, which can be hefty and deemed destructive to company’s name and reputation. Board of director will want everyone to have that mind, to avoid impact on potential business venture, funding or investment.


iTGRC has developed three categories of PDPA compliance program based on ISO standards and requirements. ISO27001 is a driving platform with a premium engine that determines the direction of a management system to fulfil the compliance requirements. It has already fitted well with EU GDPR that came into effect in the month of May 2018. Similar methodology has also proven to apply well in meeting Singapore PDPA 2012 requirements.


There’s no more and no less that such framework helps organization develop the capability, enable flexibility to adapt to the requirement and to adopt the changes seamlessly. It’s being agreed by several international ISO certifying bodies that ISO27001 has the enterprise elements to drive PDPA compliance be it on IT systems, corporate strategy, business plan and processes, or day to day operation.


PDPA Get a Little Help


PDPA Get More Help


PDPA Get A Lot of Help


The above packages (*) are subjected to an initial assessment or high-level gap analysis with your company's leadership/management team. We give this for free with NDA signed. 


Bespoke PDPA – our team recognizes that PDPA compliance is a journey, and everyone has their day job to worry and personal life to handle after 9-5pm. Our Bespoke tailors for organizations who want to jump start with small steps, and determine their stature and appetite, or develop a mid to long term roadmap to achieve PDPA compliance but do not want to shake the boat. Talk to iTGRC executive partner to help gearing you up with the roadmap and short term priority.


* -Excludes standard/guideline and documentation toolkit. Organizations to purchase them separately through iTGRC. 
- A mix of Online/Onsite advisory and consultancy up to max 40 man-hours. Consultancy does not include documentation and Testing. Organizations to purchase additional man-hour at prevailing rate to support additional scope of work outside the 40 man-hours.



iTGRC Asia Pte Ltd

+65 9338 0000


+65 6818 0801


By submitting your information to iTGRC Asia Pte Ltd, you have agreed to our Privacy Statement

Other Promotions

Engage us on an Advanced Security service for your business

Our clients want us to develop and design the most relevant information/cyber security Governance, Strategy, Policies and Plan for their business, and enable them the implementation methodology and technique aligned with business needs, organization assets protection, timely response to security breaches and incidents, Click CISO to ask our CISO or WhatsApp +65 93384818

GDPR Self-Assurance

We map your business and operating processes to information technology (IT) platform and its data flow, apply industrial Code of Practice and Personal Data Protection principles to meet PDPA/GDPR requirements (just a click away). Click to ask our CISO 

Simplify Cyber Security for your business with iTGRC Asia

SME Owners - engage iTGRC Cybersecurity advisors to identify value-proposition before your decision on security technology or solution investment. Leverage on your existing management systems and resources to get the best out of what is already in place. Save on your business spending, control your budget and make a justifiable purchase in protecting your business, information assets and fulfilling the regulatory requirements.  Click to ask our CISO 

Cyber Essentials provides a basic level of cyber security; if you are interested in progressing to a more advanced stage of information security by implementing a holistic information security management system, you can discover more by reading about ISO 27001 and the Cyber Essentials scheme