Implementation of Information Security Management System

Has the Information Security Policy and regulations regarding the processing and protection of personal data been implemented?

Yes.

Implemented and confirmed with ISO 27001 and ISO 27018 certification. ISMS-01 Information Security Process Book DP-01 Personal Data Security Policy

Has the instruction for managing IT systems used for processing personal data or other internal regulations regarding IT infrastructure management been implemented?

Yes.

Implemented and documented procedure DO-02: Instruction for managing IT systems.

Has the implemented Information Security Policy and regulations regarding personal data protection been accepted by the management team?

Yes.

Do we ensure the capability to continuously maintain the confidentiality, integrity, availability, and resilience of processing systems and services?

Yes.

Are the Information Security Policy and regulations regarding personal data protection published and accessible to staff (employees/contractors)?

Yes.

Does the data processor implement the principle of data protection by design?

Yes.

We operate in accordance with the principles of Privacy by Design and Privacy by Default.

Does the data processor implement the principle of data protection by default?

Yes.

We operate in accordance with the principles of Privacy by Design and Privacy by Default.

PreviousEntrustment and Further Entrustment of Personal Data Processing NextRisk Assessment

Last updated 2 months ago