General Data Protection Regulation (GDPR)

GDPR is not specifically an IT related problem, but concerns data that your company holds. As you are likely to use your computer systems to process data, we understand that the GDPR file may have landed on your desk.

IASME recommend the following route to GDPR compliance:

Cyber Essentials Logo

Cyber Essentials

For your technical systems. Provided by the TSSM add-on.

IASME Gold Certification

For your information and management systems. iTeam can provide consultancy services to advise you on how to achieve this standard.

GDPR Ready

For your personal information systems. This is an add-on to the IASME Gold compliance questionnaire with an extra set of questions.

What is GDPR?

  • In May 2018 GDPR came into force. It can be considered to be an update to the Data Protection Act of 1998 and covers how you safeguard personal data within your organisation.
  • Compliance with GDPR will require updates to your systems technically, your management procedures and documentation and to how you collect and use personal data.
  • Whilst there is no EU-provided badge or certificate to prove you are compliant, the IASME Consortium recommends a path towards compliance that can demonstrate the steps you have taken.
  • Taking steps towards compliance will mitigate potentially huge fines from the Information Commissioners Office (ICO) should you suffer a data breach. ( ie DO NOT DO NOTHING )

What is IASME?

IASME (Information Assurance For Small And Medium Enterprises) is an Information Assurance Standard and is managed by the IASME Consortium which operates a network of certification bodies. iTeam is one of those certification bodies.

IASME was originally an academic-SME partnership, the standard was developed in 2010. The standard covers your organisation systems – ensuring your procedures and policies are in place to effectively and securely manage the information in your organisation. It covers the secure management of all data in your organisation including paper documents as well as those stored digitally.

Certification to the standard requires the completion of a questionnaire that asks about the measures in place to manage the security of your information. The work to gain the IASME Gold standard cannot be done exclusively by a third party as you need to adopt the procedures and policies as part of your management system. However, as certification body ourselves iTeam has been trained to know what each of the questions require for compliance and can advise you accordingly.

Find out more

Contact us to find out more about how we can help you become compliant with GDPR using the Cyber Essentials, IASME Gold and GDPR Ready route.

Contact Us

0117 944 4949

Unsure what all this means? Want to find out more about our services?

Share This