Skip content
Hacker at Night

Demonstrate compliance with the GDPR.

The General Data Protection Regulation (GDPR) holds organisations accountable for how they use personal data, increasing the individual’s right to privacy and re-establishing consumer's trust.

THE GENERAL DATA PROTECTION REGULATION

+971 4 701 4100

Contact us

Overview

The  GDPR places data protection considerations at the forefront of your organisational processes. It increases transparency over how companies gather, process and use personal data with the aim of safeguarding the data of individuals throughout the EU – regardless of where it is stored.

After coming into force on 25 May 2018, the GDPR does not currently mandate third-party certification. However, there is alignment between the requirements of ISO 27001 and the GDPR in terms of how organisations should manage their information security policies, controls and processes. Achieving certification to ISO/IEC 27001:2013 demonstrates a commitment to meeting the requirements of the GDPR – demonstrating both compliance and accountability.

Benefits of GDPR

Build trust

Compliance with the new regulation ensures organisations follow more transparent, customer-centric operations, establishing consumer trust and confidence. Regulators are not likely to look favourably on organisations that have made no effort to comply with the GDPR. The maximum fine for non-compliance – for example using personal data without consent or failing to protect personal data – is up to 20 million EUR or 4% of global turnover for the previous year – whichever is greater. 

Streamline processes

The GDPR encourages simplified processes that help your employees respect an individual’s right to privacy.

Data protection by design

Promoting data protection from the outset of any project addresses issues early on, guaranteeing regulatory compliance.

Need help with GDPR?

LRQA recognises that every organisation is unique: the impact of the new General Data Protection Regulation will depend upon the complexity of your setup and the maturity of your management systems.

LRQA provides a range of services in the information security and data protection arena, offering both training and assessment to help your organisation adapt.

While GDPR does not mandate certification, LRQA offers a range of training and assessment services that support compliance with the new regulation, including:

  • Data Protection Officer (DPO) Training: Helping DPO’s prepare for the responsibilities of a newly-created role.
  • GDPR Gap Analysis
  • Data Mapping and Classification
  • Data Protection Impact Assessment (DPIA) or DPIA training so you can conduct an in-house assessment
  • GDPR Controls Assessment and Attestation
  • Training, Gap Analysis and Certification for ISO 27001 (Information Security Management), ISO 22301 (Societal Security – Business Continuity Management Systems) and BS 10012 (Personal Information Management System).

Why work with us?

Highly qualified

Our assessors are skilled professionals whose objective view gives you confidence in security measures that align with industry best practice. They work with high-profile clients in the finance, telecoms, software, internet, consultancy, justice and government sectors to deliver comprehensive, consistent and impartial assessments.

Technical expertise

LRQA's technical specialists have sector-specific information security and IT experience. They have been at the forefront of international standards development for decades, alongside ongoing involvement in ISMS assessment, certification and training.

Impartiality

We maintain our impartiality by proactively managing conflicts of interest across all LRQA businesses including those which may exist between consultancy and third-party certification services. Click here to learn more

Want to know more about this service?

Contact us

CASE STUDIES

INSIGHTS

EVENTS