Most organisations process some sort of personal information and many class it as an organisational asset. With such reliance on personal information, organisations need to protect their reputation and implement the appropriate controls to safeguard their data.
BS 10012:2017 is the management system standard for managing personal information. Revised to address the requirements of the GDPR, BS 10012 can help organisations comply with the Regulation by 25 May 2018 deadline.
With many organisations processing personal information of some sort, BS 10012 can help implement policies, procedures and controls to manage an individual’s personal data effectively. It can help you address how your organisation manages and executes employee security awareness training and risk assessments, plus your data retention and disposal processes.
Benefits of BS 10012
- Compliance – BS 10012 certification displays a commitment that your organisation is meeting the requirements of the GDPR, demonstrating both compliance and accountability.
- Security risks – BS 10012 can help you identify and mitigate your information security risks for the personal data you process.
- Stakeholder confidence – Certification to BS 10012 provides your customers, trading partners and other key stakeholders, with confidence that you have addressed all security risks relating to their personal information.
- Reputation – BS 10012 safeguards your organisation’s reputation from damaging publicity relating to data security violations and potential prosecution.
- Capability statement – BS 10012 presents a public and independent statement of your organisation’s capability to protect individuals’ personal data, which may help when responding to tenders.