GDPR and ISO 27001

The General Data Protection Regulation (GDPR) does not mandate the use of formal certification to international standards, but promotes the use of international standards such as ISO 27001, to demonstrate compliance and accountability.

ISO 27001 therefore becomes a great starting point in terms of how your organisation should manage its information security policies, controls and processes to protect its information assets and comply with the GDPR. 

Achieving certification will provide you with a best practice framework to identify, analyse and implement controls to manage your organisation’s information security risks and safeguard the integrity of its business critical data.

GDPR and ISO 27001 Factsheet

Gaining ISO 27001 certification from Lloyd's Register demonstrates commitment to meeting the GDPR.