GDPR Know-how Set

Ready-to-buy GDPR know-how set – General Data Protection Regulation

ISO 27001 - System Zarządzania Bezpieczeństwem Informacji
Know-how set description

This know-how set defines basic Information Security Management System compliant with General Data Protection Regulation. Its goal is to assure secure processing of personal information. The know-how set includes required policies, procedures, instructions and document templates. It covers also trainings, competency profiles, tools and external sources of information. All the aforementioned content is grouped around Roles required by GDPR. By buying the know-how set an Organization can promptly deploy Information Security Management System and meet the requirements of General Data Protection Regulation. The know-how set also supports personal data security audits.

GDPR know-how set is recommended for small Organizations which want to assure information security and the security of processing personal information.

Disclaimer
The know-how set, in addition to the template content, also contains some empty elements which have to be prepared in the process of defining an Information Security Management System. This is derived from the fact that such content is organization-specific.

GDPR know-how set statistics

Total

75

Roles

6

Information contexts

4

ISMS content

50

Education content

9

GDPR know-how set elements

Organization (16)
Roles (6)
  • Contractor
  • Data Protection Officer
  • Employee
  • Internal Auditor
  • IT System Administrator
  • Top Management
Contexts (4)
  • GDPR
  • IT Administration
  • Quality Management
  • Security
Normative sources (6)
  • 6 regulations and standards, including:
  • ISO 27001
  • General Data Protection Regulation
Know-how (50)
Policies (12)
  • Access Control Policy
  • Access to Network and Network Services Policy
  • Backup Policy
  • Clean Desk and Clean Desktop Policy
  • External Communication Policy
  • Information Classification Policy
  • Information Security Policy
  • Information Security Risk Management Policy
  • Information Transfer Policy
  • Management of Removable Media Policy
  • Password Management Policy
  • Policy on the Use of Cryptographic Controls
Processes (7)
  • Access Control Process
  • Audit Management Process
  • Management Review Process
  • Operations Management Process
  • Personal Information Management Process
  • Risk Management Process
  • Security Incident Handling Process
Procedures (7)
  • Internal Audit Procedure
  • Management Review Procedure
  • Nonconformities and Corrective Actions Management Procedure
  • Procedure for Responding to Security Incidents
  • Procedure for the Management of Risks Related to Information Security
  • Procedure for Working in Secure Areas
  • Procedures for Individual Rights Execution in Data Processing
Instructions (3)
  • Computer User Instructions
  • Instruction for Granting Rights in the Access Control System
  • Instructions for Equipment and Infrastructure Maintenance
Ins/Outs (21)
  • Agreement Regulating Access Rights
  • Audit Plan
  • Audit Programme
  • Audit Report
  • Data Protection Impact Assessment
  • ISMS – Monitoring and Measurements
  • Management Review Report
  • Non-competition and Information Confidentiality Agreement
  • Nonconformity Card
  • Operations Management Plan
  • Opportunity for Improvement
  • Organization Context
  • Purchase Requirements
  • Purchase Specification
  • Record of Categories of Processing Activities
  • Record of Processing Activities
  • Risk Assessment
  • Risk Treatment Plan
  • Security Incident
  • GDPR Statement of Applicability
  • Supplier Agreement
Education (9)
Trainings (2)
  • Training on Information Security Vulnerabilities
  • Training on the Information Security Management System
Guidelines (2)
  • Competence Profile: Data Protection Officer
  • Competence Profile: Top Management
Tools (2)
  • KeePass
  • Access Control System
Knowledge Bits (3)
  • 3 knowledge bits on Security Vulnerability

Ask about the price of this know-how set

Name*

Phone*

Email*

Organization name*

Organization size*

I am interested in*

Your message

Information Note

Pro4People sp. z o.o., based in Wrocław, Poland at Wołowska 18 (postal code 51-116), will be the controller of your entrusted personal data. Your personal data will be processed for the period of 3 years from the moment of the last contact. Your data will be processed under the General Data Protection Regulation (GDPR) and derived Polish national regulations. The base for processing is your consent, thus you can execute all the individual rights derived from GDPR at any moment by contacting us at gdpr@pro4people.com. Pro4People may transfer your personal data only to its Trustworthy Suppliers providing supplementary services to us for the purpose specified in this consent.