HAMILTON, N.J. (PRWEB) May 21, 2020
As the lone international data privacy framework and attestation, is the ISO 27701 privacy extension to ISO 27001 “the answer” to privacy compliance? If your company processes personal information for internal use or on behalf of clients or partners, the most recent episode of “The Virtual CISO Podcast” from Pivot Point Security shares expert guidance to help you reduce privacy compliance complexity and risk.
If your organization doesn’t have data privacy controls in place, you could be looking at significant compliance issues in the near future—whether or not you handle consumers’ sensitive personal data. The EU, California and other US states and 80+ countries and regions worldwide have already passed data privacy legislation, and the trend is only growing. Disclosing what data you collect, knowing how it’s stored and processed, managing data subject access requests, and proving you can protect personal information are fast becoming prerequisites for doing business.
But with regulations proliferating, how can you know what “compliance” even means? How can businesses cost-effectively achieve and prove compliance today? What are the “common ground” controls to create a data privacy foundation? What are the costs and the benefits of a robust privacy posture?
To bring clarity to the often confusing realm of privacy information management, the latest episode of The Virtual CISO Podcast from Pivot Point Security welcomes Debbie Zaller, CPA, CISA, CISSP, PCI-QSA, CCSK, CIPP/US. Debbie is Principal and co-owner at Schellman & Company, a leading IT audit and certification firm that provides ISO 27001, SOC 2 and privacy services among many others. Host John Verry, Pivot Point Security CISO and Managing Partner, is a hands-on expert from “the other side of the aisle”—helping clients implement privacy controls to achieve compliance and security.
Here are some of the questions that Debbie and John cover in this illuminating episode:
- What is ISO 27701, how does it relate to ISO 27001 and what does “ISO 27701 certification” really mean?
- Is my company a data processor, a data controller, or both?
- How would ISO 27701 certification impact our existing ISO 27001 information security management system (ISMS)?
- Does ISO 27701 compliance equal GDPR or CCPA compliance?
- What is ISO 27701 certification likely to cost my organization?
To listen to this episode anytime, along with all the episodes in The Virtual CISO Podcast series, visit this page: https://www.pivotpointsecurity.com/podcasts/the-virtual-ciso-podcast-debbie-zaller-why-iso-27701-is-the-answer-to-privacy-compliance/
About Pivot Point Security
Since 2001, Pivot Point Security has been helping organizations understand and effectively manage their information security risk. We work as a logical extension of your team to simplify the complexities of security and compliance. We’re where to turn—when InfoSec gets challenging.