EU businesses urged to implement ISO27001 to prepare for the GDPR

3/02/2015

IT Governance, the global provider of cyber security expertise, urges businesses across Europe to use ISO27001 as a framework for implementing best-practice cyber security measures in preparation for the upcoming NIS Directive and GDPR.

This advice comes after a new report by FireEye found that 80% of polled organisations in France, Germany and the UK have not put all the appropriate measures in place to meet the requirements of the forthcoming cyber security legislation.

Alan Calder, founder and executive chairman of IT Governance, explains: “The information security standard, ISO27001, provides a best-practice approach to addressing an organisation’s information security and data protection obligations. Its comprehensive approach can centralise and simplify disjointed compliance efforts, making it easier for organisations to comply with the GDPR and NIS Directive.”

The EU Networking and Information Security (NIS) Directive and the General Data Protection Regulation (GDPR) are both expected to be finalised this year and enforced from 2017.

ISO27001 is increasing in popularity throughout Europe, with 7,950 organisations certificated to the standard in 2013, up 24% on 2012.

IT Governance has helped hundreds of organisations around the world to implement ISO27001 and comply with their data protection obligations.

IT Governance’s fixed-price ISO27001 Packaged Solutions provide implementation resources and online access to expert consultancy support, helping organisations throughout Europe to implement an information security management system (ISMS) compliant with the Standard at a speed and for a budget suitable to their needs.

top