The International Organization for Standardization ("ISO") has released the world's first international standard to help organizations manage privacy information and meet regulatory requirements.
The ISO 27701 certification for Privacy Information Management Systems ("PIMS") provides its requirements regarding privacy, including GDPR, building on ISO/IEC 27001, by providing necessary extra provisions. It deals with employee awareness programs, risk assessment and documentation and applies to businesses of all sizes and types.
Businesses who wish to improve their cyber security ability should be aware of a document issued by the government of Canada called "Baselines cyber security controls for small and medium organizations".
The overview of the document states:
"This document presents the Canadian Centre for Cyber Security baseline cyber security controls wherein we attempt to apply the 80/20 rule (achieve 80% of...