Implementation of ISO 27001 Standards as GDPR Compliance Facilitator

摘要

Personal Data Protection has been among the most discussed topics lately and a reason for great concern among organizations. The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years. The regulation will fundamentally reshape the way in which data is handled across every sector. The organizations had two years to implement it. As referred by many authors, the implementation of the regulation has not been an easy task for companies. The question we aim to answer in this study is how far the implementation of ISO 27001 standards might represent a facilitating factor to organizations for an easier compliance with the regulation. In order to answer this question, several websites (mostly of consulting companies) were analyzed, and the aspects considered as facilitating are listed in this paper.