Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Objective: The objective of processing data protection incidents is to ensure that possible damage to the data subjects is limited and that a recurrence is prevented. In addition, the legally required documentation and, if necessary, timely reporting to the supervisory authority must be ensured.
Requirements (must): Data protection incidents (e.g. unauthorized access to personal data) are processed in a timely manner.
The requirements from 1.6 of the information security questionnaire also take into account data protection incidents or, alternatively, there is an emergency plan for dealing with data protection incidents.
In addition, procedures are established and documented to ensure the following aspects:
- immediate notification to the respective responsible person, as far as his order is affected
- Documentation of the incident handling activities
- Training of employees on the defined measures/processes
- Support of the respective controller in the processing of data protection incidents
Oh no! No description found. But not to worry. Read from Tasks below how to advance this topic.
Objective: The objective of processing data protection incidents is to ensure that possible damage to the data subjects is limited and that a recurrence is prevented. In addition, the legally required documentation and, if necessary, timely reporting to the supervisory authority must be ensured.
Requirements (must): Data protection incidents (e.g. unauthorized access to personal data) are processed in a timely manner.
The requirements from 1.6 of the information security questionnaire also take into account data protection incidents or, alternatively, there is an emergency plan for dealing with data protection incidents.
In addition, procedures are established and documented to ensure the following aspects:
- immediate notification to the respective responsible person, as far as his order is affected
- Documentation of the incident handling activities
- Training of employees on the defined measures/processes
- Support of the respective controller in the processing of data protection incidents
In Cyberday, requirements and controls are mapped to universal tasks. A set of tasks in the same topic create a Policy, such as this one.
In Cyberday, requirements and controls are mapped to universal tasks. Each requirement is fulfilled with one or multiple tasks.
When building an ISMS, it's important to understand the different levels of information hierarchy. Here's how Cyberday is structured.
Sets the overall compliance standard or regulation your organization needs to follow.
.svg)
.svg)
.svg)
Break down the framework into specific obligations that must be met.
.svg)
Concrete actions and activities your team carries out to satisfy each requirement.
Documented rules and practices that are created and maintained as a result of completing tasks.
