A paper presented at ACIS 2020 written by UTS and Data Zoo collaboration
The protection of information assets requires an interdisciplinary approach and cross-functional capabilities. In recent times, information security and privacy compliance continue to be a complicated task due to increasing regulatory restrictions, changing legislation and public awareness. The newly published information security and privacy standard ISO/IEC 27701:2019 provides support for organisations looking to put in place systems to support compliance with global data privacy requirements. However, there is little known about how does this standard map to other regulatory requirements in different jurisdictions specifically the globally relevant General Data Protection Regulation (GDPR). Hence, this research aims to answer an important research question: whether and how the ISO/IEC 27701:2019 framework represents an opportunity for the GDPR compliance?
This research provides a review and mapping of ISO/IEC 27701:2019 and GDPR by using an integrated requirement engineering model as a kernel theory. The results of this research will assist organisations contemplating to meet their compliance needs. It will also help academics and practitioners interested in integrating the ISO/IEC 27701:2019 and GDPR for developing relevant compliance frameworks and tools.
Memoona Javeria Anwar
Head of Compliance & Digital Strategy
Asif Qumer Gill
The University of Technology Sydney
Data Zoo is the best solution for any organisations with AML/KYC obligations. With access to more than 5 billion individuals globally, we are the leading Asia Pacific provider – covering over 95% of the population. Instantly verify your customers through reliable and independent data sources & meet all compliance requirements. If you would like to learn more, please contact us here.