Quantar is able to assist your organization with both the initial implementation of a GDPR compliance program and the follow-on activities to ensure compliance is maintained in the face of severe penalties for failures.
Our approach to a GDPR project may differ from other suppliers in that we are able to offer ISO/IEC 27001:2013 auditing, as well as a unique cyber threat valuation service allied to your primary program. The GDPR explicitly refers to the use of certified standards, such as ISO/IEC 27001 as a means of providing evidence of GDPR compliance. However, in many cases, GDPR practitioners are not able to ensure that an implemented ISO 27001 information management system does in fact lead to such compliance.
We are certified both as GDPR Practitioners as well as ISO 27001:2013 Lead Auditors and can thus ensure that the intention of using ISO or other standards or codes of conduct are suitable for the intended purpose of compliance. In some circumstances, the requirements for ISO 27001 certification under the mandated obligations within Appendix A, can unintentionally lead to data that, uncontrolled, would lead to GDPR breach.