Shop

EU GDPR Security & Privacy By Design

$4,200.00

Description

With the European Union General Data Protection Regulation (EU GDPR), companies doing business with citizens of the European Union have an obligation to demonstrate they implement both Security by Design (SbD) and Privacy by Design (PbD). Unfortunately, most businesses lack the knowledge and experience to undertake such documentation efforts. That means businesses are faced to either outsource the work to expensive consultants or they ignore the requirement and hope they do not get in trouble for being non-compliant with this compliance requirement. In either situation, it is not a good place to be. The good news is that ComplianceForge.com developed a viable cybersecurity and privacy program that is based on NIST 800-160 guidance for security by design and OASIS for privacy by design. This document is capable of scaling for any sized company. Cybersecurity and privacy do not need to be hard. The Security & Privacy By Design (SPBD) document is meant to simplify how security and privacy can be operationalized in a paint by numbersapproach.

The SPBD addresses the how questions for how your company ensures both security and privacy principles are operationalized.

This is an editable Microsoft Word document that provides program-level guidance to directly supports the WISP and DSP policies and standards for ensuring secure engineering and privacy principles are operationalized on a daily basis.

The concept of secure engineering is mandatory in numerous statutory, regulatory and contractual requirements. The SPBD provides a paint by numbers approach to ensure your company has evidence of both due care and due diligence for operationalizing security and privacy principles.

The SPBD is based on numerous frameworks, but the core is NIST 800-160, which is the de facto standard on secure engineering.

The SPBD is an editable Microsoft Word document that providers program-level guidance to directly supports your company’s policies and standards for ensuring secure engineering and privacy principles are operationalized.

The SPBD can serve as a foundational element in your organization’s privacy program. It can stand alone or be paired with other specialized products we offer.

Cybersecurity and privacy do not need to be hard. The Security & Privacy By Design (SPBD) document is meant to simplify how security and privacy can be operationalized in a “paint by numbers” approach. This product is comprised of editable Microsoft Word and Excel documentation so you can customize it for your specific needs.

Please keep in mind that security & privacy engineering principles are widely expected activities:

  • European Union General Data Protection Regulation (EU GDPR)
  • NIST 800-53
  • NIST Cybersecurity Framework
  • ISO 27002
  • Defense Federal Acquisition Regulations Supplement (DFARS) 252.204-7012 (NIST 800-171)
  • Federal Acquisition Regulations (FAR) 52.204-21 – 4
  • National Industrial Security Program Operating Manual (NISPOM)
  • SOC2
  • New York State Department of Financial Service (DFS)
  • Payment Card Industry Data Protection Standard (PCI DSS)
  • Center for Internet Security Critical Security Controls (CIS CSC)
  • Generally Accepted Privacy Principles (GAPP)