phone-call-on-train

Privacy Goes Beyond Digital and Email

00GDPR Discovery Review December, 19

In a digital world where we’re constantly reminded to look after our personal data, it’s easy to forget about privacy leaks in the real world.

The following tale might spark some concerns among businesses, and it may even remind you of something that you’ve witnessed yourself.

More info
Cyber Security

GDPR Just got Updated – Please Introduce Yourself to Some new BS and ISOs!

00GDPR Discovery ReviewTags: , , , , September, 19

So, just when you thought the GDPR was all done and dusted, you hear that interminable phrase, “there’s a new ISO standard we need to conform with”.

Your heart sinks.

Your blood pressure rises.

Surely, all that hard work you put into complying with the GDPR was enough for now?

No, but there’s nothing to worry about, because this is your no-nonsense, jargon-free(ish) guide to ISO27701.

More info

GDPR IT SUPPORT

12 Reasons Why an IT Provider Doesn’t ‘do’ your GDPR for you

00GDPR Critical Friend, GDPR Discovery Review August, 19

Representing the biggest change to data protection laws since 1998, the General Data Protection Regulation (GDPR) forced businesses big and small to evaluate how they were collecting, storing and processing personal data.

Depending on your systems and processes, complying with the GDPR isn’t quite as burdensome as some would have you believe, but it has led to some rather worrying assumptions.

The most common we hear at conferences and when speaking to customers goes along the lines of, “oh, the GDPR? Yeah – our IT provider takes care of all that”.

If that’s a phrase you’ve uttered yourself, here are twelve reasons why your IT provider isn’t taking care of your GDPR compliance.
More info

2019-predictions

Risk Evolves reflections and predictions for 2019

00Business Process and Standards, Cyber Security, Enterprise Risk Management, GDPR Critical Friend, GDPR Discovery Review, Supply Chain January, 19

Well it’s that time of the year when we reflect on what happened in the previous 12 months and polish the Risk Evolves crystal ball to see whether we can predict what may happen in the future.

2018 was the year that saw the biggest change in data protection legislation and regulation in a generation as the General Data Protection Regulation and UK Data Protection Act (2018) were introduced. At the same time we saw the increase in phishing emails and businesses succumbing to hacks and data breaches which GDPR is trying to protect against!

More info

adventure-bay-beach-307008 (1)

Manage your Supply Chain – ‘No man is an island ?’

00Business Process and Standards, Cyber Essentials, Enterprise Risk Management, GDPR Discovery Review, Supply ChainTags: , , , , , , August, 18

I don’t believe that any one of us working in any type of organisation, regardless of whether you’re a small business, a charity, a school or even a sole trader today can operate without the products or services of a 3rd party provider. We may well have chosen to outsource our accountancy, HR, IT and compliance management requirements. Equally, our clients outsource to us e.g. audit requirements, Data Protection Officer and so on. Our Clients all have a dependency on us to deliver services. Here at Risk Evolves – we’re no different. We’re great examples of the fact that very few, if any, organisations can operate without the support of a 3rd party. A 3rd party could be providing IT, critical resource, logistics support, payroll services, catering, cleaning etc. And yet, how many of us step back and analyse exactly what we would do if one of those third parties wasn’t available one day. What happened if they were to suffer a flood to their premises so that they couldn’t operate, if they were to go out of business, cease to provide the service that we are reliant on, be acquired by another organisation – the list goes on. More info