GoodPriv@cy - Information Protection

> Achieving Recognition

Preparation to acquire the GoodPriv@cy label

  1. Identify the data protection and privacy (DPP) relevant objects, legal and other related requirements
  2. Determine the processes involved and evaluate the relative risks
  3. Establish the DPP policy
  4. Set objectives and implement measures for compliance and further development of DPP
  5. Implement the organization and assign the DPP tasks and responsibilities
  6. Build DPP awareness and competency
  7. Provide accurate processes (to integrate with existing process management)
    a) monitoring and control of processes
    b) deviations and improvements
    c) internal and external communication
    d) documents and data control
    e) management system
  8. Conduct internal audits
  9. Review the results of the system for DPP and implement improvements
  10. Engage in an external certification audit with your IQNet partner