Reading time: ~ 2 min.
Data protection between EU and Switzerland: the GRC Data Protection approach on GDPR and LPD-DSG-LPD (FDA)
GRC and Data Protection: what about the approach in Switzerland? We already told you about the new Federal Data Protection Act (also known as LPD) that was enacted in Switzerland in our previous post. Today we are getting back on this topic considering one big challenge for the Swiss companies: the GRC and data protection between European Union and Switzerland.
Many organizations in Switzerland will face a double challenge. They have to manage compliance with the requirements of the LPD and, at the same time, with GDPR too. This one - as known - applies also to the EU citizens personal data processing carried out outside of the EU.
Many Swiss companies have to find a solution that could be suitable for both the contexts. How to manage compliance with the requirements of the LPD and the GDPR in an integrated way?
GRC and Data Protection: what about the approach in Switzerland?
We already told you about the new Federal Data Protection Act (also known as LPD) that was enacted in Switzerland in our previous post. Today we are getting back on this topic considering one big challenge for the Swiss companies: the GRC and data protection between European Union and Switzerland.
Many organizations in Switzerland will face a double challenge. They have to manage compliance with the requirements of the LPD and, at the same time, with GDPR too. This one - as known - applies also to the EU citizens personal data processing carried out outside of the EU.
Many Swiss companies have to find a solution that could be suitable for both the contexts.
How to manage compliance with the requirements of the LPD and the GDPR in an integrated way?
The adoption of a common GRC approach (Governance, Risk Management, Compliance) based on the main ISO standards can be of great help.
This can be the right choice with particular reference to the following standards:
- Risk management according to ISO 31000
- Privacy Impact Assesment on ISO 29134
- Compliance management (ISO 37301)
- Information security management system (ISO 27001)
- Business continuity management system (ISO 22301)
- IT Service Management System (ISO 20000-1).
Due to this high relevance for a lot of companies, we will have a special focus on topic with a dedicated class.
ITSMF and MGS will have a partnership on the next class about GRC and Data protection between EU and Switzerland.
We will held this class on 6th and 7th October: but you will get more info about during the next weeks.
