Act no. 428/2002 Coll. on personal data protection says, “personal data safety shall be the responsibility of the information system operator who shall protect it from theft, loss, damage, unauthorized access, modification, or disclosing. For this purpose the operator shall take reasonable technical, organizational and personnel measures corresponding to the way of processing and must elaborate an IS security project“.
Act no. 428/2002 was amended in 2005 and some of its basic provisions were changed, including those related to security projects and security guidelines. For this reason, it was necessary to rework security projects elaborated prior to that year. Our company offers the possibility to verify your security project from both a legislation perspective and a compliance perspective with your existing IT infrastructure.
The audit consists of two parts:
• Audit of the compliance with the latest amendment of the Personal Data Protection Act (legislative audit)
• Extending the legislative audit with the audit of the compliance with the existing IT infrastructure (pursuant to the ISO 27001 standard)
The audit we perform will not only verify your security project and guidelines, but it will also determine the right path for building information security in your company.