Data Protection Systems
assurance, certification, services, solutions and training

Governance, management and controls for AI and data protection regulatory compliance.

Contact us

Our Mission.

Helping enterprises to demonstrate compliance.

Under Articles 42 and 43 of the GDPR, certification refers to third-party attestation related to processing operations by controllers and processors. Our organization creates certification criteria to evaluate conformity for approval by European supervisory authorities. These criteria are used to assess independently whether an enterprise’s object of certification meets the specified requirements of the GDPR. Enterprises can avail themselves of training and self-audit assistance to gain a better understanding of the certification criteria, implementation requirements, and the evidence necessary to demonstrate conformity.

Contact Us

Our Services.

Governance, Management, Control.

Artificial Intelligence

AI is a transformative technology with applications in office productivity, manufacturing, transportation, medicine, and many other areas. Good governance, management, and operational control can optimize the benefits for individuals, businesses, governments, communities, and society.

Data Protection

The processing of personal data significantly increases the obligations and responsibilities of enterprises in how they collect, use, and dispose of personal data. Enterprises are required to be able to demonstrate accountability for their data processing activities and compliance with legal obligations.

Information and Technology

Achieve agreed-upon enterprise objectives for information and technology, through the evaluation of stakeholder needs, conditions, and expectations, prioritising and making decisions, optimising risk management, setting direction, and monitoring performance, compliance, and value creation.

Advisory Service.

Our Approach.

Advisory Service.

Approved certification criteria enable us to confidently advise on best practices for compliance with statutory and contractual obligations.

Assurance Service.

Assurance.

Assurance Service.

As the owner of approved certification criteria, our assurance service has a reliable basis for assessing conformity and providing assurance that controllers and processors are capable of fulfilling their statutory and contractual obligations. Certification criteria are reviewed and approved by supervisory authorities and the EDPB to ensure the requirements for conformance will ensure a consist application of the applicable regulations.

Book a Consultation

Knowing about Governance, Management and Control is Good. Better still, get Certified!

Good Governance, Management and Control done Right

Assurance

Online auditing of the governance. management and control practices for artificial intelligence systems, data protection obligations and the use of information and technology.

Services

Artificial intelligence, data protection and data governance services.

Solutions

Solutions to support the governance, management and control of artificial intelligence system, data protection obligations and the use of information and technology.

Education

Online courses and virtual classroom training for the governance, management and control of artificial intelligence systems, data protection obligations, and information and technology.

Details: Data Protection Systems; Certification Criteria; 15 August 2023

Scheme for Personal Data Breaches

This certification scheme is developed to assess compliance with the requirements of the General Data Protection Regulation to implement a data breach management process and respond to a personal data breach promptly.

Personal Data Breach Management

The General Data Protection Regulation (GDPR) introduced the requirement for a personal data breach to be notified to the competent national supervisory authority (or in the case of a cross-border breach, to the lead authority) and, in certain cases, to communicate the breach to the individuals whose personal data have been affected by the breach.

This certification scheme targets the personal data breach management process performed by data controllers and processors and includes all personal data breach management activities. It applies to controllers and processors with processing operations located in the Union and those of processors outside the Union engaged by controllers located in the Union and covers:

implementation of technical and organisational measures that can effectively limit the likelihood and severity of a personal data breach
all personal data breach notification obligations and related measures, and
introducing additional security measures or correcting failures or deficiencies in the security measures already implemented.

.