GDPR Controls

Good Afternoon,

I was asked to look into GDPR Controls that need to be assessed to prove compliance. I have spent most of the past two days looking for information. I downloaded all 265 pages of GDPR goodness, but there is nothing mentioned on controls. I am familiar with NIST.SP.800-171 and other NIST guidelines.

Is anyone familiar with an equivalent guide that has been published that performs a role like NIST.SP.800-171 or NIST.SP.800-53? I was on the ENISA website and I was kinda surprised by the lack of technical documentation.

Any assistance is greatly appreciated.

TIA

Find more posts tagged with

Comments

JDMurray

Yep, I've got to look in to detecting information transfer and disclosure that may violate GDPR too. Seems like DLP and email security systems are the best controls that are already in-place for filtering complex, human-oriented information.

General Data Protection Regulation - Wikipedia

GDPR Portal

And, of course, whatever you need to know is on YouTube: https://www.youtube.com/results?search_query=GDPR