ISM’s blog discusses the Practitioner’s Certificate in Information Risk Management (PCIRM), who it’s for, what you can learn, how to prepare, and more.
The General Data Protection Regulation (GDPR) provides data subjects in the UK and EU with a right to access their personal data and, to exercise this right, can make a data subject access request (DSAR) of any controller that processes their data. However, while ‘I want to see my data’ might sound like a very simple request, the regulatory caveats around what data you must and must not provide and the timeframe in which you must provide it, mean they can be more complex than initially seems to be the case.
Read URM’s blog on our educational website, informationsecuritymanagement.com, in which we explain how you can recognise a DSAR, who is responsible for managing them, how to respond to one, and more.
The Payment Card Industry Data Security Standard (PCI DSS), sometimes shortened to PCI, is an international security standard comprised of a set of controls. These controls must be applied to technologies, security policies, and ongoing processes to protect payment systems …
Maintaining information security is of vital importance for any organisation, particularly those that handle personal or sensitive data. Data breaches can have a huge, negative impact on the reputation of an organisation, and, if an organisation is found to be …
Under the Payment Card Industry Data Security Standard (PCI DSS), merchants and service providers are subject to different requirements and have different responsibilities. While merchants will usually know they are merchants, having come to a merchant agreement with a payment …