return to research

Preparing for the General Data Protection Regulation

The ISF approach to GDPR compliance
Download the executive summary

The European Union’s General Data Protection Regulation (the GDPR) brings data protection legislation into line with new, previously unforeseen ways in which information is used today. It applies to most organisations handling European personal data, thereby unifying data protection law for all EU member states.

The ISF Approach provides a structured method for achieving sufficient levels of compliance with the GDPR requirements. It presents good practice for guiding a GDPR compliance programme, including practical actions, supported by insightful tips from leading organisations. It is supplemented with reusable templates to accelerate demonstrative compliance.

The GDPR Implementation Guide presents the ISF Approach in two phases:

  • Phase A | PREPARE by discovering personal data, determining compliance status and defining the scope of a GDPR compliance programme.
  • Phase B | IMPLEMENT the GDPR requirements to demonstrate sufficient levels of compliance by May 2018