About this guide:
Ever since it was announced that the General Data Protection Regulation (GDPR) would take effect on May 25, 2018, globally-minded organizations have been scrambling for solutions to meet its prescriptive (yet interpretive) requirements. The expectation that organizations should adopt strong security and privacyrelated measures comes at a critical juncture in time, where data breaches and privacy concern s continue to abound each and every day. While cloud-based information system architectures have significantly improved organizational performance and efficiency, there are specific risks that organizations should consider when determining a strategy to help ensure that sensitive information is protected. One such solution includes incorporating the privacy control considerations to an organization’s information security management system (ISMS) as defined by ISO/IEC 27018:2014 (henceforth ISO 27018).