Practice development

STEP 12 – the Technical and Organisation Security Measures (TOSM)

For me, this is the most daunting part of the compliance process. Definitely outside my comfort zone. Still work to do here I have to confess that I am unlikely to have this completed for the 25th deadline. I am in conversation with IT support contractors I use and everyone seems to have a different… Continue reading STEP 12 – the Technical and Organisation Security Measures (TOSM)

Practice development

STEP 8 – Security Awareness Log

Step 8 of our workbook records that your staff have read and acknowledged their responsibilities under the GDPR by reading your practice Information Security Policy. What is an Information Security Policy? We have published a guide “Information Security Policy” on our support portal, the Supporting Documents section. The introduction to this document says: This Information… Continue reading STEP 8 – Security Awareness Log

Landmark updates

GDPR – the real threat to professional firms

This is an article I wrote for ACCA’s In Practice publication, (to be included in the April 2018 edition). The real threat of GDPR non-compliance is loss of business With just under two months to the 25 May 2018, the GDPR compliance deadline, I suggest that practitioners who have not yet tackled the thorny issues… Continue reading GDPR – the real threat to professional firms