Data protection management
The ISO 10012 standard helps organisations implement processes to ensure personal data is managed correctly.
Processors and controllers as per Article 24 of the EU General Data Protection Regulation can use this certification to demonstrate their competence in handling personal data.
How this certification will benefit you
-
1
The certification makes it easier to participate in tendering processes.
-
2
It provides independent proof that your data protection management system is working effectively.
-
3
It helps you identify risks and avoid the related dangers.
-
4
A certification also protects and backs up your organisation's reputation.
-
5
Certifications strengthen stakeholder trust in your organisation.
Certifying your management system in accordance with ISO 10012
You define the scope of your management system (for example, sites or divisions) and submit an application for the ISO 10012 certification.
The certification body uses your application as the basis for assessing the professional requirements and your organisation's readiness for the certification audit.
A comprehensive on-site audit is conducted to assess your management system's effectiveness and the extent to which you are implementing the requirements contained in the standard.
The certificate is issued following the successful completion of steps 2 and 3.
Your certificate is maintained on the basis of an annual monitoring audit.
A recertification audit is conducted every three years to verify the ongoing quality of your management system in line with the applicable standards.
Please see the certification scheme (only in German) for further information on content and the examination and assessment process.
GDPR monitoring body
Many companies find that implementing the GDPR poses unresolved questions and legal uncertainties. Trade associations representing specific categories of controllers or processors can address this by drafting codes of conduct in accordance with Article 40 GDPR and having these approved by the Data Protection Authority (DSB). Obligatory monitoring of the codes of conduct is an essential aspect.
Austrian Standards acts as a monitoring body in the context of Article 41 GDPR on behalf of the competent professional associations of the Austrian Economic Chamber (WKÖ) and is accredited by the Data Protection Authority.
Want to find out more about the certification?
Please send us your contact details – we'd be happy to assist you!