Policy & Document Management

GDPR - EUIDPR: Many aspects of compliance with the GDPR and EUIDPR rely on a good governance model. This means that organisations have to set policies and train staff and contractors to such policies. The combination of policies and training will contribute to better data handling in the organisation. Under the GPDR and EUIDPR, this forms part of the material required to demonstrate compliance with the regulation and may be required by the Data Protection Supervisory Authorities (GDPR) or EDPS (EUIDPR) in case of an audit.

ISMS - PIMS: ISO27001 requires a top-level information security policy (Clause 5.2) and usually involves several policies for the implementation of controls to modify risks. Clause 7.5 requires to retain documented information in an adequate format.

Key features

Policy & Procedure Management

  • Dozens of built-in and easily editable IT policy templates;
  • The policies can be shared as training material;
  • Upon reading the policy, staff can acknowledge reading the policy with an electronic signature;

Contract Management

The GDPR requires that many contractual relationships are established between data-controllers and data-processors.

  • Management of data-processing agreements
  • Management of non-disclosure agreements;
  • Management of additional contracts;
  • Attach documents in the supplier's file;

Record Retention Policies

The GDPR and EUIDPR require that when no longer required, data should be either disposed off or anonymised. Our record retention policies will assist the organisation in setting the expected reference for data retention.

  • Comprehensive tagging with relevant lawful basis;
  • Ability to document relevant legislation;
  • All the record retention entries can be selected from the data processing activities;

Data Protection (Privacy) Statement Editor

  • Comprehensive editor to ensure the key aspects required under Article 13 and 14 of the GDPR are included;
  • Friendly responsive web front-end template'
  • The DPO can update the privacy statement in real-time with no need to involve the webmaster;

General document management features

  • Authoring of documents with a built-in on-line rich-text editor;
  • Classification of documents (in line with ISO 27001 requirements);
  • Handling of non-disclosure Agreements;
  • Attach additional files of any format;
  • Folder creation: to easily sort and retrieve documents;
  • Set access rights on folders;
  • Audit trail of documentation viewed;
  • Document search engine;
  • Ability to export in Word/HTML/PDF.
  • Version control
  • Encryption of documents at rest and in transit;

Bizoneo - How can we help? DEMO REQUEST

ISO 27001
ISO 27701