The IAPP and OneTrust have undertaken the task of mapping the most common security operations standard, ISO’s 27001, to the world’s most influential piece of privacy legislation, the GDPR, so as to create a framework for understanding just how closely they align and how much of the work toward GDPR compliance that security has likely already done.

With this research project, we have identified six main areas of common ground that should help every organization align their security and privacy operations in a way that will create efficiencies and, hopefully, reduce the risk of a damaging incident while increasing productivity and customer trust.