BS 10012 Overview

Personal information Management system (PIMS) is set of organisational processes that demonstrate an organisational control over the overall lifecycle and security of collected personal information.

British Standard – BS 10012 – is aimed at providing organizations a roadmap for managing personal information. The standard has several references to GDPR. Although the standard is designed with the aim of providing specification for certification, it is used by the organisation to fulfill any ‘personal’ information.

We have a proven methodology to fulfill and implement BS 10012/Personal information management system. After we have identified whether an organisation is a controller and/or a processor, we guide an organisation through a step by step process of determining applicable requirements and taking them through the journey which has the following broad phases:

Our BS 10012 Consulting Methodology has the following broad phases
We bring our world-class experience in delivery PIMS BS 10012 implementation leading to successful certification.

PHASE I – Information flow assessment

This phase involves identification of information sources, and is processing infrastructure that involves personnel, technology, physical infrastructure.

PHASE II – Gap Analysis

This phase involves performing privacy impact assessment and security risk assessment to determine security and legal loopholes. Identified gaps are provided with detail recommendations.

PHASE III – Control Design and documentation

This phase involves our methodology that involves distribution security responsibility to internal stakeholders, with control policies and transactions that ensures that the PIMS is well embedded in the organisation processes. This also includes nomination of a data protection officer and creating data protection office, for the organisation. In a typical engagement organisation receives 25+ policies and procedures.

PHASE IV – Tracking

This phase involves tracking the client risks, and documentation on a weekly basis till all internal controls are adequately implemented.

PHASE V – Performance Tracking

This phase involves showcasing client with changes in a given period by providing change specific score of compliance between 0 -100% compliance.

PHASE VI – Internal Audit

This phase involves verifying the governance system created for the organisation is well in place and ready to declare as PIMS compliant.

At this stage the client has implemented the governance system in completeness.
Call or write to us at :
for proposal / roadmap / information