The French data protection regulator (CNIL) has issued a practice guide to the security of data. It is a detailed document, which covers (amongst other things) sections relating to:
- training staff, access management and authenticating users
- securing information technology and equipment
- preparing for a data incident
- securing transfers, data processors and deletion of data
- risk analysis, AI, apps and encryption
For those in search of a guide on what practical measures can be taken to increase information security compliance, this is definitely worth a look.
The guide can be found here.