Summarizing PDPSI-GDPR

Referring to all the articles on PDPSI-GDPR, the framework if it can be called so is suggested as a methodology for data auditors to adopt for conducting data audits. Most of the data audits are management decisions and for an assurance that appropriate measures are in place for compliance.

The Standards and Certifications are not to give any false impression to the regulatory authorities that they are in compliance. While the CISO can satisfy the Board that the Certifications indicate everything is fine, the owners of any business are always vary of the risks that persist despite the certifications. Hence any methodology which is robust and provides a better assurance should be preferred rather than whether it is certified by any particular standard.

PDPSI is a framework for Personal Data Protection and as a Standard that emanates from India, it is applicable for compliance of PDPA as per its initial design. However the same framework as an extension such as PDPSI-GDPR can satisfy the BS10012 and its clone ISO27701. Similarly PDPSI-CCPA can satisfy the CCPA or PDPSI-SGPDPA can satisfy Singapore PDPA or PDPSI-DIFCDPL2020 can satisfy the Dubai data protection law of 2020 etc.

The “Pseudonymization Gateway”, the “Classification tagging of Personal Data”, “Distributed Responsibility Structure for data protection” and “Measurability of compliance maturity” are innovations which can add value to the audit process and the assurance to the management more than what the other standards can provide.

Cyber Law College/Naavi are willing to share more insights to auditors to adopt to this framework.


Reference Articles:

What is Pseudonymization Gateway

Governance and Implementation Structure under PDPSI-GDPR


PDPSI-GDPR the replacement for ISO27701

Also refer

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.