GDPR is a EU regulation on data protection and privacy in the EU that also addresses transfer of that data outside of the EU.
We have helped organisations understand their requirements under GDPR, document those requirements and then implement software and controls to enforce them.
Our engineers understand that developing secure software is a primary requirement for our clients and for us as a business. They all receive training on common sources of errors in the technologies that we use.
Our QA process specifically includes a final code review undertaken by a principal engineer, whose job it is to find security issues.
We make use of external security consultants who will "penetration test" our systems in order to verify, as an impartial party, the security of the software.
We recommend performing this testing on initial delivery of the software, during any large upgrades and then on a frequent ongoing basis.
ISO/IEC 27001 specifies a management system that is intended to bring information security under management control and gives specific requirements.
At Abstract Leap, we have experience of enabling our clients to achieve certification and have operated systems inside an ISO27001 audited environment.
Learn about how we approach projects commercially and how we will work together.
Read more about how we build security in to our projects and the range of experience that we bring.