BC 5701 certification: where do you start?

You may be looking into BC 5701 certification and wondering where you can start. In this article we would like to inform you about what a BC 5701 certification process starts with and provide you with guidance that can help you get started. The first step towards BC 5701 certification is:

Defining the so-called ‘object of certification’.

In other words, determining the processing operations you want to certify. This crucial step in the certification process requires clarity, precision and completeness. By determining the object of certification, you take the first step towards GDPR certification.

The importance

Defining the object of certification for the BC 5701 certification will enable your organization to provide a clear and complete picture of the activities to be certified. It increases transparency and understanding among stakeholders, minimizes confusion and thus helps achieve certifications in accordance with BC 5701.

Clarity and accuracy are the key words when formulating the object of certification. Make sure your descriptions are clear and understandable for everyone involved.

Step-by-step plan to determine the object of certification

Below we outline a number of steps that can support you in achieving a clearly defined object of certification:

Document the context

Start by documenting the context in which BC 5701 is applied. This includes both internal and external factors that impact your organization and its ability to comply with regulations and standards.

Provide insight

Ensure that all stakeholders, including the supervisory authority and the certification body, can gain a clear understanding of the context of the processing operations.

Management approval

The description of the internal and external context must be demonstrably approved by the management of your organization.

Define processing purposes

Clearly record the independent processing purposes to which this standard applies. Make sure that the description is understandable and meaningful to the target group and is not misleading.

Emphasize details

All details regarding the object of certification that may be relevant to the target group, such as use of technologies, suitability for specific target groups and compliance with laws and regulations, must be clearly stated.

Determine the boundaries

It is important to determine and record the boundaries of the object of certification. Provide insight into the boundaries with regard to the process steps in the processing chain, parties involved, functional applications and resources for support.

Use the above steps as a guide and record all relevant information in a structured and documented manner.

Good luck with the first step towards BC 5701 certification!