Skip to the main content.

4 min read

Data Protection & CIS International Accreditation Standards

Data Protection & CIS International Accreditation Standards
KEY CHANGES WILL BE IMPLEMENTED THIS YEAR WITHIN CIS’ REVISED INTERNATIONAL ACCREDITATION PROTOCOL


Over the past year there have been significant developments to international data protection law. Many of our schools have been confused as to what this means or what they should be doing. Consequently, schools have been collaborating and problem-solving to overcome the uncertainties and determine how best to implement change within their organisations.

This blog sets out:

  • The reasons why CIS has decided to strengthen the protocol to include data protection
  • How you can join the CIS Special Interest Group for Data Protection and Cyber Security
  • What your school can do to evaluate its current position in being accreditation compliant through taking the 'Self-Assessment'
9ine Consulting - CIS Affiliate Consultant for Data Protection and Cyber Security

To strengthen professional support in data protection and cyber security for international schools around the world, 9ine Consulting have joined the Council of International Schools (CIS) as their Affiliated Consultant for Data Protection and Cyber Security. 

In partnering with 9ine, CIS will provide its accredited schools, including their students and families, with access to 9ine’s dedicated expertise as the leading provider of advice, support and guidance on data protection and cyber security for international schools.

Jane Larsson, Executive Director of CIS states:

“Changes to global data protection law have placed obligations on schools to improve how personal data and information is collected, stored, shared and secured. Therefore, specific standards related to data protection and child protection / safeguarding will be implemented this year within our revised International Accreditation protocol. Through the inclusion of new data protection standards within our protocol, all schools, no matter their location, will be asked to demonstrate evolving practice in the management of personal data and information. In partnership with 9ine through our affiliated consultant programme, resources to develop leading practice will be made available to CIS-Accredited schools, to help them evidence their accountability and alignment with our newly-revised standards.”

 
Supporting Revised CIS International Accreditation Protocol


9ine’s expertise in implementing international data protection law within education, has enabled a substantial global network of schools to demonstrate best practice and evidence compliance with the regulation (GDPR). In recognising the requirements to support best practices and comply with the GDPR, we have also supported schools with their obligations towards data governance and cyber security - the second and third key elements to the regulation, alongside data protection.

The revised International Accreditation protocol will reflect these elements, with greater expectations on school technology systems to provide enhanced management and operational functions, as well as requirements for schools to carry out regular system tests to ensure rigorous security. We will be discussing the revised International Accreditation protocol in relation to technology and cyber security in an upcoming blog. Watch this space! 

 

In helping schools to obtain accreditation, there are a number of training events and resources you can draw upon to support your development and alignment with the regulations for data protection and cyber security:

  • 9ine self-assessment tool developed for CIS accredited schools: As a resource, 9ine has developed a self-study Assessment Tool for CIS-Accredited schools to use. This free resource will enable CIS schools to evaluate themselves against a common framework, with access to further tools and resources to build capability and capacity to plan, achieve and exceed the protocol requirements. You can utilise the Tool to assess your alignment with data protection and cyber security related standards for CIS International Accreditation.  

  • Webinars: 9ine’s webinars, seminars, workshops and training summits,  will provide schools and regional associations with the professional advice and guidance needed to meet new accreditation requirements. Register below for 9ine and CIS' webinar on the 30th May discussing the revisions to International Accreditation.
  • Annual Subscription Service Supporting Accreditation: To further enable schools to meet CIS’ newly-revised accreditation requirements, 9ine’s DPO Essentials subscription service has been enhanced to include an automated data mapping tool to save time when it comes to recording your record of processing activities. The Quick start data mapping tool enables you to quickly and efficiently determine the lawful basis of processing for over 120 processing activities a school would undertake, the impact on privacy notices and and level of risk to the individual of you undertaking that processing activity.

    This subscription service is designed to aid, guide and provide evidence so Team Evaluators quickly and efficiently can determine accreditation compliance. It includes policies, processes and procedures, annual training for staff and board members, regular data protection reviews and an annual audit. If your school board needs the confidence of compliance with data protection and cyber security accreditation compliance, this subscription service is a must for your school. Get in touch to find out more about 9ine's International Accreditation Essentials.
  • CIS Data Protection Group: To enable a continuous improvement, we are creating a special interest group to better understand the specific support schools need, and to develop together with our Affiliated Consultants, the tools and resources to obtain accreditation. Through continued dialogue with educators as part of the CIS Data Protection Special Interest Group, the self-assessment and associated resources will be continually updated to support accreditation compliance for international schools. You can request more information on joining the special interest group when downloading the 'Self-Assessment' tool.
 
Safeguarding & Child Protection


The inclusion of enhanced safeguarding and child protection standards within CIS’ revised International Accreditation protocol continues CIS’s dedicated approach to the criticality of well-being in schools. Mark Orchison, Managing Director of 9ine, believes these changes are an important step for international schools to enhance their understanding of child protection concerns and embed leading practice within their well-being support structures. An upcoming blog will discuss in more detail the revisions to the protocol in relation to child protection and what this means for your school. 

 

Katie Rigg, CIS’ International Advisor for Student Well-being explains: 

“Safeguarding and child protection are at the heart of CIS’ work – ensuring that our accreditation process enables our members to keep children safe is an essential part of this work. As Chair of the International Taskforce on Child Protection, Jane Larsson helped to create key Safeguarding Standards which we subsequently incorporated into our accreditation protocol. In the next version of our protocol we move beyond these standards, supporting our members to tackle key issues such as peer-on-peer abuse and online harm, and to strengthen areas such as safeguarding governance and the curriculum.”

Supporting international schools on their journey to CIS International Accreditation for safeguarding and child protection, 9ine’s Child Protection Technology Evaluation supports schools to understand whether their IT systems, configuration, policies, processes and procedures will align with accreditation standards. Technology systems are an important component to determine risk, providing data and information that can lead to early intervention for supporting the well-being of students and staff. 

 
Enabling your School to implement and meet CIS International Accreditation Standards


Worried about what the revisions to the protocol mean for your school? For a complimentary data protection and cyber security review for your school to evaluate its alignment with CIS International Accreditation standards:

 

NCSC Alert: Education Targeted by Ransomware Attacks

NCSC Alert: Education Targeted by Ransomware Attacks

The National Centre for Cyber Security recently published an alert for those responsible for IT and Data Protection in education. The alert brings to...

Read More
Enhancing Data Protection Governance: Roles & Responsibilities

Enhancing Data Protection Governance: Roles & Responsibilities

A core part of data privacy and protection compliance is about demonstrating accountability. This includes the ability to evidence management...

Read More
[COVID-19 UPDATE] Supporting School Business Continuity

[COVID-19 UPDATE] Supporting School Business Continuity

School IT systems are like buildings. If you are constructing a building from the ground up you would develop plans, specifications, an operations...

Read More