"Changes to global data protection law have placed obligations on schools to improve how personal data and information is collected, stored, shared and secured. Therefore, specific standards related to data protection and child protection / safeguarding will be implemented this year within our CIS International Accreditation Protocol. Through the inclusion of new data protection standards within our protocol, all schools, no matter their location, will be asked to demonstrate evolving practice in the management of personal data and information. In partnership with 9ine through our affiliated consultant programme, resources to develop leading practice will support CIS-Accredited schools and help them to evidence their accountability and alignment with our newly-revised standards.
- Jane Larsson, Executive Director, CIS
9ine are proud to engage with the Council of International Schools (CIS) to provide expertise related to data protection and cyber security to the CIS membership community. Being the Affiliated Consultant for data protection and cyber security will enable us to work collaboratively with CIS in shaping international education to meet the changing global landscape for data protection.
In linking together the CIS International Accreditation Protocol, domains and criteria, we have created a Self-Assessment Tool for schools to use in evaluating their progress against the protocol for each of the preparatory evaluation, team evaluation and future aspiration stages. The tool provides a standard mechanism for which Team Evaluators can review evidence against the protocol, therefore enabling the accreditation process to be consistent across CIS-Accredited schools.
By completing the self-assessment now, your school will determine the steps that need to be taken to meet and exceed the accreditation standards related to data protection, cyber security and technology for managing safeguarding / child protection at each phase. Through a continued dialogue with educators involved in the CIS Data Protection Special Interest Group (see below), the Self-Assessment Tool and associated resources will continually be updated to best support international schools to improve in these areas within the CIS International Accreditation framework.
Data protection law is constantly evolving to be continually relevant as technology, working practice and challenges to the privacy rights of natural persons develops over time. This means that whilst accreditation protocol covering the complex area of data protection may currently be sufficient, over time this may need to adapt and change. The CIS Special Interest Group (SIG) will be formed with two layers - a Core Group and Regional Representatives. The Core Group will meet regularly to direct the development and delivery of resources for CIS-Accredited schools. The Regional Representatives will be regionally located and will provide in-country updates on the current concerns, needs and developments. This group will be supported by 9ine, whose in-house team will advise and guide as required. Any CIS-Accredited may apply to join the SIG. You can do so by selecting the relevant option when registering for the Self-Assessment.
In making use of the Self-Assessment Tool, CIS-Accredited schools will be able to keep up-to-date with practices relating to data protection, cyber security and safeguarding / child protection by accessing resources that include webinars, workshops and events which will support in achieving CIS Accreditation standards.
Current events planned include:
9ine's DPO Essentials is an annual subscription service providing training and resources to develop and advance your school’s Data Protection Office. DPO Essentials has been updated to include an optional module to align with the CIS International Accreditation protocol. The enhanced and targeted service starts with your Self-Assessment, then focusses on the areas where your school is struggling.
The service also includes an advanced database for you to quickly record the data processing activities your school undertakes, then evaluate the lawful basis, risks and actions you need to take to evidence meeting accreditation standards. The accreditation version of DPO Essentials provides an annual service plan which includes onsite school training for new starters and board members, an annual audit and an information rights / breach management support service.
9ine's Cyber Defence Essentials service provides schools seeking to achieve CIS Accreditation in Domain B and G, with the analysis, support and auditing required for Team Evaluation. With a range of options, including a technical assessment, through to cyber penetration testing and susceptibility testing via simulated phishing of all school users, the service provides you with the confidence to evidence CIS Accreditation.
For more information on registering for your CIS Self-Assessment Tool, applying for the SIG, or training plans, click below:
Questions or queries related to the inclusion of data protection standards within the CIS International Accreditation protocol can be submitted when requesting the Self-Assessment Tool. These will be collated, reviewed and published to those who are using the tool, as well as through the relevant CIS communication channels.