GDPR GAP ANALYSIS

Small Organisation GAP Analysis

Introduction

As the implementation date for GDPR has now passed (25/5/18) if you are worried about your compliance position then you need our GDPR GAP analysis report.

Our data protection consultants will assess your organisation’s privacy management and data protection practices through an on-site review of the following:

• Your Data Protection Governance & Processes
• Your Risk management approach & appetite for Risk
• Your GDPR project resourcing
• Your position with respect to a Data Protection Officer (DPO)
• Your organisational Roles and Responsibilities
• Your Scope of compliance
• Your Personal Information Data Processes
• Your Personal Information Management System (PIMS) – if applicable
• Your Information Security Management System (ISMS) & processes
• Your Rights of Data Subjects & processes

The result is a GDPR Compliance report. This will enable you to evaluate your position and what you need to do next to move towards GDPR compliance.

Why choose us?

• Our consultants are both qualified and have an in-depth understanding of the GDPR's requirements and how pragmatically they should be met.
• We can provide a complete compliance support service to help organisations prepare for and adapt to the GDPR including:
  • Undertaking Data flow audits
  • Producing small organisation Gap analysis reports
  • Undertaking Data Protection Impact Assessments (DPIAs)
  • Delivering Bespoke transition services
• Our team has extensive Data Protection and Information Security management project expertise including government network accreditation projects.

Data Protection Governance

We will review the Data Protection Governance procedures and practices operating within the organisation and compare them with the requirements of the GDPR.

Risk Management – Approach & Appetite

We will review and discuss the way in which your organisation manages risk and what the risk appetite is within the organisation.

GDPR Project Resourcing

We will review (if applicable) the resources currently allocated to the GDPR project and make recommendations accordingly.

Data Protection Officer

We will review any decisions taken regarding a Data Protection Officer and recommend whether or not a Data Protection Officer is appropriate. 

Organisation Roles & Responsibilities

We will review the organisational roles and responsibilities (with respect to Data Protection, Processing and Cyber Security) that support your organisation and make appropriate recommendations.

Scope of Compliance

We will review the scope of your compliance with the General Data Protection rules and regulations.

Personal Information Data Processes

We will discuss and quickly review the Personal Data Processes that are operating within the organisation.

PIMS – If Applicable

If applicable We will review any Personal Information Management System that is operating within the organisation.

Information Security & Processes

We will review those Information Security processes that are operating within the organisation and make appropriate recommendations based on industrial best practices.

Rights of Data Subjects & Processes

We will review the Procedures and processes that have been established within the organisation to respond to Data Subjects exercising their rights under the GDPR and make appropriate recommendations based on best practice.

Restrictions & Conditions

• The price quoted applies to single-entity organisations with up to 20 staff and with all key personnel (senior management, HR managers, compliance, IT, sales, marketing and procurement) based at a single site (unless agreed otherwise).
• The fee excludes any necessary travel, accommodation and subsistence expenses. Expenses will be assessed and charged in arrears.

What to do now?

• Call us on +44 (0) 333 998 0041 or use the Contact Us form to arrange a free consultation to see how we can help your organisation.