Assessment and Audit
Readiness assessment and audit
Are you fully prepared for data protection and the GDPR? Our readiness assessment reports on your current state against a benchmark GDPR model.
Assessment and Audit outputs
- A report of your current state of personal data protection
- Gap report of your current state against our unified privacy framework
- Road-map to compliance
- Board papers for estimated cost and effort
- Compliance action plan
- Project brief
To get ready for data protection, especially the GDPR, some of the significant impacts on your organisation are: fulfilling documentation requirements, acting transparently, ensuring that consent is gathered when necessary and processed lawfully, ensuring that staff members understand how to handle and redact personal data, aligning contracts, agreements, memoranda of understanding, etc., ensuring that the correct lawful framework and security measures are in place when transferring data, keeping track of where personal data is sent, authenticating individuals making sure that personal data is relatively easy to find, change and delete to satisfy a request, enabling the suspension or withdrawal of processing by an individual, a general cultural change to question why personal data is needed and to treat it with respect.
Our experience is that data protection implementation has been random and mainly master-minded by alleged experts who attended a short course.
We have rescued wayward projects and steered them to a successful conclusion.

WHAT WE WILL DO
A GDPR readiness assessment.
We will assign expert resources to assess and report on the areas shown below.
The assessment is performed against our GDPR framework benchmark model.
WHAT WE WILL DELIVER
The output of the assessment comprises:
- A report of your current state of personal data protection
- Gap report of your current state against our unified privacy framework
- Road-map to compliance
- Board papers for estimated cost and effort
- Compliance action plan
- Project brief
WHAT WE WILL ASSESS AND AUDIT

EXTERNAL DEFENCES
- Data categories received, transferred and stored
- Data content risk rating
- Contracts with any third party
- Controller and Processor clarity
- Lawfulness of data transfers
- Data transfer register
- Allowed derogations
- Data Privacy notifications

GOVERNANCE STRUCTURE
- Personal data governance
- Data protection policy
- Data protection officer resource
- Implementation strategy and plan
- Polices, processes and procedures
- Security and access
- Training and awareness
- Lawfulness of data use and processing

SUPPORT PROCESSES
- Advice, Oversight, Regulatory relationship
- Honour personal data rights
- Enquiries, Requests and Complaints
- Subject Access Requests
- Training and Awareness
- Records management
- Retention and Deletion
- Data Sharing and Transfers
- Third-Party Personal Data Compliance
- Data Risk Assessment embedding (DPIA)
- Security and Access
- Data breach detection and notification
SOLUTIONS MENU

Data Protection Controls
Head Office
Calle de la Caléndula 93, Miniparc III, Edificio E, 28109, Alcobendas, Madrid, Spain
Call us
+34 915 553 975





