Assessment and Audit

Readiness assessment and audit

Are you fully prepared for data protection and the GDPR? Our readiness assessment reports on your current state against a benchmark GDPR model.

Assessment and Audit outputs

  • A report of your current state of personal data protection
  • Gap report of your current state against our unified privacy framework
  • Road-map to compliance
  • Board papers for estimated cost and effort
  • Compliance action plan
  • Project brief

To get ready for data protection, especially the GDPR, some of the significant impacts on your organisation are: fulfilling documentation requirements, acting transparently, ensuring that consent is gathered when necessary and processed lawfully, ensuring that staff members understand how to handle and redact personal data, aligning contracts, agreements, memoranda of understanding, etc., ensuring that the correct lawful framework and security measures are in place when transferring data, keeping track of where personal data is sent, authenticating individuals making sure that personal data is relatively easy to find, change and delete to satisfy a request, enabling the suspension or withdrawal of processing by an individual, a general cultural change to question why personal data is needed and to treat it with respect.

Our experience is that data protection implementation has been random and mainly master-minded by alleged experts who attended a short course.
We have rescued wayward projects and steered them to a successful conclusion.

data protectiion assessment and audit

WHAT WE WILL DO

A GDPR readiness assessment.

We will assign expert resources to assess and report on the areas shown below.

The assessment is performed against our GDPR framework benchmark model.

WHAT WE WILL DELIVER

The output of the assessment comprises:

  • A report of your current state of personal data protection
  • Gap report of your current state against our unified privacy framework 
  • Road-map to compliance
  • Board papers for estimated cost and effort
  • Compliance action plan
  • Project brief

WHAT WE WILL ASSESS AND AUDIT

data protection assessment and audit external defences

EXTERNAL DEFENCES

  • Data categories received, transferred and stored
  • Data content risk rating
  • Contracts with any third party
  • Controller and Processor clarity
  • Lawfulness of data transfers
  • Data transfer register
  • Allowed derogations
  • Data Privacy notifications
data protection assessment and audit governance structure

GOVERNANCE STRUCTURE

  • Personal data governance
  • Data protection policy
  • Data protection officer resource
  • Implementation strategy and plan
  • Polices, processes and procedures
  • Security and access
  • Training and awareness
  • Lawfulness of data use and processing
data protection assessment and audit support processes

SUPPORT PROCESSES

  • Advice, Oversight, Regulatory relationship
  • Honour personal data rights
  • Enquiries, Requests and Complaints
  • Subject Access Requests
  • Training and Awareness
  • Records management
  • Retention and Deletion
  • Data Sharing and Transfers
  • Third-Party Personal Data Compliance
  • Data Risk Assessment embedding (DPIA)
  • Security and Access
  • Data breach detection and notification

SOLUTIONS MENU

data protectiion assessment and audit

Audit & Assessment

data protection framework delivery

Framework delivery

data protection maintenance and remediation

Maintain & Remediate

data protection training

Training

data protection officer

Data Protection Officer

data protection EU representative

EU Representative

data protection controls

Data Protection Controls

Head Office

Calle de la Caléndula 93, Miniparc III, Edificio E, 28109, Alcobendas, Madrid, Spain

Call us

+34 915 553 975