The GDPR assessment concentrates on evaluating your organization’s defensive stance in safeguarding personal data, critical assets, infrastructure, and applications through specific controls. It also gives importance to operational best practices for every control area, along with assessing the effectiveness and maturity of your internal policies and procedures.
Methodology
The assessment will be tailored to align customer’s organizational goals, industry, and maturity level to various control sets and frameworks. Our methodlogy accounts for the following activities :
- Conduct a GDPR maturity assessment
- Carry out Privacy Impact Assessments (PIA) on high risk data flows
- Develop an implementation roadmap
- Supply customers with resources and recommendations to execute the plan
Assessment Outcome
As part of this exercise we will perform a GDPR maturity assessment. We will perform two PIA’s on upto 2 high risk applications. The goal of this activity is assessing the applications and identifying risks and gaps in relation to the processing of personal data. Based on the outcome of the assessments, an action plan and roadmap will be drafted and presented. Our team will also provide tools, templates, best practices, and guidance for implementation. Below is the list of deliverables as part of the assessment.
- An executive GDPR readiness summary
- A GDPR compliance roadmap for your organization
- Key tactical and strategic recommendations
- Observations by the consultant(s)
- Identified gaps and focus areas
- A detailed GDPR readiness report