Create an Actionable Plan with a GDPR Compliance Assessment
The GDPR sets out seven key principles which should be at the core of personal data processing. By completing an assessment, you can identify GDPR-related gaps in your privacy programme, then create a plan to integrate data protection into your processing activities and business practices from the design stage, across the entire data processing lifecycle.
Through a series of interviews, documentation analyses, technical review and a site visit where necessary, we can provide a Risk based, prioritised plan of action leading to GDPR Compliance.
We follow a time honoured approach of Assess, Define, Integrate –
Assess-Conduct a Gap Analysis against the best practice standard, ISO 27701, identifying Compliance gaps and areas for improvement
Define-Benchmark your processes, define maturity levels and plan for implementation of change
Integrate- Reduce Risk by implementing our recommendations, aligned to your organisations strategy
ASSESS
Conduct a Gap Analysis against the best practice standard, ISO 27701, identifying Compliance gaps and areas for improvement.
Privacy Auditor commences with a series of interviews with key staff across multiple departments :
Legal & Compliance
Audit
Operations
Data Protection
Risk Management
Information Security
DEFINE
Benchmark your processes, define maturity levels and plan for
implementation of change
Document your current Compliance status
Benchmark against industry best practice
Map to your organisation’s objectives
Develop an implementation Roadmap
INTEGRATE
Reduce Risk by implementing our recommendations, aligned to your organisations strategy, across the following domains
Data breach Management
Information Security
Data Privacy Impact
Notices & Lawful bases
Assessments
Training & Awareness
Data Subject Rights provision
Third Party Management
Why Use Privacy Auditor?
Research has proven that the majority of organisations who require a DPO, rely on their Legal & Compliance teams to advise and steer them towards GDPR Compliance. This has proven to be a mis-use of valuable resources. A far better approach is to harness the knowledge of Legal & Compliance, and seek out the additional knowledge of the teams who “should be” responsible for providing that advice. Privacy Auditor uncovers who that is within your organisation and recommends their use in the management of Business Risk.
What does Privacy Auditor Produce?
Privacy Auditor produces a Risk based, prioritised and actionable report that will allow organisations to plan for, implement and monitor it’s GDPR Compliance position. Taking into account both the Material and
Territorial aspects of GDPR, our report identifies common solutions to inter-departmental requirements, streamlining of business processes and the assurance of Compliance. Marketing teams, Product Development and Sales can then utilise these recommendations to ensure ongoing value provision.
Who is Privacy Auditor for?
Privacy Auditor is designed for any organisation, big or small, who wishes to better understand their GDPR Compliance position. Developed by
industry experts, the process allows an organisation to develop it’s own Privacy Compliance Framework, supported by our DPO As a Service
solution, as required.