This web site uses cookies. You are free to manage your cookie settings in your web browser at any time. For more about how we use cookies, please read our data privacy policy.

Data protection assessment / audit

GDPR readiness assessment. Are you ready to implement?

GDPR readiness assessment and audit
Are you fully prepared for GDPR?

To be ready for the GDPR, some of the main impacts on your organisation are: fulfilling the GDPR's documentation requirements, acting transparently, ensuring that consent is gathered when necessary and processed lawfully, ensuring that staff members understand how to handle and redact personal data, aligning contracts, agreements, memoranda of understanding, etc. to GDPR requirements, ensuring that the correct lawful framework and security measures are in place when transferring data, keeping track of where personal data is sent, authenticating individuals making sure that personal data is relatively easy to find, change and delete in order to satisfy a request, enabling the suspension or withdrawal of processing by an individual, a general cultural change to question why personal data is needed and to treat it with respect.

Our experience is that GDPR implementation has been random and mainly master-minded by alleged experts who have been on a short course.
We have rescued a few wayward projects and steered them to a successful conclusion.


GDPR readiness assessment. Are you ready to implement?

What we will do

A GDPR readiness assessment.

We will assign expert resources to assess and report on the areas shown below.

The assessment is performed against our GDPR framework benchmark model.

What we will deliver

The output of the assessment comprises:

  • Your current state of personal data protection
  • Gap report of your current state against our GDPR framework benchmark model
  • Road-map to GDPR compliance
  • Board papers for estimated cost and effort
  • Compliance action plan
  • Project brief

What we will assess and audit

GDPR readiness assessment. Are you ready to implement?

External defences

  • Data categories received, transferred and stored
  • Data content risk rating
  • Contracts with any third party
  • Controller and Processor clarity
  • Lawfulness of data transfers
  • Data transfer register
  • Allowed derogations
  • Data Privacy notifications
GDPR readiness assessment. Are you ready to implement?

Governance structure

  • Personal data governance
  • Data protection policy
  • Data protection officer resource
  • Implementation strategy and plan
  • Polices, processes and procedures
  • Security and access
  • Training and awareness
  • Lawfulness of data use and processing
GDPR readiness assessment. Are you ready to implement?

Support processes

  • Advice, Oversight, Regulatory relationship
  • Honour personal data rights
  • Enquiries, Requests and Complaints
  • Subject Access Requests
  • Training and Awareness
  • Records management
  • Retention and Deletion
  • Data Sharing and Transfers
  • Third Party Personal Data Compliance
  • Data Risk Assessment embedding (DPIA)
  • Security and Access
  • Data breach detection and notification