ASSESS

1. GDPR GAP ANALYSIS

Organizations can benefit from our experience and knowhow to help guide them through the complicated process of achieving GDPR regulatory compliance. The GAP Analysis service is designed as an entry point for companies looking to make concrete headway on their GDPR projects in a short time frame and on a reasonable budget. The service could cover all, or part of the following services:

  • Assessment of business specifics.
  • Current level of compliance assessment.
  • Evaluation of results and next steps recommendation.

ACTION

We will lead and advise you during the complicated process of initial assessment of the GDPR compliance that covers the following:

BUSINESS SPECIFICS EVALUATION

  • Types of activities currently implemented related to the processing of personal data.
  • Area of operations - existing units and territory of operation, administration and control.
  • International exchange of personal data inside and outside the EU.

COMPLIANCE LEVEL EVALUATION

  • Normative - internal documents and practices on data protection and notification of the owner.
  • Organizational - rights and responsibilities for personal data protection, reporting and notification.
  • Technological - availability of technological means of data protection (IT, communication and others).
  • Management - the availability of control mechanisms to guarantee data protection.
  • Operational - business processes on data processing, internal controls.

EVALUATION OF RESULTS AND RECOMMENDATIONS


EXPECTED RESULTS

  • Specific weaknesses and omissions in meeting GDPR requirements.
  • Ready recommendations for the required changes.


2. RISK & COST/BENEFIT ANALYSIS

The next step organizations have to take is to perform an in depth risk evaluation with respect to the GDPR requirements. The Risk & Cost/Benefit Analysis service is designed to help customers find, evaluate, and compare a diverse set of measures to achieve compliance.Our experts in legal, business, and IT will help you assess completely different solution scenarios. Your organization will benefit significantly from a lower overall GDPR compliance cost by making informed decisions and selecting the solutions with the best fit. The service could cover all, or part of the following services:

  • Risk evaluation.
  • Available Measures & Cost vs Benefit Evaluation.

ACTION

We will lead and advise you during the process of assessment of the risks and complex evaluation of the required by GDPR compliance measures that refers to:

RISK ANALYSIS

  • Assessment of the Risk imposed in currently implemented procedures related to the processing of personal data.
  • Classification and prioritization of the GAPs results from GDPR Gap Analysis.

SOLUTION APPROACH

Create a list of measures and solutions that will address the identified GAPs and imposed risks. The solutions vary by used approach and may be:

  • Legal & Normative - internal documents and practices on data protection and notification of the owner.
  • Organizational - rights and responsibilities for personal data protection, reporting and notification.
  • Technological - availability of technological means of data protection (IT, communication and others).
  • Management - the availability of control mechanisms to guarantee data protection.
  • Operational - business processes on data processing, internal controls.

COST EVALUATION LIST

Prepare cost evaluation list of the enlisted measures.

COST VS VENEFIT EVALUATION

Cost vs Benefit Evaluation of results and solution selection/recommendations.


EXPECTED RESULTS

  • Significantly improved overall cost estimation of GDPR compliance process.
  • Ready recommendations for the required changes.
  • Detailed scope and time frame requirements.