General Data Protection Regulation (GDPR) aims to protect European citizen personal information. We have a 6-phase Methodology to help you achieve successful compliance.
What is GDPR?
GDPR is aimed at protecting personal information, as an extension of an individual fundamental 'right to privacy'.
Inability to comply with GDPR can result in serious implication that includes fines between Euro 10 Million to Euro 20 Million or 4% of the global annual sales. . Besides the penalty, just imagine the impact on your brand, image and reputation.
We have a structured phase wise approach to determine the scope of information in scope, and help you comply to the requirement.
Phase I – Information flow assessment
This phase involves identification of information sources, and is processing infrastructure that involves personnel, technology, physical infrastructure.
Phase II – Gap Analysis
This phase involves performing privacy impact assessment and security risk assessment to determine security and legal loopholes. Identified gaps are provided with detail recommendations.
Phase III – Control Design and documentation
This phase involves our methodology that involves distribution security responsibility to internal stakeholders, with controls policies and transactions that ensures that GDPR is well embedded in the organisation processes. This also includes nomination of a data protection officer and creating data protection office, for the organisation.
Phase IV – Tracking
This phase involves tracking the client risks, and documentation on a weekly basis till all internal controls are adequately implemented.
Phase V – Performance Tracking
This phase involves showcasing client with changes in a given period by providing change specific score of compliance between 0 -100% compliance.
Phase VI – Internal Audit
This phase involves verifying the governance system created for the organisation is well in place and ready to declare as GDPR compliant.