GDPR

From 25 May 2018, the EU General Data Protection Regulation (GDPR) came into effect. At ICOMEDGE , we have experience in providing organizations with the advice they require in order for them to meet all data handling regulations and laws. This could be for statutory reasons (DPA), to remain compliant (PCI), regulatory (FCA) as well as all Government requirements (HMG).

All organizations will have to be GDPR compliant from 25 th May 2018 and so, at ICOMEDGE , we can call on our experience to help organizations meet and understanding the regulation.

Management Summary

The findings will be delivered as a part of an overview which includes a graphical demonstration of the current security and protection position of the customer.

Gap Analysis Summary

In order to assist remediation, the customer will be provided with a representation of each control.

Red, Amber, Green Gap Analysis

A risk treatment plan can be developed from the spreadsheet.

GDPR Gap Analysis

A fully-qualified SFIA Level 4 GCPR consultant will be on-site to create a GDPR gap analysis report which includes:

An initial review of the existing review is carried out as part of the process and we also carry out interviews and collect evidence. We then consider the requirements of GDPR and carry out an assessment to deliver a gap analysis report. The risk treatment plan is then supported by the report.

Our GDPR Service

There are legal and financial responsibilities that come with GDPR, all of which have to be acknowledged at the board-level. We implement a thorough and comprehensive risk-register as well as an accountability framework to meet all fundamental requirements. We carry out a review that seeks out evidence of compliance to a standard that is recognized as well as evidence of the correct policies, data protection officer requirements, privacy impact assessments, incident response, and breach reporting.

GDPR Deliverable

We consider all existing controls, undertake interviews, and collect the relevant evidence prior to carrying out an assessment that considers the GDPR requirements. We then create a gap analysis report that feeds into the risk treatment plan.