1. Make the GDPR a priority, incorporating the SMT
Ensure there is organisational buy-in to support the necessary changes in process to become compliant.
2. Assimilate your data
- - What – data do you have.
- - Why – do you have it.
- - Where – is it stored.
- - Access – who can access it.
- - Process – for what reason.
3. Gap Analysis
- - Identify your key risks and gaps in compliance.
- - Assess against CREST Cyber Essentials criteria.
4. Implement Appropriate Controls
- - Based on Gap Analysis risk register.
5. Cyber Essentials
- Steps-taken to mitigate and compliance.
- - Crucial element, training employees to align with new business processes to ensure compliance.
- - Working through the above will result in GDPR compliance for current estate.
- - Review business strategy, introduction of new processes and measures may result in a breach of GDPR compliance.
9. Ongoing Management
- Utilise Optimising IT to become compliant and importantly maintain compliance upon business change and introduction of new processes.
Speak to our GDPR team today
Call us on 01242 505 470Contact Us