Areas of our competencies
GDPR audit is a service that consists in the assessment of the implementation of the GDPR provisions in the company and the operational functioning of the company in terms of the GDPR. A review is made, for example, of the completeness of documentation, the way in which auxiliary processes are documented and implemented, and the degree to which remedial measures are implemented.
As part of the service, a post-audit document is produced, indicating areas for improvement and recommendations. The report can be expanded to include recommendations for solutions to be implemented. As a separate service, we can undertake the implementation of recommendations.
We have successfully carried out many such projects.
The service for the assessment of the implementation of the GDPR provisions consists, in the first step, of the preparation of a register of activities, carrying out of the impact assessment, including the development of recommendations, and the provision of support to legal departments in the development of weighing tests. In the second step, the service consists in implementing recommendations and putting them to use, including in particular the automation of processes, such as the management of authorizations to process personal data, the management of data subjects’ requests or the periodic erasure of data in the IT sets. Many times GDPR implementation is a service following earlier GDPR audit.
Here, we use, among other things, our knowledge and experience in the field of implementations in large international entities or process modelling and automation.
Outsourcing of the GDPR processes
In the post-implementation phase, the GDPR requires ongoing management. We offer a service consisting in full or partial handling of processes, such as handling data subjects’ requests, managing data processing authorizations or managing data retention. We also offer outsourcing services of a Data Protection Officer. In providing these services we are supported by the iGDPR software.
Our experience is confirmed by numbers, including more than 45,000 processed requests of data subjects or more than 10,000 processed authorizations to process personal data.
Not sure how to go about it and need professional design support?