EU GDPR regulation is going to be effective from the 25th of May, 2018. Organizations both established in the EU and outside of the EU handling EU resident data are in various stages of compliance at present. Needless to say a lot more requires to be done to be compliant.
We at have a taken a deeper look at the entire spectrum of the new requirements and its exceptions across the entire data life cycle and are confident of delivering cost effective and timely services as showcased in the diagram below:
Our Commitment & Culture:
We are a team of certified data privacy and highly experienced professionals with assessment and implementation expertise in information and data privacy in several multinational organizations across the globe. We represent a team with a deep understanding and requisite skills for providing consulting and help in building effective roadmaps in governance, risk and compliance arena. In context of GDPR we provide the following services:
GDPR Assessment Services
We have assessors and auditors who are subject matter experts to conduct assessments on GDPR.
The following are the services we offer:
- GDPR readiness assessment (as is)
- Tool based impact assessments
- Implementation effectiveness assessment
- GDPR compliant embedded SDLC Road Map
GDPR Certification Services
We support organisations to perform the following (broad items, but not limited to):
- Assess organisational GDPR compliance requirements and scope definition
- Conduct Gap Analysis, Risk Analysis and Data Privacy Impact Assessments
- Impact assessment of EU cross border data handling
- Privacy program development and action plan formulation
- Data flow mapping and classification
- Accountability, responsibility and liability definitions for Controllers, Processors and Data Protection officers
- Incident response program development
- Assist in defining add on Nation State Compliance Requirements
- Usage of appropriate standards like NIST, ISO27001, ISO 27018, ISO 27151, ISO 29100, ISO 29134, ISO 29151, BS 10012, OWASP SAMM etc.
- End to end implementation with development of necessary policies, procedure and organisation definitions
- Integrations with different framework and tools towards GDPR compliance