Risk Evolves Logo Need help now?

GDPR Discovery Review

Get your GDPR back on track

Have you done the bare minimum to ensure GDPR compliance since its introduction in 2018? Would a data leak be catastrophic to your reputation? Do you struggle to complete Subject Access Requests (SARs) or supplier questionnaires?
FAQs

Prioritising your actions

Taking stock of your GDPR shortcomings is the first step on the road to consistent compliance. Our GDPR consultants have the expertise to pinpoint areas of weakness and help you address them before matters can get out of hand.  

Benefits of a GDPR Discovery Review

Our expert consultants will help you:

Understand your role and responsibilities

Identify areas of weakness

Prioritise remedial action

Target future training and communications more effectively

Improve your credibility

Build on areas of strength

Reassure stakeholders

Stage 1: understanding your responsibilities

Find out what you really need to know about the GDPR during this interactive training session which will be customised to the needs of your organisation. Topics covered will include:

  • Why this legislation is important
  • Information security vs data privacy – what’s the difference
  • Who’s who in GDPR?
  • Who does what in GDPR?
  • The relevance of GDPR to your business
  • Opportunities and threats
  • What next?

Stage 2: finding the gaps

We’ll conduct a series of interviews with staff to understand your organisation’s compliance against the legislation. We’ll review the following areas:

  • Accountability & governance
  • Data privacy policy
  • Processes and procedures
  • Third party management
  • Information security
  • Incident management
  • Communication
  • Education

Stage 3: putting things right

Your consultant will compile a jargon-free report showing your high-level compliance against the eight topics listed above. It will also include a prioritised action plan which will get you back on track.

Your report will enable you to answer to critical questions, such as:

  • Do our employees understand their role and know what to do?
  • Are our suppliers putting us at risk?
  • Are our processes and procedures robust?
  • Is our data privacy policy fit for purpose?
  • Is our board doing all it should be?
  • Is our information security up to scratch?

FAQs

We’ll recommend a risk-based approach which will prioritise tackling the areas where there may be the least compliance with the regulations, and which could have the greatest impact in terms of fines or reputational damage.

As well as our recommendations, we’ll include anticipated timescales and suggest helpful resources.  

We can train up to 30 people, either in person or remotely.

Yes, we have a range of popular GDPR training courses for senior leaders and employees. These can be customised to your particular needs.

Please contact us for more information. 

If you don’t have your own compliance experts, our Compliance as a Service and Virtual DPO services will ensure you always have access to specialist GDPR advice.

If you do have your own compliance experts, we can provide a helpful second opinion and absence cover through our GDPR Critical Friend service.

Cyber Essentials Certified
ISO9001, ISO27001 & ISO 27701 Integrated and accredited logo
NQA Associate Partner Badge
IASME Consortium self-certified badge
Nation Cyber Resilience Centre group member
Better Business Act logo
WEst Midlands Service Excellence Awards | Professional Services Company of the Year Award badge
Living Wage Employer badge
Armed Forces Employer Recognition Scheme - Gold Award badge
EcoVadis Platinum Sustainability Badge June 2024
B Corp Certified badge