DQM GRC was formed in 1996 to help organisations harness the emerging power of data.

We could see that ‘Confidence in Data’ would be essential to the Information Age and so we began offering services to help data owners protect, manage and commercialise their data assets. Right from the beginning, we could see that data protection would be critical for data-driven innovation.

Acquired in 2019, we are a proud member of GRC International Group (LSE:GRC).

Our award-winning range of services and solutions can give any organisation confidence in their data, from SMEs to multinationals and from finance to publishers or utilities – we understand your specific requirements and can provide bespoke and hands-on support via our specialist group of experts.

Get in touch to find out how we can help your organisation



We work with some of the world’s largest organisations – and many smaller ones too. What our clients of all sizes have in common is an understanding that great data-driven decisions and disruptive data-led products and services require confidence. We help organisations build that confidence by helping them communicate, manage their risks and contracts, and embed data protection and privacy thinking in their approach to products and services.

We believe that data protection is not just an inherent part of innovation – it drives it. Organisations succeed when people trust them to use their data in creative ways. Organisational partnerships succeed when both sides trust that data sharing agreements are honoured.

So, if you believe that data is your organisation’s most valuable asset, that your sales depend on you getting data protection and privacy right, and that good data protection practices make great commercial sense – our purpose is to help your business excel.

DQM GRC’s journey since 1996

1996 – DQM GRC founded by Peter Galdies to protect the valuable data assets of commercial organisations
1996 – DQM GRC introduces the first commercial data tracking service
1996 – 36 million Internet users (0.9% of the world’s population)1
1998 – UK Data Protection Act 1998 implemented
2003 – DQM GRC acquires Data Quality Management Ltd to expand growing commercial audit services
2004 – ‘Web 2.0’ websites featuring user-generated content become commonplace
2004 – DQM GRC becomes UK’s largest auditor of commercial data use
2005 – More than 1 billion Internet users (15.7% of the world’s population)
2011 – DQM GRC creates DataIQ to promote best practice in the emerging data profession
2012 – DQM GRC creates the Secure Data Hub – an innovative service combining secure data distribution with embedded data tracking
2012 – EU announces intention to create the GDPR (General Data Protection Regulation)
2015 – DataIQ divested to allow DQM GRC to focus on data governance and compliance
2016 – GDPR RADAR™ gap analysis tool launched to help organisations prepare for GDPR Compliance
2018 – EU GDPR implemented across Europe
2018 – UK Data Protection Act 2018 implemented
2018 – DQM GRC creates award winning privacy-by-design programme
2018 – DQM GRC wins ‘Best GDPR Solution’ at DataIQ Awards
2019 – GRC International Group acquires DQM GRC
2020 – New product launches include Brexit Readiness Assessment, EU-US Data Transfers Assessment and Action Plan, and Cookie Assessment
2020 – DQM GRC delivers world’s first mixed-media remote learning privacy-by-design programme
2020 – DQM GRC with WarnerMedia wins the DataIQ Award for ‘Best Data Ethics and Privacy Initiative’ for our global privacy-by-design training programme
2020 – DQM GRC with WarnerMedia wins the DMA Award for ‘Best Privacy by Design’ for our global privacy-by-design training programme

1Internet statistics from Internet World Stats, https://www.globalpolicy.org/tables-and-charts-ql/27519-internet-users.html

Our Group offering

Privacy software

Provided by Vigilant Software.

Vigilant Software makes easy-to-use privacy compliance software to help your organisation keep track of its data and data risks.


Training and qualifications

Provided by IT Governance.

IT Governance offers a wide range of data privacy and cyber security training options, from staff awareness elearning packages to accredited qualifications.


Privacy as a Service

Provided by GRCI Law.

GRCI Law’s solicitors offer flexible, dependable outsourced DPOs (data protection officers), privacy managers, and EU and UK representatives.


Publications and toolkits

Provided by ITGP (IT Governance Publishing).

ITGP offers a huge selection of privacy, cyber security and business management reference books and toolkits.


Management systems

Provided by IT Governance.

IT Governance’s consultants can help you achieve ISO and BS standards for management systems including ISMSs (information security management systems), PIMSs (privacy information management systems) and other systems including business continuity.