DQM GRC consultants are experienced in working in all areas of data protection implementation and can apply best-practice knowledge to your business. Previous consultancy projects have included:
- Data retention business strategy, reviews and policy implementation;
- Data mapping of data collection activities and set-up of Article 30 records;
- DPIA (data protection impact assessment) process creation and completion of assessments;
- Implementation of our group (GRC International Group) software;
- Third-party due diligence reviews;
- Policy and documentation reviews;
- Review or creation of breach policies and processes; and
- Implementation of new policies and procedures with practical assistance and training workshops.
Our team will work with you to understand your specific requirements and design a project to meet them. This process can be broken down into four steps:
Understand your requirements
The process typically begins with an initial call where we discuss your requirements and consider the work that may be involved.
The initial call is usually followed by a more detailed scoping process to define the work required, timescales and the success criteria.
We will present you with a detailed proposal setting out our planned project methodology, costs and timings for you to review and refine.
Agree a start date
Once you have approved the proposal, we will agree a start date and allocate your consultant or consultancy team.
We aim to maintain consistency of delivery throughout the project and, barring exceptional circumstances, you can expect that the team you work with will be the team identified in the proposal.