Assure your data processing

How do you validate the progress you have made – and decide where to focus your attention next?

Principles-based regulations like the General Data Protection Regulation (GDPR) make organisations accountable for ensuring they implement appropriate controls to protect the data they process. But in a world where threats are constantly changing, staying confident that your organisation’s controls are appropriate can be challenging.

We carry out robust, maturity-based assurance assessments that consider the context of your organisation to help you make the right decisions.

Assure your data processing

Support services for privacy assurance

Expand each section to learn more.

GDPR Gap Analysis

GDPR Gap Analysis

Our GDPR Gap Analysis is a robust assessment of your assurance levels using our proprietary GDPR Radar™ tool.

Given its unique data protection context, this tool assesses whether your assurance levels are appropriate for your organisation.

Learn more

Cookie Assessment

Cookie Optimisation Assessment

Our Cookie Optimisation Assessment is designed to help your organisation build and implement a cookie strategy that works for you.

We consider both the GDPR (General Data Protection Regulation) requirements and your digital marketing objectives to help you use cookies with confidence.

Learn more

Technical and Organisational Measures Audit

Technical and Organisational measures audit

When organisations share data, data controllers are responsible for ensuring that everyone complies with the right policies, and data processors.

Given its unique data protection context, this tool assesses whether your assurance levels are appropriate for your organisation.

Learn more

Interim and secondment support

Interim and secondment support

How do you cover resource and skills gaps in your privacy team?

Gaps in your privacy team can happen for various reasons, from leaves of absence to short term requirements for individuals with specific skills and experience.

DQM GRC can provide experienced interim and seconded consultants to cover short and medium-term requirements from as little as one week’s notice.

Our consultants hit the ground running to provide day-to-day business-as-usual support, or take on specific projects such as privacy software implementation, data mapping and help you write complex data protection impact assessments.

Support services for privacy assurance

Expand each section to learn more.

Interim and seconded consultants

Consultancy support

Could your privacy team use another pair of experienced hands?

Our qualified and experienced consultants will work directly with you to provide hands-on support when you need it most. We can cover leaves of absence, provide additional support for busy periods and introduce specialised expertise for major projects.

Learn more

Control your data processing

How do you ensure that the organisations you work with keep you safe?

When organisations share data, data controllers are responsible for ensuring that everyone complies with the right policies, and data processors are responsible for ensuring they are not asked to do anything unlawful.

In practice, organisations may lack the experience and time to do this well. We can provide you with the evidence you need to be confident when things are working – and fix them if they are not.

 

Control your data processing

Our support for third party management

Expand each section to learn more.

Third-party assurance

Support for third party management

Can you assure your leadership team that your third parties comply with their obligations?

The GDPR requires organisations to have processes in place to monitor their third parties’ compliance with their legal and contractual obligations. Our specialist second party auditors can work directly with you to provide hands-on support when you need it most.

Learn more

BreachTrak

BreachTrak

BreachTrak monitors simple data sets to protect them against loss and theft. It is particularly beneficial for organisations who want to protect their valuable data assets – and the people the data relates to - against unauthorised intrusion.

BreachTrak includes enough data seeds to monitor one database and gives you an early warning if your data is used in ways you don’t expect or is offered for sale by cybercriminals.

Visit the BreachTrak website

Bespoke data seeding solutions

Bespoke Data Seeding Solutions

The GDPR requires you to put appropriate technical and organisational measures in place to safeguard the data you process.

Data seeding complements the measures your organisation takes to reduce the risk of data loss by enabling you to track your data sets and giving you early warning if they are misused or made available for sale by cybercriminals.

Learn more

Build your privacy command centre

Build your privacy command centre

Are you getting the most out of your privacy compliance software?

Privacy compliance software can be invaluable in helping organisations to organise and control their risks, but only if it is implemented correctly.

The initial implementation project can be significantly more complex than anticipated. It will highlight issues ranging from inconsistent use of terminology to information gaps such as missing or out of date process maps and data protection impact assessments.

Our highly experienced implementation consultants can help you run a procurement process, plan your project, carry out the implementation and ensure you remain updated with best practices and current requirements.

Support services for privacy assurance

Expand each section to learn more.

Third-party assurance

Supplier Assurance

Can you assure your leadership team that your third parties comply with their obligations?

The GDPR requires organisations to have processes in place to monitor their third parties’ compliance with their legal and contractual obligations. Our specialist second party auditors can work directly with you to provide hands-on support when you need it most.

Learn more

BreachTrak

BreachTrak

BreachTrak monitors simple data sets to protect them against loss and theft. It is particularly beneficial for organisations who want to protect their valuable data assets – and the people the data relates to - against unauthorised intrusion.

BreachTrak includes enough data seeds to monitor one database and gives you an early warning if your data is used in ways you don’t expect or is offered for sale by cybercriminals.

Visit the BreachTrak website

Train your teams and test your processes

How do you ensure that your staff training improves your staff’s performance?

Your staff are your best defence against data breaches and incidents.

So how do you ensure that they understand how they affect data protection in their roles? While general staff awareness is valuable in any organisation, specialist roles managing specific types of risks may need more.

We can design bespoke training and testing programmes so you can be sure that your training programme effectively addresses your risks.

 

Train your teams and test your processes

Our support for training and testing

Expand each section to learn more.

Privacy by Design training

Bespoke training

We can train your project and development teams to incorporate privacy by design requirements into projects in a way that complies with the law and improves the projects.

We have developed bespoke in-house Privacy by Design courses for delivery face-to-face in clients’ offices worldwide, for live online presentation, and as an interactive multi-media experience combining interactive e-learning modules with live online instructor-facilitated group work.

Learn more

Process assurance

Process Assurance

The GDPR makes organisations accountable for ensuring that their controls are effective and that their processes work as intended to protect personal data.

DQM GRC’s process assurance services allow organisations to track end to end user journeys designed to test that controls work as intended. Our data seeding team will work with you to develop a process assurance programme tailored to your needs and requirements.

Learn more

Bespoke training and testing

Bespoke training and testing

When organisations share data, data controllers are responsible for ensuring that everyone complies with the right policies, and data processors.

Given its unique data protection context, this tool assesses whether your assurance levels are appropriate for your organisation.

Learn more