Data Protection Assessments

The GDPR Accountability Principle mandates organisations must be able to clearly demonstrate compliance with the law. Simply being compliant is not enough.

You must be able to identify, and be answerable to, the measures that have been put in place to minimise risk - even when data has moved out of your organisation and the processing is being carried out by a third-party.

This goes beyond having the appropriate assurances and contract terms in place.

At DQM GRC, we can assess both the compliance of your organisation or its third-party suppliers and data processors. We can also conduct due diligence assessments on the organisations you’re considering acquiring or merging with in the future.

This can help ensure your business has taken evident steps to demonstrate compliance and reduce risk.

Our range of assessments include:

Our unique GDPR RADAR™ assessment is based on the ICO’s audit framework and can provide your organisation with a detailed report on its data protection maturity whilst identifying any high-risk areas. The process includes:

  • A review of key documentation such as records of processing, policies and logs
  • Interviews with key staff members to assess awareness of, and compliance with, documented policies and procedures

Click here to find out more

We will work with you to establish a prioritised list of vendors and create an assessment roadmap. A typical plan involves inspectional visits to critical and high-risk vendors, and an evaluation of questionnaire responses for non-critical vendors.

Click here to find out more.

We will work alongside your organisation and its professional advisers to assess the data protection risk-level inherent in a merger or acquisition. This assessment will typically include:

  • Our GDPR RADAR™
  • A Data Quality Assessment: identifies any issues with the data quality that could affect your organisation’s ability to use it
  • A Data Integration Assessment: identifies any risks that may affect your organisation’s ability to integrate the target’s data with your own

Our proprietary assessment builds on the work done by the Capability Maturity Model Industry, and can provide your organisation with an assessment of its data maturity in respect of:

  • Data Strategy
  • Data Governance
  • Data Quality
  • Data Operations
  • Supporting Processes
  • Your organisation’s regulatory environment, and supplementary organisational requirements
  • Management of personal data

Click here to find out more.

We can create an assessment plan tailored to your organisation’s exact requirements. This can include incorporating criteria which is specific to your organisation’s regulatory and contractual environment, or targeting certain data protection risk areas in more detail.

Our approach to assessments

We believe that assessments should be clear, fair and actionable. As external and neutral auditors, we give participants the ability to be open and honest with our team of experts – producing the most effective insights for your organisation.

Our concise reports are designed to swiftly highlight priority areas and produce an overview of your organisation’s data protection maturity status. Where relevant, we can help create an immediate action plan to address any issues we identify.

Discuss your needs today

To find out more about how we can help your organisation, call us now on 01494 442900 or complete our enquiry form:

Stay informed

Enter your e-mail and get the latest data news & advice straight to your inbox.

Find out more?

Leave your contact details below and one of our expert team will be in touch

We will only use the contact details you supply on the basis of our legitimate interest to respond to your query and contact you about DQM GRC. You will always be given the opportunity to opt-out from future communications. Please read our privacy policy for more details.

 

Find out more..

If you are interested in any of our services then please either use the contact form or contact us via of the methods below:

  •   Telephone
  •   E-mail

  •   +44 (0)1494 442900
  •   sales@dqmgrc.com