GDPR COMPLIANCE AUDIT
GDPR ACTION PLAN
Privacy Praxis has developed a methodology based on the ISO2700X to understand the main elements for presenting a picture of the current situation and a status of the places of compliance with the GDPR, in a short period of time and without disruption to the company's business and organizations.
The impact assessment covers the following aspects:
- IT security governance / data protection
- IT risk assessment
- Determination of processings requiring a data protection impact assessment based on the records of proccesing activities
- Data Protection Officer (Data Protection Officer)
- Data register
- Awareness campaigns
- Consent process
- Data protection of the individuals concerned (internal or external)
- Data protection mapping
- Individuals' rights in data protection
- Processing of personal data by third parties
- Information Security Management System
- Privacy by design and by default
The GDPR status of your business supported by our recommendations
and action plan
We offer a package based on the complexity and size of the company, for more information please fill out our form
A GDPR action plan: How and why?
Assessing the GDPR status of your business is the first step in ensuring compliance.Based on this, Privacy Praxis proposes a customized action plan which reflects your specific needs and allows your business reach its objectives quicker.
Why audit your company's GDPR situation?
Since the entry into force on 25 may 2018 of the General
Data Protection Regulation (GDPR) , corporate accountability has been strengthened. Businesses must now ensure optimal data protection and be able to document and prove their compliance with the GDPR regulation. In this context, it is essential to be able to assess an organization's level of compliance in order to effectively implement the necessary measures. Privacy Praxis proposes and executes comprehensive GDPR audits that allow you to have an overview of your starting GDPR compliance level and take effective improvement measures.
In order to offer you a quality action plan, Privacy Praxis is based on the
recommendations of the CNIL and organizes it around 6 key points:
- The identification of personal data processing and their registration in a register of processing activities
- Identification of the priority actions to be compliant with the GDPR
- Identification and risk management
- The designation of a person who will lead the governance of the personal data of your organization
- The implementation of processes ensuring effective personal data protection
- The necessary documents to prove your compliance with the regulation