Fast Track Your GDPR Compliance Efforts
Quickly address regulatory requirements, even after the deadline.
RETIRED CONTENT
Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.By choosing to ignore the potential impacts for GDPR, your organization risks:
- Its reputation.
- Significant fines.
- Possible legal action against your organization.
Taking the time to understand GDPR from a perspective of how it will impact processes around data globally and how it impacts your organization will help prepare your organization to:
- Be better equipped to face the likely possibility that there will be international data protection standards coming out of other countries.
- Perform its long overdue due diligence around data maintenance, classification, and protection.
Book Your Workshop
Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.
Module 1: Understand Your Compliance Requirements
The Purpose
- Kick-off the workshop; understand and define GDPR as it exists in your organizational context.
Key Benefits Achieved
- Prioritize your business units based on GDPR risk.
- Assign roles and responsibilities.
Activities: | Outputs: | |
---|---|---|
1.1 | Kick-off and introductions. |
|
1.2 | High-level overview of weekly activities and outcomes. |
|
1.3 | Identify and define GDPR initiative within your organization’s context. |
|
1.4 | Determine what actions have been done to prepare; how have regulations been handled in the past? |
|
1.5 | Identify key business units for GDPR committee. |
|
1.6 | Document business units and functions that are within scope. |
|
1.7 | Prioritize business units based on GDPR. |
|
1.8 | Formalize stakeholder support. |
|
Module 2: Define Your GDPR Scope
The Purpose
Know the rationale behind a record of processing.
Key Benefits Achieved
Determine who will own the record of processing.
Activities: | Outputs: | |
---|---|---|
2.1 | Understand the necessity for a record of processing. |
|
2.2 | Determine for each prioritized business unit: are you a controller or processor? |
|
2.3 | Develop a record of processing for most-critical business units. |
|
2.4 | Perform legitimate interest assessments. |
|
2.5 | Document an iterative process for creating a record of processing. |
|
Module 3: Satisfy Documentation Requirements and Align With Your Data Breach Requirements and Security Program
The Purpose
Review existing security controls and highlight potential requirements.
Key Benefits Achieved
Ensure the initiatives you’ll be working on align with existing controls and future goals.
Activities: | Outputs: | |
---|---|---|
3.1 | Determine the appetite to align the GDPR project to data classification and data discovery. |
|
3.2 | Discuss the benefits of data discovery and classification. |
|
3.3 | Review existing incident response plans and highlight gaps. |
|
3.4 | Review existing security controls and highlight potential requirements. |
|
3.5 | Review all initiatives highlighted during days 1-3. |
|
Module 4: Prioritize GDPR Initiatives
The Purpose
Review project plan and initiatives and prioritize.
Key Benefits Achieved
Finalize outputs of the workshop, with a strong understanding of next steps.
Activities: | Outputs: | |
---|---|---|
4.1 | Analyze the necessity for a data protection officer and document decision. |
|
4.2 | Review project plan and initiatives. |
|
4.3 | Prioritize all current initiatives based on regulatory compliance, cost, and ease to implement. |
|
4.4 | Develop a data protection policy. |
|
4.5 | Finalize key deliverables created during the workshop. |
|
4.6 | Present the GDPR project to key stakeholders. |
|
4.7 | Workshop executive presentation and debrief. |
|