Fast Track Your GDPR Compliance Efforts

Quickly address regulatory requirements, even after the deadline.

RETIRED CONTENT

Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.

By choosing to ignore the potential impacts for GDPR, your organization risks:

  • Its reputation.
  • Significant fines.
  • Possible legal action against your organization.

Taking the time to understand GDPR from a perspective of how it will impact processes around data globally and how it impacts your organization will help prepare your organization to:

  • Be better equipped to face the likely possibility that there will be international data protection standards coming out of other countries.
  • Perform its long overdue due diligence around data maintenance, classification, and protection.

Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Module 1: Understand Your Compliance Requirements

The Purpose

  • Kick-off the workshop; understand and define GDPR as it exists in your organizational context.

Key Benefits Achieved

  • Prioritize your business units based on GDPR risk.
  • Assign roles and responsibilities.

Activities: Outputs:
1.1 Kick-off and introductions.
1.2 High-level overview of weekly activities and outcomes.
1.3 Identify and define GDPR initiative within your organization’s context.
1.4 Determine what actions have been done to prepare; how have regulations been handled in the past?
1.5 Identify key business units for GDPR committee.
1.6 Document business units and functions that are within scope.
1.7 Prioritize business units based on GDPR.
  • Prioritized business units based on GDPR risk
1.8 Formalize stakeholder support.
  • GDPR Compliance RACI Chart

Module 2: Define Your GDPR Scope

The Purpose

Know the rationale behind a record of processing.

Key Benefits Achieved

Determine who will own the record of processing.

Activities: Outputs:
2.1 Understand the necessity for a record of processing.
2.2 Determine for each prioritized business unit: are you a controller or processor?
2.3 Develop a record of processing for most-critical business units.
  • Initial record of processing: 1-2 activities
2.4 Perform legitimate interest assessments.
  • Initial legitimate interest assessment: 1-2 activities
2.5 Document an iterative process for creating a record of processing.
  • Determination of who will own the record of processing

Module 3: Satisfy Documentation Requirements and Align With Your Data Breach Requirements and Security Program

The Purpose

Review existing security controls and highlight potential requirements.

Key Benefits Achieved

Ensure the initiatives you’ll be working on align with existing controls and future goals.

Activities: Outputs:
3.1 Determine the appetite to align the GDPR project to data classification and data discovery.
3.2 Discuss the benefits of data discovery and classification.
3.3 Review existing incident response plans and highlight gaps.
  • Highlighted gaps in current incident response and security program controls
3.4 Review existing security controls and highlight potential requirements.
3.5 Review all initiatives highlighted during days 1-3.
  • Documented all future initiatives

Module 4: Prioritize GDPR Initiatives

The Purpose

Review project plan and initiatives and prioritize.

Key Benefits Achieved

Finalize outputs of the workshop, with a strong understanding of next steps.

Activities: Outputs:
4.1 Analyze the necessity for a data protection officer and document decision.
4.2 Review project plan and initiatives.
4.3 Prioritize all current initiatives based on regulatory compliance, cost, and ease to implement.
  • GDPR framework and prioritized initiatives
4.4 Develop a data protection policy.
  • Data Protection Policy
4.5 Finalize key deliverables created during the workshop.
  • List of key tools
4.6 Present the GDPR project to key stakeholders.
  • Communication plans
4.7 Workshop executive presentation and debrief.
  • Workshop summary documentation
Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019