Indelible Data use a “management standard” approach to help guide clients through the implementation of the GDPR requirements.
QG Standards devised the “QG Data Protection Management Standard” to make it easier to implement than working through the 99 EU Regulation Articles and Working Party Guidance.
Our consultants are Certified GDPR Practitioners (certified by both IT Governance and QG Standards).
To understand a company’s requirements, we generally advise that a gap analysis is conducted against the management standard in order to produce a meaningful report to help plan and implement the project to meet the May 25th deadline.
The management standard can be viewed here
Becoming certified to QG’s Standard is not a requirement of GDPR, but it is a great way to prove to customers, partners and the Information Commissioner that you have taken GDPR seriously and have had the implementation verified by an independent third party.
As part of our initial analysis, we deliver a report highlighting what is in place, partially in place and not started – together with pointers on how to implement controls to fill the gaps.
We will also give some estimate of work involved and the likely costs for the entire project. This is a great footing to embark upon the compliance project.
We document the evidence that we find together with the resources required, the cost estimate and deadline. This document then becomes a project management tool to sign off tasks when they have been completed. We are able to highlight possible solutions, give ideas of how other companies have approached certain requirements and we can also ask assistance from our legal partners where required.
Indelible Data also provide template policies, Risk Assessment and Impact Assessment tools that can help kick start and maintain the momentum of your project. We can train your staff in the use of the tools and help tailor the policies and procedures as required.