GDPR Is Here – Now What?
GDPR Is Here – Now What?
Hero Description
GDPR consulting services help organisations identify common GDPR gaps and develop remediation plans
GDPR Is Here – Now What?
Body
NEW: GDPR FAQ Guide
We are pleased to share our GDPR FAQ Guide, created in partnership with Robert Half and the multinational law firm Baker McKenzie to help organisations understand, prepare and operate under the GDPR. This guide covers the GDPR basics and focuses on critical areas such as third-party risk, data-privacy rights, consent management and privacy notices.
Protiviti designs holistic and comprehensive approaches to GDPR compliance, supporting privacy and security by design, assessing readiness, and helping businesses better understand their data-privacy posture. In addition, our compliance solutions cover people, processes and technologies to help drive sustainable and effective privacy programmes.
We will work with you to build your organisation’s GDPR programme, including consultation on the following:
- Regulation interpretation – analysis and advise
- Gap remediation with leading practises – including design and implementation of third-party risk, data-privacy rights, data governance and privacy notices
- Compliance solutions – people, process and technology execution for an effective cybersecurity and privacy programme
- Compliance management – monitoring and maintaining controls going forward.
We support clients during all stages of their GDPR compliance efforts. Our organisation integrates global consulting talent from different practises and backgrounds to provide you with a custom team to address your GDPR needs, including functional expertise from our Global Security and Privacy practise and our Data and Analytics teams and legal and privacy support from Robert Half Legal.
How Protiviti Can Assist:
- Discovery and Planning: Inventory of GDPR Data Sources with Their Criticality Template
- GDPR Gap Analysis and Results
- Compliance Roadmap and Supporting Report
- Gap Remediation: Remediate and Implement Solutions
- Post-Regulation Date: Assessing Controls in Place or Maintaining Controls That Have Been Implemented
- Global Capabilities to Deliver GDPR Expertise for Clients
“Protiviti did a great job in helping us to address the privacy challenge with a very strong risk-based approach and had a very pragmatic blended team that provided us several valuable solutions and very effective change management communication materials to address all the organisational and technology impacts required by new privacy regulations.”
– Compliance Officer, top listed global manufacturing company
Key Partners
Insights
Podcast: 2019 Vendor Risk Management
Video: GDPR - What next for privacy programmes
The Cybersecurity Imperative: Managing Cyber Risks in a World of Rapid Digital Change
FAQ: Understanding the General Data Protection Regulation
Protiviti assists organisations in achieving clarity and compliance around privacy risk governance programmes, including GDPR. We help companies understand the impacts of regulatory requirements, assess and remediate processes and technologies and implement changes to achieve and maintain compliance. Our approach to GDPR compliance includes:
Discovery: Identify high-risk areas to ensure a focused approach
- Identify and inventory EU personal data including classification level, data controller, processor and exchanges
- Formal inventory of processing activities
Manage: Determine exposure and prioritise compliance activities
- Assess data collection, processing and storage, and protection measures
- Assignment of a Data Protection Officer transfers to third parties, risk assessment practises and security policies
Protect: Implement changes to achieve compliance
- Obtain executive management support and funding
- Establish compliance programme structure and governance
- Identify compliance strategies
- Implement remediation plans
Report: Provide evidence of accountability and compliance
- Maintain required documentation
- Testing and validation
- Implementation of monitoring tools and processes
- Manage data requests and breach notification
With GDPR Deadline Looming, the First Step Is Discovery
Protiviti's Technology Consulting Managing Director Jeff Sanchez and Security and Privacy Managing Director Michael Walter share their insights on how organisations with EU employees or customers will be able to demonstrate compliance as new EU GDPR is scheduled to take effect on May 25, 2018.
Coping Strategies to Get Ready for GDPR
Protiviti Managing Director Jeff Sanchez speaks about 'Coping strategies to get ready for GDPR' with Financial Excellence (presented by SAP) as part of the Special Edition series on Coffee Break with Game Changers.
Listen the entire conversation
Protiviti’s GDPR Podcast Series
Listen to our experts discuss GDPR, share how it impacts various types of organisations and functional areas, and identify common GDPR gaps and technical components.
