In�nigate UK’s Data Protection Compliance Assessment helps your organisation take a practical and pragmatic

approach to the new General Data Protection Regulation, ahead of the application of the GDPR into UK law in May

2018.

WHY IT MATTERS?

GDPR is a European Law for the regulation of the protection of personal data- that’s the personal data of your customers, prospects and workers.

It will apply in the UK on 25th May 2018, and despite Brexit, the government is committed to implementing GDPR- so it will still apply.

It is designed to make data protection relevant for today’s technological world, empower the individual with fundamental rights and make organisations accountable for protecting personal data.

It applies to any organisation (data controllers) that has a direct relationship with people in the EU, or organisations (data processors) that process data on behalf of another data controllers.

current Data Protection Act including;

• organisations break the law – as much as 4% of global turnover in very extreme circumstances

• The mandatory reporting of some databreaches to the regulator

• individual (the data subject)

GDPR Compliance

Assessment

Data protection laws are changing. Let us help you navigate the business risk.

THE COMMON QUESTIONS

What is the risk to our business?

Does the regulation apply to our organisation?

What happens to our business if we don’t comply with the regulation?

What data do we process and does it contain any sensitive, or special category, data that might exacerbate the impact of a data breach or breach of the law?

How much of this data do we have?

Where is this data within our organisation?

How much security do we really need to protect the data we have?

INFINIGATE UK COMPLIANCE ASSESSMENT – WHAT WE DO

In�nigate UK’s compliance assessment is designed to enable your organisation to address the most critical data protection risks and

Our assessments;

Understand the inherent risk in your business

Rank the level of risk associated with the data you process to help you prioritise your compliance and security activity

Benchmark your organisation against the GDPR principles to identify areas of non-compliance for remediation

Identify if the organisation processes special category data to indicate the severity of regulatory or civil action

Take a pragmatic, evidence based approach to GDPR so you don’t spend more than you should

INFINIGATE UK’S COMPLIANCE ASSESSMENT – HOW IT WORKS In�nigate UK’s GDPR assessments are delivered using web-conference technology to complete the assessments as quickly and

Delivered by a GDPR consultant, each assessment provides access to wealth of knowledge and expertise to navigate the GDPR process.

The engagement comprises the following key phases:

1.

2.

3.

4.

Project planning:In�nigate UK’s GDPR team start the compliance assessment through an initial conference call with the organisation to explain the assessment process and answer any immediate questions the organisation may have.

Once complete, In�nigate UK will deliver the assessment questionnaires for the organisation to respond to.

Data Analysis:Once the required information has been supplied, In�nigate UK will analyse the information and conduct a second web-conference call to review the information submitted, validate and challenges responses in order to build a complete, high level view of the organisation and its data protection related risks.

This phase of the review will focus on establishing a understanding of the organisational structure, the data assets being processed, the presence of any special category data, the organisations ability to meet data subject rights and the requirement of technical security controls.

Findings reportingUpon completion of the data analysis phase, In�nigate UK will provide a GDPR compliance assessment report, detailing • The risk the incoming GDPR law present to the organisation, presented via a number of easy-to-understand risk-

heat maps

• The sensitivity of the data which the organisations processes through a high-level privacy impact assessment

• A technical controls maturity matrix, which details the technical control the organisation needs to use, to protect the personal data

• A list of prioritised recommendations to reduce the data protection risk

Project completion:

BENEFITS OF WORKING WITH INFINIGATE UK

• Each assessment is delivered by a GDPR consultant, giving you direct access to the experts

• In�nigate UK’s unique risk based approach to compliance and security ensures you spend the right amount of money to mitigate the real risks to your business

• Data capture is provisioned through a compliance platform for optional, post assessment management

ADVISE

ASSESS

ASSURE

In�nigate UK LimitedTel: +44 (0) 207 593 3290E-mail: info@in�nigate.co.uk Web: www.in�nigate.co.uk

To �nd out more about In�nigate UK’s GDPR Compliance Assessment or to receive a quotation,please get in touch.

In�nigate UK’s GDPR team complete the assessment with a project-close conference call to answer any �nal questionsyou may have about the �ndings, recommendations or next steps.

© Copyright 2017 In�nigate UK Limited. All rights reserved. This material is for information purposes only and does not take into consideration the particular circumstances orobjectives of your business. Whilst every reasonable e�ort has been made to ensure the accuracy of the information in this document, In�nigate UK Limited shall not be held liablefor any errors or ommisions