Securing business data
GDPR

GDPR - The EU General Data Protection Regulation

GDPR - How can you achieve compliance & peace of mind?

The EU General Data Protection Regulation (GDPR) will be enforced from 25 May 2018 and will not be affected by the UK’s decision to leave the EU. CNS Group has a long history of advising organisations on how to ensure they meet information handling requirements, whether this be for statutory reasons (DPA), to meet compliance (PCI), regulatory (FCA) or government requirements (HMG).

CNS Group has tailored a service that reviews an organisation’s preparedness for GDPR based on our experience to date and our understanding of the regulation.

shutterstock_758084194

Taking your first steps to GDPR compliance

If you would like to speak with one of our GDPR experts now, please get in touch by filling out the form below
Please Contact me via

shutterstock_518606029

The CNS Group GDPR Service:

GDPR requires board-level awareness and recognition of both legal and financial responsibilities. A comprehensive risk register and detailed accountability framework are also fundamental requirements.

Our review will look for evidence of compliance to a recognised standard (such as ISO 27001 or Cyber Essentials Plus), as well as appropriate policies, data protection officer requirements, privacy impact assessments, incident response and breach reporting.

The CNS process includes an initial review of existing controls, with appropriate interviews and evidence collected, and then an assessment against the requirements of GDPR to produce a gap analysis report. This report then forms the foundation for a risk treatment plan.

shutterstock_627648104

GDPR Deiverable

The process includes an initial review of existing controls, with appropriate interviews and evidence collected, and then an assessment against the requirements of GDPR to produce a gap analysis report. This report will form the foundation for a risk treatment plan.

On-site consultancy by qualified SFIA Level 4GDPR Consultant to produce a GDPR gap analysis report.

This should include:

Management Summary
An overview of the findings including a graphical representation of the customer’s current security and data protection posture.

Gap Analysis Summary
A representation of each control so that the customers can prioritise remediation.

Red, Amber, Green (RAG) Gap Analysis
This spreadsheet can be turned into a risk treatment plan

Conclusion
This section may also provide further advice or recommended activities that we feel are necessary

White Paper: Data Sovereignty: Keep Your Data Close

Company size


data-sovereignty
call us

Get in touch

Talk to our experts today +44 (0) 20 7592 8800

Send us a message

We'll get back to you Send us a message

Connect with us

See what we're saying elsewhere