Securing business data

News Article

GDPR: Assessment and Review Service

by Kevin Dowd | 28 Jun 2017


The EU General Data Protection Regulation (GDPR) will be enforced from 25 May 2018 and will not be affected by the UK’s decision to leave the EU. CNS Group has a long history of advising organisations on how to ensure they meet information handling requirements, whether this be for statutory reasons (DPA), to meet compliance (PCI), regulatory (FCA) or government requirements (HMG).

CNS Group  has a tailored a service that reviews an organisation’s preparedness for GDPR based on our experience to date and our understanding of the regulation.

The Service 

GDPR engagements will be wide ranging - encompassing many departments, and will almost certainly require legal input. It should be remembered that the pure IT security elements of GDPR are quite limited. This does not diminish the importance of the gap analysis exercise, which will provide valuable information that should be fed into the organisation’s wider GDPR project.

The process includes an initial review of existing controls, with appropriate interviews and evidence collected, and then an assessment against the requirements of GDPR to produce a gap analysis report. This report will form the foundation for a risk treatment plan.


On-site consultancy by qualified SFIA Level 4 GDPR Consultant to produce a GDPR gap analysis report. This should include:

1. Management summary
2. Gap analysis summary
3. Red, amber, green (RAG) gap analysis
4. Conclusion
5. Risk treatment plan

Find out more about how CNS Group can help you achieve GDPR compliance: click here to read the paper or click here to speak to one of our experts. 

call us

Get in touch

Talk to our experts today +44 (0) 20 7592 8800

Send us a message

We'll get back to you Send us a message

Connect with us

See what we're saying elsewhere