With the passing of General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) in which all companies who have past & present EU citizen’s data, will be required to implement business processes and technical solutions to meet the GDPR mandates which include the complete removal of all traces of an individual' identity from the company's systems if requested. Companies will need to comply or be subject of fines ranging from 2% - 4% of annual revenues. This regulation not only impacts EU companies but all companies whose customers are EU citizens.
The project initiatives required to be GDPR compliant could be on the scale of the Y2K project. Just like it did during the Y2K and euro currency projects in which Audit Serve was a world leader in conducting Y2Kand euro currency assessments, Audit Serve has established its own propriety framework to conduct a GDPR Project Impact Analysis and Project Assessments which is used to scope out the project and track which stage of compliance that an organization has reached.
GDPR Project Assessment
The GDPR Project Assessment is intended to be performed once an organization has completed GDPR Project Impact Analysis. The Project Assessment is not intended to be a one-time assessment but instead a periodic assessment to measure the progress being made by an organization to reach GDPR compliance.
The GDPR Project Assessment Report established by Audit Serve defines the activities which have been initiated/completed across all IT and Non-IT areas which require GDPR initiatives.
The report will include remaining project tasks which need to be completed/enhanced within each of the IT and Non-IT areas which require GDPR initiatives. In addition the overall state of reaching the goal of complete GDPR compliance will be stated based on a quantitative level assigned to the organization (1 – 7). Each of these compliance levels of achievements map to the most critical aspects of the GDPR initiatives.
Complete the Information Request form
and Audit Serve will contact you to scope out the GDPR project requirements of your organization and establish a proposal for the engagement.