GDPR123 COMPLIANCE FRAMEWORK

Being compliant is as easy as GDPR123!
 

What is the Compliance Framework?

Our Framework is designed to help organisations achieve GDPR Compliance in a timely manner and to instil the right governance, policies and procedures to maintain ongoing compliance to the regulation.

HOW DOES IT WORK?

Use our tools and guidance to audit your organisation and to then put in place the necessary auditing, risk assessments, policies and procedures to gain compliance.

HOW MUCH DOES IT COST?

For just £695+VAT you will get everything you need to help you work towards becoming compliant. 

GDRP123 COMPLIANCE FRAMEWORK

________

1. ASSESSMENT STAGE

________

You will need the support of Senior Management as this stage will involve scheduling meetings, agreeing on the scope, deciding a risk appetite and allocating resources. To help kick off the process it would be worth all stakeholders being aware of the GDPR basics.

Once you have the support of management and the necessary resources you will need to set about identifying and gathering everything within the scope that you need to audit and assess.

To help you organise and structure your assets, our solution will provide you with template audit sheets so you know what you need to look for when performing the hardware, software and communications audits. The final stage is to audit the management system which consists of your organisation’s policies, procedures and plans.

Once you have finished these initial steps you need to compare your findings with the requirements in order to produce a GAP Analysis to identify what changes need to be made to become GDPR Compliant.

2. IMPROVEMENT STAGE

________

Following on from the assessment stage you will have performed a GAP Analysis, identified any non-conformities, and created an action list. You will then need to get these actions reviewed and approved, and agree a schedule and deadlines for the actions to implemented by.

After the actions have been approved and a schedule with deadlines has been set, you are ready to proceed with the implementation. During the implementation it is important that full documentation is kept so there is a record of what has been done, when and by who.

When implementing the actions is it important to judge their effectiveness, so setting up monitoring and measuring methods (if not already in place) may be necessary.

3. RESPOND STAGE

________

Having completed the GAP Analysis and addressed the non-conformities and remediation tasks, you should undertake a Stage-2 Audit  to make sure that issues flagged in the original GAP Analysis are now resolved.

Your records should include at a minimum the results of the monitoring and measurements, reviews of policies, plans and procedures, actions implemented as a result of the reviews, incident logs, breach records, risk assessments and training issued to staff.

To maintain the level compliance you have achieved there will be a need for a number of ongoing actions to implement and schedule. This will include making sure that all employees, contractors, suppliers and relevant third parties are trained on organisation policies and procedures.

NOTE – Compliance isn’t a goal it is a cycle, once it has been achieved it needs to be maintained. When you have completed this three step process you will return to the assessment stage after a given amount of time and restart the cycle.

HOW DOES IT WORK?

________

Once you have purchased our GDPR Compliance Framework you will be sent:

  1. An email with your unique licence key for our online Compliance Assistant
  2. A welcome pack of 3 folders to help you organise and manage your GDPR compliance project
  3. Access to our team of GDPR experts who will help and guide you through the process 

Once you have received all of the above you are ready to get started!