GDPR Compliance Assessment
A GDPR compliance assessment is the first step in evaluating how your organisation complies with the new GDPR regulations. Symmetry will conduct an internal assessment of the uses of personal data and the technical and organisational measures in place to protect the data. Framed around questionnaires and interviews, we ascertain and verify compliance to the new requirements of GDPR, giving you an impartial assessment on the state of your organisation’s compliance. The purpose of the compliance audit is to assist the organisation in oits current data environments and it’s data processing, as a first step to identifying remedial actions which will need to be taken to ensure GDPR compliance.
Once the assessment has been finalised, we will provide an assessment report that includes your answers, gap analysis, a risk assessment and recommended remediations. We analyse each organisation under the following headings:
- Governance & Accountability
- Data Processing
- Privacy Notices, Policies & Procedures
- Data Subject Rights
- Data Protection by default and by design
- Third Party Management
- Data Security and Breach
- Risk and Data Protection Impact Assessment
- Data Protection Offers
- Non-EEA Transfers
On completion of a compliance assessment, we will work with your organisation to explain the assessment results, the impact of the results and the suggested remediations.
To ensure evidence of full compliance, we would recommend completing a GDPR Processing and Compliance audit.