- GDPR Audit and Consulting -

GDPR Audit and Consulting

The General Data Protection Regulation, “GDPR”,  is a regulation that took effect on May 25th, 2018 in the European Union. The GDPR aims to protect the personal data of each individual by enforcing a set of strict rules on how the data are handled, processed and used by companies.


If your organisation is considering a GDPR Audit or consultation on how to implement, enforce or improve GDPR policies in order to comply with this European legislation, then choosing a company who specialises in GDPR Audits makes sense. CDMA Services Ltd has been selected among other Tenders to be exclusively conducting GDPR Audits on behalf of the Office of the Commissioner for Personal Data Protection. Furthermore, our experienced team of Information Security and GDPR experts, have helped a variety of private business and public sector organizations across Cyprus and Greece, to develop, enhance, audit and maintain their GDPR program.

GDPR Compliance Audit

In CDMA Services LTD, we have developed an efficient, cost effective and independent GDPR Audit methodology to determine the level of compliance of your GDPR program. How does it work:

Initial Meeting: We work closely with the organization to understand its objectives and clearly define the GDPR Audit scope.

Pre-Audit Information Gathering: Request and review all GDPR related policies and procedures, organizational diagrams and any other information security and confidentiality documents.

Audit Planning: Plan the Audit Fieldwork according to the organization’s business schedule, working hours and focus on areas identified in previous steps.

Audit Fieldwork: This phase includes among others, desk-site interviews with employees, evaluation of technical controls on customer’s premises, observation of procedures and data flows etc.

GDPR Gap Analysis Report: A detailed report is provided to customer, containing any GDPR compliance gaps identified by risk severity and accompanied by recommendations on how to implement or improve controls and procedures to minimize risk.

Follow-Up Review: Aligned to the findings of the report, a review can be conducted by our company, after all or some of the suggested recommendations have been completed by the organization


GDPR Consultation/Implementation

CDMA Services LTD also provides GPDR consultation services in your organization’s GDPR services. This service might include specific data protection and security services according to your organization’s needs. Some examples include

Preparation of GDPR rollout strategy

GDPR or Security awareness trainings

Data Protection Impact Assessment(DPIA) implementation for specific projects

Drafting of Privacy Notices, Cookie Policies, Consent forms etc.

Consultancy on data protection and security issues or data breaches (incident handling)

Technical consultation or technical controls implementation

In addition, our team can assist your organisation with identifying any gaps and providing you with the implementation of the necessary policies and procedures in order for you to become fully GDPR compliant. Our GDPR Implementation services include:

Providing legal advice and guidance to the organization

Preparing all required GDPR policies and procedures

Helping the organization to complete all necessary records

Providing advice in relation to data transfers and prepare templates of data agreements


Why Choose Us

Because we are more experienced: We have proven experience in GDPR compliance auditing through our close collaboration with the Office of the Commissioner for Personal Data Protection.

Because we are more qualified: We have a strong technical background, which makes us suitable for not only dealing with the paperwork but also consult you on the best practices to implement your GDPR controls.

Because we are more flexible: We customize our GDPR audit, consultation or implementation according to customer’s specific objectives and requirements in order to provide a robust value-added service.