GDPR Audit and Consulting
The General Data Protection Regulation, “GDPR”, is a regulation that took effect on May 25th, 2018 in the European Union. The GDPR aims to protect the personal data of each individual by enforcing a set of strict rules on how the data are handled, processed and used by companies.
If your organisation is considering a GDPR Audit or consultation on how to implement, enforce or improve GDPR policies in order to comply with this European legislation, then choosing a company who specialises in GDPR Audits makes sense. CDMA Services Ltd has been selected among other Tenders to be exclusively conducting GDPR Audits on behalf of the Office of the Commissioner for Personal Data Protection. Furthermore, our experienced team of Information Security and GDPR experts, have helped a variety of private business and public sector organizations across Cyprus and Greece, to develop, enhance, audit and maintain their GDPR program.
GDPR Compliance Audit
In CDMA Services LTD, we have developed an efficient, cost effective and independent GDPR Audit methodology to determine the level of compliance of your GDPR program. How does it work:
Initial Meeting: We work closely with the organization to understand its objectives and clearly define the GDPR Audit scope.
Pre-Audit Information Gathering: Request and review all GDPR related policies and procedures, organizational diagrams and any other information security and confidentiality documents.
Audit Planning: Plan the Audit Fieldwork according to the organization’s business schedule, working hours and focus on areas identified in previous steps.
Audit Fieldwork: This phase includes among others, desk-site interviews with employees, evaluation of technical controls on customer’s premises, observation of procedures and data flows etc.
GDPR Gap Analysis Report: A detailed report is provided to customer, containing any GDPR compliance gaps identified by risk severity and accompanied by recommendations on how to implement or improve controls and procedures to minimize risk.
Follow-Up Review: Aligned to the findings of the report, a review can be conducted by our company, after all or some of the suggested recommendations have been completed by the organization
CDMA Services LTD also provides GPDR consultation services in your organization’s GDPR services. This service might include specific data protection and security services according to your organization’s needs. Some examples include
Preparation of GDPR rollout strategy
GDPR or Security awareness trainings
Data Protection Impact Assessment(DPIA) implementation for specific projects
Drafting of Privacy Notices, Cookie Policies, Consent forms etc.
Consultancy on data protection and security issues or data breaches (incident handling)
Technical consultation or technical controls implementation
In addition, our team can assist your organisation with identifying any gaps and providing you with the implementation of the necessary policies and procedures in order for you to become fully GDPR compliant. Our GDPR Implementation services include: