The right approach to information security is vital in achieving GDPR compliance but for many organizations, it could require a major revision of their security strategy and tactics. With compliance mandatory by May 25th, 2018 there’s little time to lose.
On 25 May 2018, the new EU General Data Protection Regulation (GDPR) will come into effect. Is your organization ready to comply? GDPR builds on the existing EU Data Protection Directive but will introduce challenges in terms of data processing, security, privacy and access, and breach notification. Failure to comply could result in organizations being fined up to 20 million euros or four percent of annual global turnover – whichever is higher.
Do you have the skills in house to manage your GDPR compliance program or are you looking for best practice advice? Do you need help starting to scope the project, or require support reviewing your incident response and management processes? Our expert team can help.
To help you identify gaps in the information security measures necessary for GDPR compliance and to get your security operations and processes ready for the GDPR, Szilaghis’ consultants and GDPR practitioners can help you across four GDPR-specific streams of work.
- GDPR Maturity Assessment: an engagement that helps organizations identify the data in and out of the scope of GDPR, build data flows and understand its current state of maturity and gaps in security practice against the GDPR standards for information security and incident response practices, to produce a roadmap to compliance. Szilaghi Consulting’s GDPR assessments will give you greater clarity around the impact of GDPR compliance.
- GDPR Program Development: an engagement that is a highly tailored approach to help build appropriate measures to meet each organization’s specific requirements for compliance with the GDPR.
- Data Protection Impact Assessment: an engagement that helps manage risks to personal information. Szilaghi Consulting can help build the DPIA process, as well as help organizations undertake regular DPIAs when new projects, services or third parties come into the scope of the GDPR.
- GDPR Program Assurance: an engagement that is key to testing, operating and managing compliance from initial implementation through to ongoing assurance exercises and testing.
In addition, Szilaghi Consulting offers Monitoring, Detection and Response Solutions to support the information security and incident response aspects of the GDPR.
With you every step of the way to GDPR compliance
Organizations are at varying stages of readiness for GDPR. Wherever you are on your journey, our team’s GDPR assessments will give you greater clarity around the impact of GDPR compliance. Choose from a full range of assessments, including:
- Gap analysis of planned or implemented controls against industry standards
- Identification of relevant services focused on the technical and security aspects of GDPR
- The audit report of evidenced controls and compliance with GDPR
- Gap analysis
- PII Identification and Data Mapping
- Incident management process review
- Security Health Check and Maturity Assessment
- Third-party assessments
- Data Protection Impact Assessment (DPIA)
- Security architecture consulting
- Data protection by design
- DPO consultancy
- Policy Framework Review
Together or separately, these dedicated services, from our expert and qualified specialists, put you in the best possible position to discover how you fall in scope, assess your maturity, implement security controls and processes to patch gaps and maintain the best ongoing security posture for GDPR compliance.
Our GDPR services Benefits
- Full range of GDPR services and security assessments, depending on the progress of your compliance program
- Experienced team certified to industry-recognized qualifications
- Improve your organization’s overall operational and information security processes
- Improve security awareness – legal, IT, HR and other business functions must all be involved, with executive support