GDPR Gap Analysis

Identifying and mitigating risks

What is a Data Privacy Gap Analysis?

A Data Privacy Gap Analysis by Avilius will identify the strengths and weaknesses in your current Data Privacy program. It will take a deep-dive into your current practices, establish whether there are any gaps between your current state and desired future state that require improvement, and set out a clear Roadmap to achieving ongoing compliance. By following the recommendations set out in the Roadmap, your organisation will enhance its Data Privacy program by minimising risk.

We will look at whether your organisation has:

  • a clear understanding of how personal data processing takes place in your organisation

  • effective governance in place to ensure that there is accountability and responsibility for data privacy

  • the right policies and procedures in place

  • if and how your organisation monitors and reports on your Data Privacy program

  • how your organisation manages any risks related to Data Privacy

  • determine roles and responsibilities for Data Privacy in your organisation

  • identify if your organisation has any gaps in its Data Privacy training

  • determine whether your organisation require a Data Privacy Officer.

Why do I need a Data Privacy Gap Analysis?

Many organisations have taken steps on their GDPR compliance journey but may not have seen it through for a number of reasons perhaps due to a lack of staff time or knowledge; issues that are perceived to be more important or pressing or simply because as it is now several years since the GDPR has come into force that there is less media attention around it. However due to the obligations under the GDPR, it is important that you continue with this journey to ensure that your organisation remains compliant and can demonstrate that it is doing its utmost to safeguard any personal data that it is the custodian of.

Any failure to comply with the GDPR can lead to large financial penalties of up to EUR 10 million, or 2% of your organisation’s global turnover (whichever is greater). This is enforced by the UK’s Information Commissioner’s Office (ICO) and/or a European Union regulator. The obligation to comply with the GDPR places any obligation on all organisations no matter where in the World they are based if they store, process or analyse the personal data of UK and EU residents.

Benefits of having a Data Privacy Gap Analysis

There are numerous benefits in having a Data Privacy Gap Analysis, these include:

  • understanding where your data resides within your organisation and how it is processed

  • shining a light on any areas of non-compliance

  • bringing Data Privacy to the forefront of your organisation’s consciousness

  • having an action-plan to help your organisation close any gaps.

How can Avilius help?

We are experts in Data Privacy and information security and can undertake a Data Privacy Gap Analysis for your organisation. Please contact us to find out more.