The second level of service is to provide a GDPR STUDY IN THE SUBJECT.
For efficient and effective safety and risk management with respect to GDPR it is necessary to make the start DRP GDPR (Detailed analysis of the problems and associated risks GDPR the subject).
The issue GDPR is relatively broad range mainly because areas that are associated with it directly or indirectly linked. Therefore, for solving GDPR essential to complex. This complexity requires a wide range of information that must be first obtained, analyzed and evaluated.
Basic identification of GDPR scope in subject
In order to properly define the scope, implications, demands and budget services DRP GDPR is necessary to first obtain and evaluate some key data on the subject. Therefore, first implemented partial service Identification extent GDPR the subject .
In the course of gathering information will be available to our specialists for the area: LAW, IT, processes, security and management to assist in the incorporation of workers subject and filled potřených information into prepared templates.
Following verification of the information obtained, including consultations with representatives of our specialists subject will be a final report. This final report is used among other things as an input for the next service DRP GDPR .
Detailed analysis of GDPR issues and associated risks in the subject
Service DRP GDPR constitutes a service within which globally across the entire organization will be carried out a detailed analysis of the risks and opportunities arising directly or indirectly from GDPR. The service will require cooperation and detailed information from the entity concerned.
The service is based on the performance analysis of the subject , ie. The core and follow-up business, environment, processes, legislation, resources and above all of the information used for its activities. Such information will be collected and how the data collection run.
The service ensures systematic analysis of individual areas and away from the bottom up. This will ensure that no part where there is a treatment or just passing through OU , will not be forgotten .
For realization of activity analysis, detailed evaluation, create a list of risks and other related activities will be available to our experts for areas: IT, process, safety, business and LAW . The team at the beginning prepare a template for gathering information, and will oversee and methodically helping to gather information which will be fully coordinated by the team on the subject. The quality of outputs and services execution time is directly dependent on the complexity and completeness of the information at the time that body for the actual implementation of the analysis provided. An important aspect influencing the above quality and duration of implementation is the involvement of partners and service providers, technology or the environment, who are in the process OU primarily or only marginally participate.
Final materials created under the subject provided information that has been processed and evaluated by experts in carrying through the service, they will describe the condition in which the subject is in terms of risks and opportunities arising directly or indirectly from GDPR.
This condition can be greatly affected by the quality and completeness of the information provided by the entity and its synergies in processing. Materials and resulting conclusions will be indebted to the time when it was their creation. Given the fact that the added every day new risks should be borne in mind that the question of the treatment of risk is a never ending process.