GDPR compliance
Trainings
The update of acts related to the personal data protection has driven a plenty of changes for entrepreneurs in whole Europe Union. Nowadays, entrepreneurs are obligated to correctly collect and process personal data.
GRC Advisory offer a range of services that will help to ensure compliance with GDPR requirements:
- Training regarding GDPR requirements (also including legal aspects)
- Dedicated workshops for the IT team in the field of personal data protection and GDPR requirements
- Workshops to determine required activities and to develop a schedule for their implementation
Audit of GDPR compliance
Audit helps you to determine to what extent implemented processes related to personal data protection meet the requirements imposed by GDPR act. Audit allows you to obtain external, independent view on vulnerabilities and possible threats associated with them. Proposed and implemented remedial processes will improve the security of stored personal data.
Audit:
- Indicates vulnerabilities and potential threats
- Proposes and implements remedial processes
- Creates detailed schedule (roadmap) in accordance with the strategic plan of enterprise
Support
In many enterprises, implementation of changes related to new regulations brings about the need to reconstruct or introduce from scratch appropriate solutions in IT systems. GRC Advisory offers dedicated solutions which can be adapted to the company’s organizational structure to support on-going compliance.
For SAP system environments:
- Implementation of solutions for access management, risk analysis and personal data processing (SAP GRC: Access Control, Risk Management, Process Control)
- Implementation of tools for managing the personal data lifecycle: SAP Information Life Cycle Management (ILM)
- Monitoring of access to data: SAP Read Access Logging (RAL)
- Securing access to personal data (smartGRC)
All environments - RSA solutions:
- Management of personal data processing, records of processing activities (RSA Archer - Data Governance)
- Analysis of the risks associated with processing personal data (RSA Archer - Privacy Program Management)
- Management and reporting of personal data breaches (RSA Archer - Breach Management)