This website uses cookies. View our cookie policy
United Kingdom
Select regional store:

Data protection consultancy

IT Governance’s data protection consultancy can help you meet the requirements of the UK Data Protection Act (DPA) and prepare for the requirements of the EU General Data Protection Regulation (GDPR).

Our specialist data protection consultancy team can provide you with the necessary expertise to implement a total data protection programme that meets your compliance requirements. We can also undertake an initial gap analysis of your current compliance regime if you are just getting started with a data protection programme.

Call us now on +44 (0)845 070 1750 or email us to find out more about our data protection consultancy offerings.


Our data protection consultancy services will enable you to achieve your GDPR and DPA compliance goals

  • Meet regulatory obligations by protecting your organisation’s personal data

    The data protection landscape in Europe is being overhauled with the introduction of the GDPR, which will be enforced from 25 May 2018. Organisations will need to review and update their operational, administrative and technical measures in order to adequately prepare for the Regulation.

    During the transition period, the requirements of the DPA will remain valid.

    We can help your organisation achieve its privacy goals and compliance obligations against this complex and evolving regulatory backdrop.


  • Gain not only legal expertise, but technical and cyber security support

    Data protection is no longer the domain of legal experts alone. Although the necessary legal and regulatory knowledge is crucial to ensure compliance, adequate data protection measures extend to the technical controls that organisations must apply to avoid data breaches.

    Principle 7 of the DPA requires organisations to apply appropriate technical and organisational security to protect personal data from loss or damage. The GDPR also introduces significant technical and operational requirements that must be implemented to achieve full compliance.


  • Encompass ISO 27001, PIMS and data protection

    ISO 27001 is the international standard for information security, encompassing personal data security and cyber security. ISO 27001 requires companies to implement appropriate measures as part of a holistic approach to information security that encompasses people, processes and technology.

    By implementing an ISO 27001-compliant information security management system (ISMS), organisations will be well placed to avoid potential data breaches resulting from inadequate information security practices.

    Organisations can also demonstrate compliance by implementing an appropriate personal information management system (PIMS). BS 10012 is the British standard that specifies the requirements for a PIMS, which will help organisations comply with the DPA.


  • Provide evidence of your compliance

    The GDPR encourages the adoption of certification schemes as a means to demonstrate compliance. Getting certified to ISO 27001 can help organisations to achieve their compliance objectives and protect their organisations.

    IT Governance has a solid track record of helping companies achieve ISO 27001 certification and compliance with BS 10012.


  • Gain data breach incident response planning and advice

    Reporting on damaging data breaches will become mandatory under the GDPR. Avoid potential costly fines and the associated publicity that can result from data breaches by benefiting from the right advice, delivered by experienced professionals.


Our data protection consultancy services

IT Governance offers the following services to help you meet your data protection objectives:

  • GDPR Gap Analysis

    Our experienced data protection consultants can assess the exact standing of your current legal situation, security practices and operating procedures in relation to the DPA or the GDPR. Read more >>

  • GDPR data flow audit

    Data mapping involves plotting out all of an organisations’ data flows, drawing up an extensive inventory of the data to understand where the data flows from, within and to. This type of analysis is a key requirement of the GDPR. Read more >>

  • Implementing a PIMS

    Establishing a PIMS as part of your overall business management system will ensure that data protection management is placed within a robust framework, which will be looked upon favourably by the regulator when it comes to DPA compliance. Read more >>

  • Implementing an ISMS compliant with ISO 27001

    We offer flexible and cost-effective consultancy packages, and a comprehensive range of bespoke ISO 27001 consultancy services, that will help you implement an ISO 27001-compliant ISMS quickly and without hassle, no matter where your business is located. Read more >>

  • Cyber health check

    The three-phase Cyber Health Check combines on-site consultancy and audit with remote vulnerability assessments to assess your cyber risk exposure. Read more >>

  • Incident response planning

    With an effective incident response plan, you will be able to detect incidents at an earlier stage and develop an effective defence against the attack. Read more >>

  • Technical testing

    Our bespoke penetration tests deliver cost-effective and practical solutions that will help you meet your legal, regulatory and contractual requirements, and eliminate potential vulnerabilities from your networks and applications. Read more >>


How we can help you

IT Governance has broad and deep experience in all aspects of data protection, privacy and the protection of personal data.

Just as we helped Bell achieve DPA compliance on time and within budget, we can help you, whatever your needs.


Contact us today to get your data protection compliance programme on track.


Email us or call us on 0845 070 1750 to talk about how we can help you achieve data protection compliance quickly and painlessly.