IT Governance publishes report on the implementation challenges and milestones for early adopters of the GDPR


Ely, United Kingdom, 7 July 2017 – IT Governance, the leading provider of data protection and solutions for complying with the General Data Protection Regulation (GDPR), is delighted to publish its first report on the implementation challenges and milestones for early adopters of the GDPR.

The report can be downloaded here:

IT Governance’s GDPR report is based on responses from 250 information security and data protection professionals, and focuses on the issues faced by progressive organisations that have already started working towards achieving GDPR compliance.

The report is designed to provide professionals involved in GDPR compliance projects and senior management with useful insight into how organisations are progressing with GDPR compliance, the challenges they face and the measures they are adopting.

The survey findings suggest that the main challenge in starting a GDPR compliance project is a lack of competence and expertise to implement the measures required, with most organisations increasingly relying on external support and training to fill in the gaps.

With the GDPR introducing fines of up to 4% of annual turnover or €20 million – whichever is higher – and the accountability principle, senior management and boards can no longer ignore compliance. Although, according to the report, 66% of senior management are aware of and have been briefed on the implications of the GDPR, only 35% of participants have started a GDPR compliance project, and 41.5% are still in the planning stages.

Alan Calder, the founder and chief executive officer of IT Governance, said: “Our research shows that organisations are still planning or have just started to work towards GDPR compliance. The lack of skills and resources required to help organisations achieve GDPR compliance is one of the main challenges faced by organisations, results show that professionals are struggling with conducting risk assessments, creating policies and procedures, and conducting a data protection impact assessment or a data audit.

“Given the current shortage of GDPR expertise, and findings that suggest 57% of organisations will be assigning an existing in-house employee for the role of DPO, it is essential that businesses support professional development and implement a staff awareness programme to achieve and manage GDPR compliance and prevent a data breach.”

The report also suggests that 46.4% of participants rely on training courses to assist with GDPR compliance, and a significant number of organisations rely on consultants (28.4%) and GDPR gap analysis products (32.5%) to initiate compliance with the Regulation.

Download the GDPR report here. Alternatively, organisations interested in starting a GDPR compliance project are encouraged to email or call +44 (0)845 070 1750 for more information.
This website uses cookies. View our cookie policy