Skip to Main Content
Learn for less: Save 10% on high-quality foundation and auditor training. Find out more
GDPR Gap Analysis

GDPR Gap Analysis

SKU: 4836
Format: Consultancy

The GDPR Gap Analysis service assesses the extent of your organisation’s compliance with the GDPR and the DPA 2018 using our unique GDPR RADAR™ methodology, developed by our sister company DQM GRC™.

GDPR RADAR™ helps identify and prioritise the areas that you should address based on the same criteria used in an ICO (Information Commissioner’s Office) audit, providing you with a radar chart pinpointing areas for improvement in nine key compliance areas.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service centre team on +44 (0)333 800 7000.

 COVID-19: remote delivery options

We would like to reassure our clients that all training and consultancy services will go ahead as scheduled during the ongoing COVID-19 situation. As a company that fully embraces flexible and remote working, we are adjusting our delivery methods to allow us to provide consultancy services, penetration tests and training remotely where necessary. Please also refer to COVID-19 policy.

For more information about this service or to get a tailored quote for your organisation, please enquire below and one of our experts will be in touch shortly.Enquire about this service

Understand your GDPR compliance requirements

Our data protection consultants will assess your organisation’s privacy management and data protection practices through an on-site review of the following areas:

  1. Governance – the extent to which data protection accountability, responsibility, policies and procedures, performance measurement controls, and reporting mechanisms to monitor compliance are in place and operating throughout your organisation.
  2. Risk management – your organisation’s arrangements for privacy risk management, the extent to which information-specific risks are incorporated into corporate risk management, and the extent to which risks to the rights and freedoms of data subjects are addressed.
  3. Privacy by design – the extent to which data protection by design has been incorporated into the development of your systems, services, products and/or processes.
  4. DPO (data protection officer) – whether your organisation is required to appoint a DPO, whether one has been appointed and, if so, whether they meet the Regulation’s requirements.
  5. Roles and responsibilities – the extent to which your organisation has defined and established appropriate roles and responsibilities, and delivered appropriate training and awareness.
  6. Scope of compliance – whether your organisation has clearly defined the scope of its GDPR compliance, taking account of all data processing in which it has a part, whether as data controller or processor, as well as any data sharing.
  7. PIMS (personal information management system) – whether your organisation has implemented a PIMS that documents its GDPR/DPA 2018 compliance, and addresses staff training and awareness.
  8. ISMS (information security management system) – whether your organisation has implemented an ISMS to meet the GDPR’s requirements for “appropriate technical and organisational measures” in order to ensure the security of the personal data it processes.
  9. Rights of data subjects – the processes your organisation has implemented to facilitate and respond to data subjects exercising their rights under the GDPR/DPA 2018.

 Download case study

What to expect

A GDPR specialist will interview key managers and perform an analysis of your existing data protection and privacy arrangements and documentation.

Following this, you will receive a gap analysis report of the findings. The report outlines the areas of compliance and improvement, providing further recommendations for the proposed GDPR compliance project.

Please click on each image for a closer look:

Free brochure download: GDPR Q4 Report 2019
Free brochure download: GDPR Q4 Report 2019
Free brochure download: GDPR Q4 Report 2019

 Download sample report 


If your business is located outside mainland UK (England, Scotland and Wales), additional expenses will be charged to accommodate our consultant’s travel for the on-site assessment.

See requirements for payment of purchases online by purchase order

Download the service description for more information

Why IT Governance?

Why choose us?

  • We have an in-depth understanding of the GDPR and DPA 2018 requirements and how they should be met.
  • We are specialists in the fields of data protection and cyber security. Our solutions include guidance on avoiding data breaches through cyber attacks and other data privacy risks.
  • Our transparent proposals are fixed price so that you won’t get any surprises.
  • We’re independent of vendors and certification bodies and encourage our clients to select the best fit for their needs and objectives.
  • We can supply best-practice solutions for GDPR compliance, from understanding your position and developing a remediation roadmap to implementing a data protection solution that suits your business objectives and budget.
  • Our one-stop-shop provides a broad range of data privacy solutions, from documentation toolkits to books, e-learning courses, classroom training courses and software.
  • You will have access to a dedicated account manager throughout the project.

Customer Reviews

(5.00)stars out of 5
Number of reviews: 4
1. on 04/02/2022, said:
5 stars out of 5
Required as part of a wider bespoke GDPR Consultancy Package - straightforward and helpful engagement throughout and recommended as a standalone solution or part of wider project needs - does what it says on the tin - Thank you
2. on 22/11/2021, said:
5 stars out of 5
My Company wanted support in reviewing our GDPR Compliance and identifying starting points for any changes needed. I was supported by Kevin Downs from the Sales Team in selecting IT Governance/DQM GRC GDPR Gap Analysis service for the Group and this service turned out to be absolutely the right solution for us. Ably delivered by Martin Fletcher whose knowledge of the subject and his willingness to adapt to fit into a schedule that suited our business needs was very welcome indeed. The service completely met with expectations and the whole process from start to finish was very helpful indeed. This is a worthwhile solution that is wholeheartedly recommended.
3. on 16/07/2021, said:
5 stars out of 5
As always, I'm delighted from the level of professionalism provided by across all their services offerings - the GAP Analysis covered everything with great level of clarity both on technical and legal aspects of the exercise.
Showing comments 1-3 of 3
This website uses cookies. View our cookie policy
SAVE 10%