Skip to Main Content
GDPR Gap Analysis

GDPR Gap Analysis

SKU: UK4836
Format: Consultancy

The GDPR Gap Analysis Service assesses the extent of your organisation’s compliance with the GDPR (General Data Protection Regulation) and the DPA 2018 (Data Protection Act 2018), and helps identify and prioritise the areas that it should urgently address.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account. Apply online today or call our service centre team on +44 (0)333 800 7000.

 COVID-19: remote delivery options

We would like to reassure our clients that all training and consultancy services will go ahead as scheduled during the current COVID-19 situation. As a company that fully embraces flexible and remote working, we are adjusting our delivery methods to allow us to provide consultancy services, penetration tests and training remotely where necessary. Please also refer to our COVID-19 policy.

Price: £4,125.00
ex vat

Understand your GDPR compliance requirements

Our data protection consultants will assess your organisation’s privacy management and data protection practices through an on-site review of the following areas:

  1. Data protection governance – the extent to which data protection accountability, responsibility, policies and procedures, performance measurement controls, and reporting mechanisms to monitor compliance are in place and operating throughout your organisation.
  2. Risk management – your organisation’s arrangements for privacy risk management, the extent to which information-specific risks are incorporated into corporate risk management, and the extent to which risks to the rights and freedoms of data subjects are addressed.
  3. GDPR project resourcing – the extent to which your organisation has implemented an appropriately staffed, funded and supported GDPR/DPA 2018 compliance programme.
  4. DPO (data protection officer) – whether your organisation is required to appoint a DPO, whether one has been appointed and, if so, whether they meet the Regulation’s requirements.
  5. Roles and responsibilities – the extent to which your organisation has defined and established appropriate roles and responsibilities, and delivered appropriate training and awareness.
  6. Scope of compliance – whether your organisation has clearly defined the scope of its GDPR compliance, taking account of all data processing in which it has a part, whether as data controller or processor, as well as any data sharing.
  7. Personal data processes – the extent to which each of the GDPR’s data processing principles are established for each process that involves personal data, whether a lawful basis for processing has been identified and documented for each, and whether a DPIA (data protection impact assessment) is mandatory under the Regulation.
  8. PIMS (personal information management system) – whether your organisation has implemented a PIMS that documents its GDPR/DPA 2018 compliance, and addresses staff training and awareness.
  9. ISMS (information security management system) – whether your organisation has implemented an ISMS to meet the GDPR’s requirements for “appropriate technical and organisational measures” in order to ensure the security of the personal data it processes.
  10. Rights of data subjects – the processes your organisation has implemented to facilitate and respond to data subjects exercising their rights under the GDPR/DPA.

 Download case study

What to expect

A GDPR specialist will interview key managers and preform an analysis of your existing data protection and privacy arrangements and documentation.

Following this, you will receive a gap analysis report of the findings. It outlines the areas of compliance and improvement, providing further recommendations for the proposed GDPR compliance project.

 Download sample report

Speak to a GDPR expert today

If you would like more information about our GDPR Gap Analysis service or guidance on complying with the GDPR or the DPA 2018, please get in touch.

If you are not eligible for the quoted service, please contact us to discuss your requirements and we will provide a quote based on your specific needs.

Contact us
  • The price quoted applies to single-entity organisations with 21 to 500 staff and with all key personnel (senior management, HR managers, compliance, IT, sales, marketing and procurement) based at a single site.
  • If your business is located outside mainland UK (England, Scotland and Wales), additional expenses will be charged to accommodate our consultant’s travel for the on-site assessment.

See requirements for payment of purchases online by purchase order

Download the service description for more information

Why IT Governance?

Why choose us?

  • We have an in-depth understanding of the GDPR and DPA's requirements and how they should be met.
  • We provide a complete compliance support service to help organisations comply with the GDPR and DPA, including:
    • Data flow audit
    • Gap analysis
    • DPIAs (data protection impact assessments)
  • Our specialist team has extensive data protection and information security management project expertise, both in the UK and overseas.
  • Our transparent proposals are fixed price, so you won’t get any unexpected surprises. 

Customer Reviews

This website uses cookies. View our cookie policy
WIN £100