Our experts and auditors deal with implementation of ISO norms that increase organizational security. They successfully perform audits and implement recommendations related to GDPR and IT security.
The GDPR directive imposes additional duties on business entities that process personal data and requires that changes be made to protection policy. To comply with mandatory regulations, it may be necessary to designate new structures and resources.
We assist clients to properly prepare their organizations to function in the new security environment. The zero audit stage ensures proper assessment of the degree of compliance at a given organization, defining what areas need to be worked on in order to reach full compliance.
In the scope of verifying protection of personal data, we offer:
- determination of the current legal and procedural status regarding the processing of personal data, including compliance with mandatory regulations, norms and standards
- analysis of process gaps and procedures regarding the requirements of Regulation (EU) 2016/679 of the European Parliament and EU Council of 27 April 2016 on protection of individuals with regard to the processing of personal data and the free movement of such data, repealing Directive 95/46 / EC (General Data Protection Regulation) so-called “RODO”, which will take effect starting May 25, 2018,
- preparation of a schedule of necessary actions to meet “RODO” requirements, including in the scope of IT systems in which personal data are processed,
- preparation of recommendations for processes related to the generation, processing, and storing personal data, as well as applied IT solutions,
- assessment of the functioning of a company’s control mechanisms to prevent the disclosure of personal data.
Audit reports contain recommendations for implementation.