GDPR Helpline

GDPR Questions? Call Us

If you need HELP, SUPPORT or just have a GDPR question please call +44 (0) 208 133 2545 or email us at contact@gdpr.institute.

Alternatively please visit our contact page

FREE GDPR Helpline

Call +44 (0) 208 133 2545

BLMS Consulting

Partners 11The BLMS GDPR Readiness Assessment will explore how data is obtained, stored, protected, and processed, how the data subject is serviced, and the company’s data protection governance policies and practices. It will cover Operational Framework and Processes, People and Behaviours, Legal Framework & Processes, and Governance and Oversight.

It is available in 3 options - Basic, Intermediate, and Extended.

When selecting which option to use, the client should take into consideration:

  • the depth of analysis they require
  • the scale and complexity of the firm (for example, number of locations)
  • and the sensitivity of the personal data the firm holds and processes

The following sets out the details of the Basic, Intermediate and Extended options. All prices are shown exclusive of VAT and expenses

Expenses will be estimated in advance and a maximum figure agreed before work commences.

GDPR Readiness Assessment Service Summary

BLMS Consulting


Partner Contact Request:

Partner of Interest:*
Your Name:*

Business Name:*

E-mail:*
Phone Number:*
Message:

GDPR Readiness Assessment Offering - Basic

Recommended for companies who:

  • companies who want to gain an initial assessment of the main implications of GDPR
  • B2B companies who hold data about their staff and about other companies they deal with (suppliers and customers)
  • smaller companies with less complex organisations who occupy one office location

What we will do

  • Initial scoping and planning meeting (remote/phone)
  • Review key policy documentation and questionnaire return
  • One 1-day site visit to conduct interviews with relevant members of staff and carry out visual inspection of common data handling procedures (including paper based)
  • Document main compliance implications of GDPR for the client
  • Review findings and actions with client (either remote or half day site visit)

What the client must do

  • Contribute to scoping meeting and agree scope, including identifying the breadth of personal/sensitive data held.
  • Nominate an appropriate key contact person who will complete the questionnaire and coordinate arrangements for site visit
  • Identify 2 appropriate people for on-site interviews
  • Timetable interviews and ensure staff commit the specific times
  • Ensure staff commit to be open and collaborative
  • Complete questionnaire
  • Provide org structure and key policy documents
  • Attend a closing meeting to discuss and agree findings

What we deliver for you

  • Report showing main compliance issues
  • Management summary that defines the GDPR defensible position, covering summary of gap analysis and highlighting most important and urgent action points

 


 

GDPR Readiness Assessment Offering - Intermediate

Recommended for:

  • companies who want a more detailed assessment of their GDPR position
  • B2C companies who hold data about their staff and whose customers are identifiable individuals
  • SME companies with slightly more complex organisation structure, or who operate from multiple locations (eg Head Office and Area Offices, or branches)

What we will do

  • Initial scoping and planning meeting (remote/phone)
  • Review policy documentation and key data handling procedures
  • Two one-day site visits to conduct interviews with relevant members of staff and carry out visual inspection of processes that involve handling, storing and processing of personal data (including paper based)
  • Document findings and compliance implications of GDPR for the client, along with risk scores (probability and damage assessment)
  • Review findings and action with client (half day site visit)

What the client must do

  • Contribute to scoping meeting and agree scope, including identifying the breadth of personal/sensitive data held.
  • Identify all appropriate people for interview
  • Timetable interviews and ensure staff commit the specific times
  • Ensure staff commit to be open and collaborative
  • Complete questionnaire
  • Provide org structure, policy and procedure documentation, and other evidence as requested
  • Attend a closing meeting to discuss/agree findings/plan etc

What we deliver for you

  • Report showing compliance issues with risk-based prioritisation scores
  • Management summary that defines the GDPR defensible position, covering summary of gap analysis and highlighting most important and urgent action points
  • List of recommended actions, prioritised where appropriate/possible

 


 

GDPR Readiness Assessment Offering - Extended

Recommended for:

  • companies who want a more detailed assessment of their GDPR position and advice about prioritising action plans
  • B2C companies who hold data about their staff and whose customers are identifiable individuals
  • larger SME companies with more complex organisation structures, or who operate from multiple locations (eg Head Office and Area Offices, or branches)

What we will do

  • Initial scoping and planning meeting (on site)
  • Review policy documentation and data handling procedures
  • Four 1-day site visits to conduct interviews with relevant members of staff and carry out visual inspection of processes that involve handling, storing and processing of personal data (including paper based)
  • Document findings and compliance implications of GDPR for the client, along with risk scores (probability and damage assessment)
  • Recommend prioritised set of actions
  • Review findings and actions with client (half day site visit)

What the client must do

  • Contribute to scoping meeting and agree scope, including identifying the breadth of personal/sensitive data held.
  • Identify all appropriate people for interview
  • Timetable interviews and ensure staff commit the specific times
  • Ensure staff commit to be open and collaborative
  • Complete questionnaire
  • Provide org structure, policy and procedure documentation, and other evidence as requested
  • Attend a closing meeting to discuss/agree findings/plan etc

What we deliver for you

  • Report showing compliance issues with risk-based prioritisation scores
  • Management summary that defines the GDPR defensible position, covering summary of gap analysis and highlighting most important and urgent action points
  • Prioritised list of recommended actions