GDPR Consulting

Our knowledgeable data protection consultants have conducted an extensive number of GDPR Audits and Gap Assessments for our clients. The GDPR Audit / Gap Analysis would typically include:

• Submission of briefing notes and initial GDPR data capture document for the nominated representatives to complete prior to GDPR interviews;
• Undertaking GDPR interviews with key functional representatives, to establish existing processes, practices and controls in place for personal data and comparing these against the GDPR requirements, e.g. in relation to: –
  • Data Protection Principles
  • Rights of Data Subjects
  • Controller & Processor Obligations
  • Transfer of data to third countries and/or international organisations -e.g.:
• Following the GDPR Gap Analysis interviews, we will produce a summary report, presentation of findings and recommendations as well as an associated GDPR Action Plan. A summary of the GDPR Gap Analysis findings and improvement recommendations will be presented to the senior management team upon completion.

Upon completion of the GDPR Audit or Gap Analysis, Teamwork’s data protection consultants can provide ongoing support to assist your organisation, in prioritising and implementing the improvement recommendations and the creation of any associated documentation. We can also integrate our GDPR support services with other compliance or certification requirements e.g. ISO 27001, Cyber Essentials, Managed Compliance Services

Are you considering implementing a GDPR Compliance Programme alongside other certification standards such as ISO 27701 (Privacy Certification) or ISO 27001 (Information Security) for example? Do you already have certification to other ISO Standards and want to integrate GDPR or Data Protection requirements with them? Teamwork IMS GDPR consultants specialise in this combined approach, that is, implementing Integrated Management Systems.

For organisations who need to achieve two or more standards, there are significant advantages in implementing these standards in parallel rather than taking a phased approach, in particular the internal and external incremental costs can be significantly reduced. There are also significant resource economies to be achieved with projects addressing multiple standards e.g. one gap analysis, one implementation programme, less potential for duplication and more effective integration of your management systems. Maintenance of an integrated management system is also more efficient in terms of audits, management review, documentation, and continued assessment.

Teamwork ISO 27701 / GDPR consultants will conduct reviews of your current level of compliance, including current data protection and information security policies, procedures and practices within your organisation and examine their effectiveness.

Teamwork can then help your organisation to implement an ISO 27701 compliant privacy information management system ensuring the selection of adequate and proportionate data protection controls which support your organisation in the protection of the privacy of existing and potential customers, staff and any other applicable data subjects.

Since 2007, Teamwork has been instilling absolute quality into the delivery processes of a huge range of organisations, from SMEs to large corporates. Our team of data protection professionals including CISSP, PCI Security Standards Council QSA, MBCI, GDPR, IEMA, ESOS and CMIOSH qualified consultants) have developed and led UKAS accredited ISO and other standards-based service improvement programmes for private and public-sector organisations across the UK, EMEA, US and beyond, from 5 to over 20,000 people businesses.

Our knowledge and experience across a broad base of management and technical Standards makes us uniquely equipped to help organisations to develop GDPR compliance programmes and integrate with existing management systems to achieve all the associated economies and efficiencies in the system design, implementation and maintenance.

This experience, and the huge success of both the project delivery and maintenance phases of our standards-based practices, has been firmly based on two key principles: the ability of Teamwork consultants to look beyond the standard or legislation in question and identify, define and align with the real business drivers of our customers, and our innate ability to become one with our customer’s own management teams.

Our team of experienced GDPR & Data Protection consultants have helped an extensive array of organisations with their GDPR Compliance programmes as part of a standalone GDPR compliance project or alongside other ISO and information security standards such as Cyber Essentials and ISO 27001. These organisations range from SMEs to large corporates as well as public and charitable organisations. To see some of our GDPR & Data Protection clients, please visit our ‘Clients’ page.