The first step is to recognise that something needs to be done, this shouldn’t be ignored and should be done as soon as possible.
The next step is to assess your current situation to establish how compliant you are and what to do next – “Where are we now? “And where do we need to be?”
Once you know where you need to be, you can make a considered decision and include GDPR compliance requirements into your overall risk and compliance framework.
Your approach to auditing should provide a measure of two key factors: Risk and Readiness.
The steps towards compliance depend on your circumstances, so there is no fixed template which will suit all organisations. Variations in size, activity and operations mean that each organisation will have a unique risk profile that can vary considerably.
Understand YOUR risk and get an expert view of YOUR readiness for the GDPR – >> Book your Risk and Readiness Review
This FAQ is in these categories: GDPR