With the General Data Protection Regulation (GDPR) coming into force on 25th May 2018, organisations must act to ensure they are compliant. By now most organisations have an understanding of what the act means to their business and have appointed a Data Protection Officer (DPO), but what are the next steps?
For most organisations the next step is to conduct a more in-depth analysis of their processes and systems, and map this against the ICO recommendations to create a GAP analysis. A GAP analysis is the simplest way of understanding what is going to be required for compliance with the new regulation and the areas that your organisation will need to focus on first. By conducting a GAP analysis, you will avoid spending time on areas that are already compliant and ensure future investment is in place in the areas needed to meet the goals set out by the ICO.