I highly recommend organizations to periodically have a GDPR and Risk scan. These Quick Scans will tell you currently where you are (IST) and, if you do them periodically, you’ll have something to compare new results to, and know what you still need to do to achieve compliance or another goal. By regularly conducting scans you’ll get extra information and will be able to see trends in your organization which can help better prepare you for what's coming.
Scans: a two-step approach
Scans like the one I offer through my company CPRM, offer a two-step approach.
In the first step we analyze what you’ve have done so far (any previous scans, incident reporting, data breach reporting, etc). In short: analyze everything up until today.
In the second step we look at the future. Not in a psychic kind of way (no offense to psychics out there) but we use trends in your sector for instance. Currently a lot of energy firms are being systematically hacked and targeted by hackers. That’s a risk obviously. Not just for the energy company but for everyone who is dependent on energy for their organization. We use the PESTLE method to determine possible risks (PESTLE – Political, Environmental, Social, Technological, Legal and Environmental). There are more models and assessments that help us look in the future to get this information and then to readily prepare for it with mitigation, contingency plans, and so on.
You need both steps in order to have the clear picture. I recommend having scans yearly.
What does the GDPR say about (Quick) Scans?
Article 32 of the GDPR says in short that you must ensure a level of security appropriate to the risk. But how do you know what is appropriate and how do you know what risks you have. Well, there's your answer on 'why do you need a scan'.
What’s in CPRM’s GDPR Quick Scan?
What’s in CPRM’s a Risk Quick Scan?
What if I want both?
If you want both scans you’ll receive an extensive scan and report.
Contact me for more information or to get a quote
Please contact me via the contactform.
Dutch readers can click here