Skip to main content

GDPR Assessments for Controllers and Processors

Serious About Security

Centris offers GDPR gap assessments for organizations all throughout North America seeking assistance with what’s arguably the most demanding and comprehensive data privacy regulation in the world. GDPR compliance for U.S. companies has hit our shores, so it's time to get serious about data privacy and security. Centris can assist.

Centris’ GDPR gap assessment services provide controllers and processors with a crystal-clear look into their operations and the supporting internal controls needed for ensuring GDPR compliance is met. Centris’ GDPR gap assessments consists of the following measures:

 

(1) Defining Scoping Considerations:

The GDPR is a massive piece of legislation with many moving parts (https://gdpr-info.eu/, 11 Chapters and 99 articles), so it’s important that controllers and processors know what they’re up against in terms of compliance, which ultimately begins with assessing scope. Questions that we get answers to during this process include the following:

  • What types of personal data for data subjects are being stored, processed, and transmitted?
  • What third-parties are also considered in scope for the GDPR, why, and do they have proper controls in place?
  • What internal and external personnel will be involved in working with Centris during and after the GDPR gap assessment activities?
 

(2) Assessing Data Privacy Requirements & Gaps:

The operational aspects of GDPR compliance are far-reaching indeed as controllers and processors need to ensure that various H.R., legal, privacy, and other prescriptive requirements are met for compliance. For example, do you have privacy policies, procedures, and processes in place for correcting and erasing personal data. Additionally, do you have well-documented incident response initiatives for responding to incidents and possible breaches? These are just a few examples of the depth of Centris’ activities during a GDPR gap assessment.

 

(3) Assessing Information Security Requirements & Gaps:

Per Article 32, “…the controller and the processor shall implement appropriate technical and organizational measures…”. Centris will do a deep dive into your information security policies, procedures, and processes, determining what framework – if any – you have in place, and what areas within the broader application of InfoSec will require remediation for the GDPR.

CENTRIS

Leaders in Security & Regulatory Compliance

Risk Strategies & Methodologies
Risk management planning reduces exposure to a wide-range of issues that could have detrimental effects on a business. Not knowing, planning, or responding to risks and related issues can leave an organization with few options in combating risks when they actually surface.
Strategic Planning & Integration
Every organization is moving towards a digitized business model, so isn’t it time to strategize on some of the most critically important elements for your business?
Regulatory Compliance Experts
Build scalable, adaptable, and efficient compliance solutions for increased organizational efficiency, while also improving core InfoSec, cybersecurity, operational and data privacy controls and best practices.

The Importance of GDPR Compliance for U.S. Businesses


As a U.S. business, do you store, process and/or transmit personal data for data subjects that reside in the European Union (EU)? An answer of yes, or even a slight hint or acknowledgement that your business may in fact support such activities relating to personal data of EU data subjects will ultimately require some form of compliance with the GDPR.

Businesses of all types, industries, and sizes throughout the globe – and especially in the U.S. – are operating across borders, providing essential services and solutions to various countries. With globalization increasing, the demand for ensuring the safety and security of consumer data – and other supporting information – has now become a primary concern for all, and understandably so.

 

(4) Assessing Documentation Requirements & Gaps:

Policies and procedures are a heavy mandate for the GDPR, much like many of today’s regulations, and once again, controllers and processors are struggling immensely with such requirements. Centris can quickly identify what gaps and deficiencies exist within your documentation, providing expert guidance on remediation.

 

(5) Remediation Activities:

With Centris, our years of data privacy expertise allows us to offer comprehensive remediation services & solutions to your organization. From helping establish tighter information security controls to developing robust policies and procedures – and more - we offer a full menu of GDPR remediation services. Additionally, we can also develop a continuous monitoring program for ensuring your stay compliant with the GDPR requirements.

With Centris, we offer a wide range of data privacy, cybersecurity, and regulatory compliance solutions and services, including assessments & programsdata governancedata mappingPIADPIAGDPR assessments, CCPA/CPRA assessments, international international privacy assessments, U.S. state privacy assessments, EU Cloud Code of Conduct, Microsoft SSPA/DPR, along with data privacy programs.

"Today’s headlines are saturated with catastrophic scenarios of what will happen if organizations fail to comply with the European Union’s (EU) Global Data Protection Regulation (GDPR)"
- Gartner

Why Centris for GDPR Gap Assessments?

  • Proven methodology that’s quick, comprehensive – and with fixed-fee pricing.
  • Experts at remediating GDPR gaps and documentation deficiencies.
  • Experience in working with all industries and sectors relating to GDPR.

Additional Related Services


    Protect Your Digital Systems & Ensure Compliance at All Levels

    From robust security and compliance solutions to risk analysis and corporate strategy - partner with CENTRIS for enterprise resilience.