Over 2 years have passed since the General Data Protection Regulation (GDPR) took hold of our conversations with predictions of impending doom. 18 months after its formal introduction, many people were heard to murmur… `Aye, it’s Y2K revisited!
Views were also shared on GDPR being a ‘slow burn’, similar to Cyber Security Awareness. The companies who had robust corporate risk assessments would keep it in focus, but for most with more prominent targets on the radar (i.e. Brexit), data security would stay on the back burner until something happened to get attention.
Recent government and industry surveys highlighted:
- 32% of companies have identified security breaches or attacks in the past year
- 65% of attacks were due to weaknesses in the supply chain
- Average cost of cyberattacks for UK based medium sized businesses was £184K
There is now a growing awareness that maintaining ongoing compliance for IT and data security needs to be at the forefront of management responsibilities. Before the auditors arrive, it might be wise to ensure:
- The organisation has maintained the requirements to comply with GDPR since the consultants left with all the boxes ticked
- The process to assess data security of subcontractors, suppliers and partners is in operation
- Yes… we can demonstrate ongoing compliance and respond to an incident without investing large amounts of management and admin time
This cognizance is demonstrated by an increase in companies seeking certification and accreditation for data and IT systems to ensure they have the required processes and procedures in place, just like they would with any other ISO standard.
BusinessPort are specialists in GDPR Compliance and employ Process Workflow to simplify adherence to today’s demands of complying with the latest regulations and standards.
We offer in-house or cloud-based solutions, cost effective licensing, and with over 20 years’ experience and `know-how`, we can offer support on demand!
What can the Agility System do for me?
- Minimise dependency on individual expertise and training
- Centralise and control all documentation, for use by relevant roles
- Measure and provide reporting functionality to manage activity and use
- Provide quick and effective response to incidents, audits & maintenance of certification
- Allow proof of compliance to demonstrate to clients and provide evidence to insurers